As we discover next-generation technologies, industry trends, relevant events and local tech activity, we want to pass them along to you. In this report, we highlight interesting news about Cybersecurity, Application-level Data Encryption and other notable bytes of information; acloud.guru, Fog computing, and Blockchain.
Cybersecurity – SOC-as-a-Service
- Why is this important to you? A Security Operation Center (SOC) is the most essential element of modern security. But SOCs are expensive, complicated and far beyond the reach of most enterprises. So many folks take the easy route and invest in products, but investment in new security products is no guarantee of security. The challenges are many;
- Too Many Point Products
- Too Many Alerts
- Lack of Centralized Security Visibility
- No/Limited Security Expertise
- No Incident Response Capabilities
- Do Not Have 24/7 Coverage
- The bottom line “Are you 100% confident that you are identifying every threat?”.
- ScoutPoint solution – Arctic Wolf Networks arcticwolf.com partner.
- Arctic Wolf Networks (AWN) is a cybersecurity company specializing in managed threat detection and response.
- AWN utilizes proprietary technology to create a turnkey SOC as an extension of your existing team, giving actionable intelligence and visibility at a fraction of the cost of an in-house solution. Value is delivered every day without any upfront costs or long-term contracts.
- The AWN CyberSOC™ makes every link in the security chain stronger. Customer-dedicated Security Engineers anchor the service, act as the stewards of log data and are focused on reviewing events, identifying incidents, and eliminating false positives. The cloud-based AWN CyberSOC™ service provides the peace of mind that comes with vigilant cybersecurity.
Application-level Data Encryption
- Why is this important to you? Most likely your existing storage and backup devices provide Data-At-Rest encryption as well as Data-In-Flight encryption. Increasingly due to regulatory and compliance reasons, you are required to store your data encrypted. So far, Data-At-Rest encryption and Data-In-Flight encryption has “checked the box” and has satisfied the auditors and compliance regulations. However, there’s a big change coming…
- Have you heard of the “23 NYCRR 500” regulation? http://www.dfs.ny.gov/about/cybersecurity.htm http://www.dfs.ny.gov/legal/regulations/adoptions/dfsrf500txt.pdf This regulation was enacted by the New York State Department of Financial Services and defines cybersecurity requirements for financial service companies. It became effective on March 1, 2017, and all covered entities must submit the first certification by February 15, 2018.
- Why have I mentioned “23 NYCRR 500”, especially since it’s specific to New York State”? Well, for several very good reasons;
- You are required to meet this regulation if you operate or work within New York State.
- It is very likely that this cybersecurity regulation will eventually be adopted by other States and potentially become a Federal Government regulation.
- This is the big one… It requires Application-level encryption. In other words, Data-At-Rest encryption and Data-In-Flight encryption won’t “check” the box.
- What are you going to do when you are required to provide Application-level encryption?
- What are you going to do when your storage and backup data compression and deduplication savings vaporize?
- ScoutPoint solution – Thales/Vormetric thalesesecurity.com partner.
- Specifically, Vormetric Transparent Encryption https://www.thalesesecurity.com/products/data-encryption/vormetric-transparent-encryption.
- The Vormetric Transparent Encryption solution protects data with file and volume level data-at-rest encryption, access controls, and data access audit logging without re-engineering applications, databases or infrastructure. Deployment of the transparent file encryption software is simple, scalable and fast, with agents installed above the file system on servers or virtual machines to enforce data security and compliance policies.
- The good news is that Vormetric Transparent Encryption will address your Application-level encryption requirement.
- What about solving the storage and backup data reduction issue? There are some interesting developments in this area. If you’re interested in more detail, contact us and after you sign an NDA we can share the juicy details with you.
- A Cloud Guru – acloud.guru This is a good resource for training, especially for AWS and Docker. Thanks to my friend down in Evansville for sharing this with me.
- Fog Computing – https://en.wikipedia.org/wiki/Fog_computing A term created by Cisco that refers to extending cloud computing to the edge of an enterprise’s network. Also known as Edge Computing or fogging, fog computing facilitates the operation of compute, storage, and networking services between end devices and cloud computing data centers.
- Blockchain – If you’re interested in learning about Blockchain technology, the following is a great webinar “Introduction to Blockchain: Bitcoin, Ethereum, Ledgers, and more” via the BrightTALK platform. https://summits.brighttalk.com/webinar/introduction-to-blockchain-bitcoin-ethereum-ledgers-and-more/?utm_campaign=outlook-calendar&utm_medium=calendar&utm_source=brighttalk-embed