November 23, 2022
Kannan Subbiah
FCA | CISA | CGEIT | CCISO | GRC Consulting | Independent Director | Enterprise & Solution Architecture | Former Sr. VP & CTO of MF Utilities | BU Soft Tech | itTrident
Enterprises often move to multicloud on purpose, but way more often multicloud just happens as enterprises strive to find and leverage best-of-breed cloud services with no plan for what to do with those services after deployment. This leads to too much cost and not enough return of value to the business. Old story. This cloud complexity problem can be solved through the strategic use of technology and better approaches to manage the complexity. Most important is reducing redundancy by using a common layer of technology above the public cloud providers as well as above any legacy or edge-based systems. This layer includes common services, such as a single security system, a single data management system, finops, a single cloud operations system, etc. We’re not attempting to solve every problem within the “walled garden” of each public cloud provider; this technology should exist within a common layer, aka supercloud or metacloud.?This strategic cloud trend not only solves the complexity problems by leveraging common services and a common control plane, it also helps get cloud costs under control through a common finops layer that handles cost monitoring, cost governance, and cloud cost optimization.
The first step is determining what is critical to protect. Unlike accounting assets (e.g., servers, laptops, etc.), in cybersecurity terms this would include things that are typically of broader business value. Often the quickest path is to talk with the leads for different departments. You need to understand what data is critical to the functioning of each group, what information they hold that would be valuable to competitors and what information disclosures would hurt customer relationships. Also assess whether each department handles trade secrets, or holds patents, trademarks, and copyrights. Finally, assess who handles personally identifiable information (PII) and whether the group and its data are subject to regulatory requirements such as GDPR, PCI DSS, CCPA, Sarbanes Oxley, etc. When making these assessments, keep three factors in mind: what needs to be safe and can’t be stolen, what must remain accessible for continued function of a given department or the organization, and what data/information must be reliable (i.e., that which can’t be altered without your knowledge) for people to do their jobs.
The process of data virtualization is quite simple. Data is accessed in its original form and source. Unlike typical “extract, transform, and load” (ETL) processes, virtualization doesn’t require data to be moved to a data warehouse or data lake first. Data is aggregated in a single location, known as a virtual data layer. Using this layer, enterprises can develop simple, holistic, and customizable views (also known as dashboards) for accessing and making sense of data. Using these tools, users can also pull real-time reports, manipulate data, and perform advanced data processes such as predictive maintenance. Data is easily accessible via dashboards from anywhere. ... While data is critical to the decision-making process, not just any data will do. The data used must be accurate, up-to-date, and logical. It must also be displayed in a way that all stakeholders can understand, whether a user is a data scientist or a C-level executive. Data virtualization enables stakeholders to access the specific data they need when they need it. Because data isn’t just a replication from any given time, all data is accurate to the minute.?
领英推荐
LockBit operators posted screenshots showing files of different departments and other data as a proof for their claim, but Information Security Media Group was unable to immediately contact the municipality and confirm the authenticity of the documents. The attack comes on the heels of a new National Cyber Threat Assessment 2023-2024 by the Canadian Center for Cyber Security. The report, which says ransomware is "the most disruptive form of cybercrime facing Canadians," adds that ransomware benefits significantly from the specialized cybercrime economy and the growing availability of stolen information. "So long as ransomware remains profitable, we will almost certainly continue to see cybercriminals deploying it," the report says. The city of Westmount's official website was not affected by the attack, and the municipality says any updates on the recovery will be communicated on the site. The mayor assured residents that data security is its "top priority" and so "is the protection of our residents' and employees' information."
Most early networking technologies were wired: Connection required cables that physically linked your device to the network. Network bandwidth — the amount of data that can be conveyed in a period of time — for 10BASE-T Ethernet connections, one of the most widely used standards established in the late 1980s and early 1990s, allowed for as much as 10 Megabits of data per second. In contemporary times, wired networks support connections of 1,000 Megabits of data per second (1000BASE-T or 1 Gigabit) or even 10 Gigabits of data per second (10GBASE-T) for modern Ethernet connections. Wireless and cellular networking, which eliminated the need for a cable to each device, was a significant shift for IIoT. Standardized in 1999, 802.11b was one of the first standards supported in products from many manufacturers and was a predecessor to the Wi-Fi 6E standard established in 2020. Modern Wi-Fi devices not only offer speeds anywhere from 50 to 800 times as fast as earlier equipment, but the devices may also perform reliably in much more dense radio environments than their predecessors.
Industrial IoT solutions are often implemented at Enterprises with a high proportion of machine manufacturing. For a well-funded company, it is often easier to implement the IoT ecosystem using modern equipment. But for some, it would be too expensive to replace legacy manufacturing systems. Therefore, companies often choose to adapt existing equipment and enhance it with sensors, smart devices, and gateways. However, when choosing to implement IoT technology in an enterprise equipped with old machines, the company has to ensure protocols are understandable for all the devices to connect disparate data stores, and solve all the compatibility issues. According to McKinsey, a company moving to EIoT has to solve compatibility issues for about 50% of all devices. If compatibility issues are not solved appropriately, the solution may not function as intended, or even at all. The wrong algorithm or incorrect integration can lead to hardware malfunctions and equipment damages, overheating, explosion, or system failure.?