The cyber security market in 2012 is estimated at $60 billion, yet adding
more and more layers of perimeter security may lead to a false sense of
security and be completely useless against a determined system administrator
working on the inside. The end result is that your data might be secure or it
might not – you simply have no way to prove it.
Shawn Henry, FBI veteran of 24 years and now president of CrowdStrike
Services had this to say about integrity at the Black Hat conference this
year: “These days, you can’t just protect the information from being
viewed. You also need to protect it from being changed or modified.”
This leads to the question: Would you know if an attacker or your own system
administrator got to your data?
Traditionally, the ‘integrity’ component of the CIA triad of data
security [confidentiality, integrity, availability] has focused on protec... (more)
Perhaps the only thing worse than a disaster happening is seeing it coming
and knowing nothing can be done to stop it. Businesses along the northeastern
seaboard had several days of warning before Hurricane Sandy struck, certainly
not enough time to implement a disaster recovery plan from scratch. Even more
painful is the understanding that some disaster recovery plans would not be
enough; physical backup systems in separate geographical areas may have still
suffered the same losses as the home site due to the size of the storm.
Most disasters come with no warning at all. Explosio... (more)
We are witnessing the large-scale industrialization of the data center, owned
and operated by the ICT operators who specialize in that task, with security
technologies in the hands of the end user to remove any need to trust their
The traditional "protect the perimeter" model of enterprise data security,
one where layers of security are added around enterprise data, access to
which is limited to trusted insiders, clearly has challenges in a cloud
computing model when outsiders (the folks running the cloud) have access to
all your data and can monitor everything ... (more)
‘In God we trust,’ yet the currency of the Cloud is at odds with trust.
Is it possible to trust applications that reside in a Cloud that seems so
porous? Cloud Computing Journal's Jeremy Geelan sat down with GuardTime CEO
Mike Gault, whose keyless signature technology is used to secure cloud
hosting provider Joyent, whose customers include LinkedIn, Gilt, and Twitter.
Cloud Computing Journal: What is GuardTime all about? As one of the few folks
in the Cloud space with an initmate knowledge of Estonia, having lived there
for more than three years, I know that its origins lie there.... (more)