Dimension Data names first Aussie director of cyber security

Dimension Data has named former Ernst & Young (EY) cyber security partner, John Karabin, as its first-ever director of cyber security in Australia.

Karabin will be based in Canberra and will be responsible for defining Dimension Data Australia’s security go-to-market. DiData has also entrusted Karabin to assess the market for potential acquisitions and developing the strategy to attract, source and recruit talent to the business.

“As we execute a growth strategy based on client value, contemporary services and business models, John will play a key leadership role in this transformation,” Dimension Data Australia CEO, Steve Nola, said.

Karabin joins the global integrator and managed services provider bringing more than 25 years of experience in the industry including IT, telecommunications and cyber security.

He’s been with EY since 2015 where he led the company’s government risk information security practice in the Oceania region. Prior to his role at EY, he was managing director, security solutions, Asia-Pacific at Verizon. He has also worked for Cybertrust, Secure Network solutions and other companies.

“Clients feel they are constantly on the backfoot and most don’t know the nature of the threat, the motives behind attacks or how to best defend themselves,” Karabin said. “That’s where Dimension Data’s expertise across a broad scope of industries comes in, as it is uniquely placed to understand that not all industries or organisations face the same challenges.

In October 2017, Dimension Data announced a partnership with Deakin University to deal with the Australian cyber security skills shortfall.

The result of the partnership was Deakin’s first Bachelor of Cyber Security, which started in 2017 and expects the first 100 students to graduate in 2019. Up to 50 of these students will be given the opportunity to work at Dimension Data, Deakin, NAB or ANZ.

Read More Here

Article Credit: ARN

Go to Source

Cybersecurity Hype: Is the Industry Delivering on its Promise?

Cybersecurity Hype

Cybersecurity Hype

Every week we see more headlines in the press about new cyber-attacks and security vulnerabilities affecting millions of consumers and businesses around the world.

Massive data protection scandals such as Equifax – where 143 million individuals’ personal data were exposed in a hack that could have been prevented by a simple patch – now seem to happen on a worryingly regular basis.

Meanwhile, the cybersecurity industry seems to be sitting pretty, with business revenues in the sector growing by an estimated 11% every year. A recent report from Cybersecurity Ventures forecast that global spending on cybersecurity is expected to exceed $1 trillion between 2017 and 2021. Given the ongoing list of high-profile security breaches, is the cybersecurity industry really offering its customers value for money?

The statistics would suggest that it is not. The number of businesses falling victim to attacks rose by 21% in the US last year, and doubled in the UK in the past two years. Figures show that there were 918 data breaches compromising 1.9 billion data records in the first six months of 2017, up 164% compared to 2016.

A primary cause is the rise in mobile and smart device usage within companies, with network perimeters becoming edgeless. This, in turn, means that there are more points of vulnerability, giving attackers an increasing number of access points.

Given that networks have evolved steadily in the past few decades – from wired to wireless – many long-standing cybersecurity methods simply are not up to scratch. Firewalls and anti-virus software, for example, are purely preventative tools and have become less effective over time.

Lockheed Martin’s Kill Chain Model – on which many businesses base their cyber defenses – focuses largely on malware and intrusion but, crucially, does not take into account the detection of threats that make it past the perimeter firewall.

In a world where businesses are becoming increasingly digitalized, detecting anomalies and defending a blurred perimeter is beyond human capability. A more effective approach is based on the principles of Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK), which can deliver better value for cybersecurity customers.

This model shifts the focus from preventing attacks to detecting threats once they have broken into the network. Spotting a cyber-criminal that has already made it inside is a better allocation of resources, considering how common cyber-attacks have become.

The ATT&CK model seeks to provide a detailed analysis of attacks that have penetrated the network, and provides practical information to cybersecurity specialists on threat behavior and remediation. By sharing the information with the wider cybersecurity community via a database, analysis can boost defenses and improve the anticipation, prevention, detection, and response to cyber-attacks worldwide, not just within a single company or country.

Read More Here

Article Credit: IS

Go to Source

18 UK universities to do battle at Inter-ACE cyber security challenge

Teams from 18 universities across the UK will lock horns next month at the Inter-ACE cyber security challenge, hosted by the University of Cambridge.

cyber security challenge

cyber security challenge

Now in its third year, the competition will see over 130 students from 34 teams face more than 20 different tests of their cyber skills. The event, which takes place on March 16-17, is supported by GCHQ’s National Cyber Security Centre (NCSC) and is designed to attract the brightest young talent to the cyber security sector.

“Protecting IT and infrastructure means understanding how it can be attacked,” said Inter-ACE founder and Cambridge Professor Frank Stajano. “The head of the National Cyber Security Centre, Ciaran Martin, is absolutely right in that a major cyber-attack on the UK is a now matter of ‘when, not if’ and we must recognise that the UK faces an urgent skills shortage.”

“Inter-ACE gives future cyber security professionals the opportunity to test their skills against the best and meet others in their field and future employers. This is about engaging with the next generation of cyber security talent, and raising awareness of this vital, interesting and exciting career choice.”

Inter-ACE will simulate a number of scenarios, including working to prevent a cyber-attack on the infrastructure of a fictional city and the results of a successful tap on an undersea data cable. Competitors will develop and hone penetrative testing skills, including the binary reverse engineering of malware, breaking into a web application such as an online payment system, decoding secure communications and piecing together intercepted data.

The teams will compete for cash prizes of £10,000, with the top representatives going on to represent the UK against the US in the Cambridge2Cambridge cyber security battle.

“The Inter-ACE competition is a fantastic way to encourage bright young minds to hone their cyber knowledge further and meet like-minded people,” said Chris Ensor, deputy director for Skills and Growth at the NCSC.

Read More Here

Article Credit: The Engineer

Go to Source

Someone Just Bought $400 Million Worth of Bitcoin

Worth of Bitcoin

Worth of Bitcoin

The highest roller in Las Vegas has nothing on Bitcoin’s latest investor.

An anonymous trader has sunk $400 million—enough to buy New York State’s most expensive home twice with change left over—into the cryptocurrency, raising his or her stake from 55,000 coins to more than 96,000 between Feb. 9 and Feb. 12. And that buy-in is already paying substantial returns.

The bulk of the purchases took place on Feb. 9, with another 9,000 or so on Feb 12. And even if the buyer bought at the day’s peak, he, she, or it is looking at total gains so far of roughly $83 million.

The current value of the buyer’s portfolio currently stands at nearly $1.1 billion.

Whoever the investor was, it wasn’t his or her first time plunking down a lot of cash on Bitcoin. Their account was largely dormant before Dec. 12, when it went from holdings of 0.246 coins to 48,627 by the morning of Dec. 13. (Bitcoin, at the time, was going for about $17,000—meaning a rough investment of $827 million.)

What spurred these massive purchases, and who was the money behind it? It’s difficult to say. The buyer could have believed that the cryptocurrency would keep climbing in December, then hit its bottom earlier this month when it traded for less than $6,000. It could be a corporate investor adding crypto to its holdings. Heck, it could be a shopping spree by the Winklevoss twins. (It’s not.)

Whoever it is, they’ve got guts aplenty. Bitcoin has rebounded nicely recently, climbing 50% in the past two weeks, but one economist has called the rise of the cryptocurrency’s rate the “biggest bubble in human history” and even the co-founder of Ethereum says investors should be cautious.

Read More Here

Article Credit: Fortune

Go to Source

IBM declares it’s the ‘backbone of the world’s economy’

It’s slipped a disk, though, because services supremo admits new services plan is very much a work in progress

backbone of the world's economy

backbone of the world’s economy

IBM believes it is “the backbone of the world’s economy” and has told its services staff to hold their heads high and behave accordingly as the company rolls out new services offerings it hopes will let it dodge the implosion of outsourcing.

But the company’s plans are far from finished and staff have been told to be patient while Big Blue sorts out the details of its new offerings.

The “backbone” phrase was recently uttered by Diane Diggelmann, Big Blue’s general manager and veep in charge of services, in a start-of-year team-building video shown to staff that have been lumped together in the new “IBM Services” organisation.

Diggelmann spoke of a plan to move IBM to “global integrated delivery” – code for teams with lots of people in low-wage nations and a bare minimum of frontliners left to eyeball clients.

After lots of rah-rah stuff about new “technology-run/practitioner-directed services” and “a simplified work environment where cross functional delivery squads will have end to end accountability for the delivery of their service”, Diggelmann admitted not all of IBM’s plans have been finalized.

“I want to emphasize that Globally Integrated Delivery is a work-in-progress,” she said, calling on Big Blue’s services staff to ignore the shadow of the axe and “be more flexible than ever in the ways we work, removing barriers and ‘uniting to get it done’ in true IBM style.”

There’s some good news in the video: Diggelmann said IBM Services’ re-org is nearly done and that some time in Q1 2018 new local leadership will be announced and local strategies tabled.

 But she also told IBMers to “remain flexible and stay tuned for more updates we’ll provide as soon as we can.”

Go to Source

IBM bats for greater use of blockchain technology in governance

blockchain technology in governance

blockchain technology in governance

Tech giant IBM has advocated greater use of blockchain technology in US governance processes to help make services more secure.

According to a Business Insider report, IBM’s vice-president of blockchain technology Jerry Cuomo said during his testimony at a Congressional hearing that the US government should employ the digital ledger technology for services such as paying taxes, creating secure identities, tracking food and drug shipments, among other purposes.

“We should focus our efforts on projects that can positively impact US economic competitiveness, citizens, and businesses,” Cuomo was quoted as saying by the BlockchainCaucus, which was launched by US Congressmen to discuss the technology in the context of public policy.

According to Cuomo, it would be preferable to integrate blockchain into existing government projects and programmes rather than creating new projects based on the technology. He feels this will help catalyse adoption of blockchain and keep the US ahead of the curve in terms of implementation.

The Business Inside report also indicated that federal and state governments in the US are already working on several experimental projects based on blockchain, with some states working on implementing blockchain-based drivers licenses and identification cards.

The report further said that IBM itself was working with the Food and Drug Administration and the Centers for Disease Control and Prevention in implementing blockchain in existing and new projects.

One of the projects included looking at increasing the speed of CDC’s ability to develop new drugs.

“Developing new drugs doesn’t just take a long time because people are slow,” Cuomo was quoted as saying. “The processes are extremely paper-intensive. I see these groups taking the right first steps.”

Apart from making transactions more secure, blockchain can help reduce time and effort by eliminating the paperwork involved in new drug development and also securely storing the data.

Cuomo also said that blockchain-based new identities are more likely to take off at the federal level first.

Walmart‘s vice president of food safety, Frank Yiannas, who also testified in front of the Caucus, said that his company had partnered with IBM to develop a blockchain that will track the movement of food from farmers to consumers including distributors and retail stores in between.

Read More Here

Article Credit: TechCircle

Go to Source

If you don’t like what IBM is pitching, blame Watson: It’s generating sales ‘solutions’ now

‘Cognitive solutioning’ kicks in when you ask Big Blue to solve tricky problems

IBM is pitching

IBM is pitching

Exclusive IBM is not just telling the world it needs “cognitive” computing: the company has bet the future of its own services business on Watson-branded services.

Internal documents seen by The Register reveal the tech goliath has developed something it calls “cognitive solutioning,” to be deployed when Big Blue is asked to do a job that can’t easily be scoped from its service catalogue.

“We’ve trained Watson on our standard solutions and offerings, plus all the prior solutions IBM has designed for large enterprises,” the corporate files state. “This means we can review a client’s RFP [request for proposal] and come up with a new proposed architecture and technical solution design for a state of the art system that can run enterprise businesses at scale.” Proposed solutions will be delivered “in minutes,” it is claimed.

One document, which explains “cognitive solutioning” to IBM’s staff, says Big Blue has big plans for the Watson-fuelled service in 2018 and expects it to soon enable “real-time co-creation of solutions with clients” and do so at such speed that IBM services gains an advantage over its rivals.

A roadmap for the service calls for a “cognitive solutions designer” to be hard at work in the second half of 2018, fuelled by 10,000 knowledge base articles.

IBM is not leaving all the work to Watson: a document we’ve seen also details “strong governance processes to ensure high quality solutions are delivered globally.”

Big Blue’s explanation for cognitive, er, solutioning’s role is that it will be “greatly aiding the work of the Technical Solutions Managers” rather than replacing them.

Whatever Watson comes up with, it surely can’t be worse the human-created bad security advice that crashed Australia’s online census or IBM’s naïve decision to give its cloudy customers just a week to move on to life without TLS 1.0.

Read More Here

Article Credit: The Register

Go to Source

The 3 Biggest Mistakes Warren Buffett Made With IBM

Berkshire Hathaway has sold off the vast majority of its stake in IBM, and in hindsight, it’s fairly clear which assumptions and errors led Buffett astray on this investment.

Mistakes Warren Buffett Made

Mistakes Warren Buffett Made

Warren Buffett is waving the white flag on IBM (NYSE:IBM). After years of touting the tech titan as one of his best ideas, Buffett ditched nearly all of his stake in the company this past quarter. His holding company Berkshire Hathaway (NYSE:BRK-A) (NYSE:BRK-B) dumped 94.5% of its IBM stock, leaving it with 2.05 million shares, or about $300 million in the company. At one point, Berkshire’s stake in Big Blue topped $10 billion.

The move signals the end to an odyssey that began in 2011 when Buffett first bought shares of the IT specialist, surprising his followers as he had historically avoided tech stocks. The so-called Oracle of Omaha endorsed IBM due to its history of executing on earnings goals and called it a value play. However, IBM’s share price has actually fallen 18% since he accumulated much of his stake at the end of 2011, while the S&P 500 has more than doubled in that time, gaining 116%.

That poor result is a reminder that even the wisest of investors can make mistakes. Here are three of the biggest ones Buffett made when it came to IBM.

1. Focusing on past achievements

Buffett explained his decision to buy IBM to CNBC in 2011, saying that the company had a pattern of laying out a road map of goals every five years, and consistently knocking them down. Buffett also gave credit to previous CEOs like Lou Gerstner and Sam Palmisano. However, in focusing on the company’s track record and past management, he seemed to ignore the structural changes that were about to take place under new CEO Ginni Rometty as the company fought for position in cloud services and dumped its legacy businesses.

Back in 2011, IBM guided for EPS of $20 a share by 2015, up from $11.52 in 2010. However, that goal soon became more of an albatross than a guiding light. The promise was made by Palmisano, but was tasked to Rometty, who was named CEO in 2011. During the intervening years, IBM’s revenue growth turned negative as enterprise customers switched from traditional IT solutions — IBM’s strength — to cloud-based technologies. To try to meet the goal, Rometty aggressively bought back shares, laid off workers, and sold divisions, but it wasn’t enough, and the strategy hurt both morale and the company’s performance. IBM eventually backed away from the $20 goal at the end of 2014, and ended up reporting just $14.92 in EPS in 2015.

The lesson here seems to be that past performance does not determine the future, especially in a fast-changing industry like tech and also when a new CEO is at the helm.

2. Cheering share buybacks

Normally, investors aren’t happy to see their stocks fall, but Buffett turned this logic on its head in his 2012 shareholder letter. “We should wish for IBM’s stock price to languish throughout the five years,” he wrote, due to the company’s penchant for share buybacks. Lower stock prices make share buybacks more efficient, of course, as they allow companies to repurchase a greater amount of shares for the same amount of money.

However, Buffett seemed to be mistakenly focusing on the goal rather than the process. Share buybacks are easy to do, and are often a sign of management’s lack of ideas. Prior to 2015, Rometty aggressively repurchased shares in the hopes of meeting the $20 EPS goal, but that did nothing to shore up the underlying business.

In 2014, IBM spent more than $12 billion on buybacks, and for a time the company was spending more on buybacks and dividends than it was bringing in in free cash flow, funding the difference with new debt. Spending on research and development, though, was flat. The company lost ground to competitors, and its revenue and profits fell.

Read More Here

Article Credit: The Motley Fool

Go to Source

Taking cybersecurity beyond a compliance-first approach

A compliance first approach to security is fundamentally insecure. It’s time for companies to change the mindset, go beyond simply meeting regulatory requirements and focus on truly protecting data.

CYbersecurity beyond a compliance

CYbersecurity beyond a compliance

The cybersecurity landscape is plagued by the fact that cybercriminals seem to be permanently one step ahead and rather than addressing the problem, it seems that regulation is, in some cases, compounding the problem. Understandably, many organizations are opting to define security policies based on regulatory requirements, however the result is that their security postures become very quickly out of date. Not only are regulations typically at least 24 months old by the time they are implemented, but a compliance-only approach actually provides hackers with an ‘access blueprint’ – as weaknesses in the security model that are not covered by regulation are clearly visible.

Disturbing trend

With high profile security breaches continuing to hit the headlines, organizations are clearly struggling to lock down data against the continuously evolving threat landscape. Yet these breaches are not occurring at companies that have failed to recognize the risk to customer data; many have occurred at organizations that are meeting regulatory compliance requirements to protect customer data.

Given the huge investment companies in every market are making in order to comply with the raft of regulation that has been introduced over the past couple of decades, this continued vulnerability is – or should be – a massive concern. Regulatory compliance is clearly no safeguard against data breach.

Go to Source