According to a recent report from Symantec, targeted attacks on the IT networks of small businesses have doubled in the past six months.There were on average 58 targeted attacks a day on the networks and computer systems of companies with less than 

250 employees or less in the last six months. This number represents almost 36% of all targeted attacks on companies, Symantec said. This number represents an 18%  increase since the end of December 2011.i

According to Paul Wood, Symantec’s cyber security intellengence manager, “There appears to be a direct correlation between the rise in attacks against smaller businesses and a drop in attacks against larger ones.“It almost seems attackers are diverting their resources directly from the one group to the other.”

Perhaps this is because larger companies have more resources and dedicated CISOs. As a result they do a better job of securing their computer networks.

The total number of daily attacks continued an upward path during the first half of 2012, according to Symantec, with an average of 151 targeted attacks blocked each day during May and June.

During the first half of the year, the total number of daily targeted attacks continued to increase at a minimum rate of 24 percent with an average of 151 targeted attacks being blocked each day during May and June.

Large enterprises consisting of more than 2,500 employees are still receiving the greatest number of attacks, with an average 69 being blocked each day.

It may be that your company is not the primary target, but an attacker may use your organization as a stepping-stone to attack another company. You do not want your business to be the weakest link in the supply chain. Information is power, and the attackers know this, and successful attacks can result in significant financial advantage for the cyber criminals behind them. Access to intellectual property and strategic intelligence can give them huge advantages in a competitive market,” Wood said.

 

 

Cross Posted from myITview.com 

Just how many mobile devices does the average person carry today in order to effectively perform their job and conduct their personal activities online? The number seems to continually increase.  Workers today require collaborative tools to be fully engaged and productive from various remote office locations. How can IT managers stop this growing trend of device creep? Worker mobility can really get heavy if this trend continues.

 

The lines between work and personal activities continue to overlap. IT departments are under increasing pressure to support personal mobile devices in a highly secure and manageable way. Now BlackBerry® Balance™ technology enables a single BlackBerry® smartphone to be used for both work and personal purposes. 

 

By keeping business information secure and separate from personal information, users can enjoy consumer-oriented features for the fullest BlackBerry experience possible. It is the best of work and play on one device.

 

As the IT department manager you have lived with the complaints from employees having to carry two smartphones. Additionally, you are continually challenged with having to secure your corporate data assets residing on employee smartphones. Now both employees and IT Managers have a reason to celebrate.

 

With the release of Blackberry Balance, IT managers can increase employee job satisfaction by supporting employee-owned smartphones. The IT department can offer greater BlackBerry smartphone choice flexibility to your workforce while retaining full control over business data security. They can even permit the use of personal apps while restricting copy-and-paste functionality to prevent business information from being shared.

 

  

Some of the Key Features of BlackBerry Balance Include:

 

1. Keep personal information separate and business information highly secure by allowing access to the personal BlackBerry device while it's enterprise-locked.

 

2. Restrict employees from accessing enterprise data through social networking applications, and prevent copying and pasting from an enterprise application to a personal application.

 

3. Remotely wipe business information from BlackBerry devices while leaving personal information intact.

 

4. Minimal user training is required as visual notifications on the BlackBerry smartphone alert users when they take actions that conflict with established IT policies.

 

5. BlackBerry Balance technology works with your existing BlackBerry® Enterprise Server v5.0.3 and BlackBerry® Mobile Fusion infrastructure, so there's little or no need to add to your existing architecture.

 

6. Support more members of your organization with the ability to segregate and control personal versus corporate-liable users.

 

For more information please visit   www.blackberry.com/balance

 

For a video demo of BlackBerry Balance in action please visit: http://www.youtube.com/embed/NI5sbDOt4WE

 

 

This article is brought to you by BlackBerry.

By Rafel Los 

 

There was a lot of bustle about the LinkedIn data breach, and specifically about the lack of the CISO and CIO at the LinkedIn organization - which made me think... does an enterprise require a CISO, or even a CIO?

A story on the publication BankInfoSecurity makes it clear with a quote from a LinkedIn spokesperson - "We don't currently have executives with those specific titles, but David Henke, senior vice president, operations, oversees the functions". 

The question becomes, does a company need someone with a CIO or a CISO title to have a well run IT organization and good security?

On the one hand, it's important to have information leadership in a singular role, separate from the role responsible from the security of the organization.  On the other hand, if what your organization is depending on is a title and now a holistic cultural thinking, then you'll always have security as a bolt-on anyway.

Surely there are many types of organizations.  Surely some need the rigor of having a formal information security officer (CISO) role defined and responsible for the security-related decisions of the organization. 

In fact, I would argue that most organizations are of this type... and that when security isn't explicitly called out it can easily be relegated to the back corners of the operations functions or the architecture organization or worse. 

When security isn't explicitly embodied in a warm body it's easy to push it out of your mind, I can certainly attest to that.  Someone has to make the tough choices, push policy and be unpopular, right? 

Someone has to be the fall-guy or fall-gal when things go wrong... and someone has to lobby for the protection of the organization.  At least... if good security isn't part of the culture.

Are we then ready to accept that it's not OK for an organization to leave the role of the CISO out?  I'm not sure I'm ready to go there yet.

What happens when an organization has no formal CISO?  Can security still survive?  Is a breach imminent like with LinkedIn?  I don't think so, the situation in IT can't be that dire.  Can it?

I don't buy it, I just don't buy all the cynicism.  Not salting hashes is a mistake many organizations make... if you're willing to challenge that look inward first.  I don't believe that the culture at LinkedIn is so poor that it requires the role of a CISO to insert security into the IT and business consciousness. 

In fact, I don't believe that the culture in any organization I have known is so bad that defining a CISO (or not) will make a difference one way or another.  The security of an organization just cannot come down to 4 letters - CISO.

I've been having a ton of conversations lately about how more often than not these days a CISO is set up to fail based on those 4 letters... so when he or she doesn't exist does it really matter if the organization simply doesn't care about security?

Are you can probably see - I'm torn.  I'm clearly not a CISO cheerleader simply to have a role (we call that the Chief Fallguy), but if this is what drives better security (or any security) then you need to have the role. 

Given that I don't know enough about LinkedIn's structure or organization (or at least not enough that I can write about) I don't think I'll be joining the outcry against their not having a CISO.

In the analysis of it, every organization needs to have someone responsible for the technology-based risk or "security" of the organization.  Whether that's the Technology Manager, the CISO, or the "IT guy"... I just want to see better security, more resiliency, and less technical risk. 

Isn't that what we all want?

Cross-posted from Following the White Rabbit

By Jason Cowie, vice president of product management at Embotics

Chief information officers (CIOs) are often left with the task of deciphering very complex technical ideas and concepts for their company’s senior leadership to digest. Their latest challenge is explaining how transitioning to the cloud will benefit their respective companies, which may seem counterintuitive given proof of cloud’s ability to reduce capital spending and IT operational workload.  Although many executives claim to understand the cloud, there seems to be a gap between what CIOs and CEOs believe it to be. For their part, CIOs acknowledge the agility and automation benefits associated with the private cloud but, in an effort to be convincing, they must sometimes ‘think like’a CEO in order to make these attributes more compelling. 

Selling the virtues of cloud technology isn’t the first time that CIOs have faced decision making hurdles. In the early 2000s, they were dealt the task of selling x86 virtualization, internally to their CEOs and CFOs. The proliferation of virtualization was met with a great deal of skepticism from many executives so to overcome this, IT administrators and CIOs had to demonstrate that virtualization actually meant flexibility, agility and cost savings through the consolidation of hardware. This resulted in CTOs and CIOs uniting to evolve the opinions of company leaders. Despite this, many CEOs remained unconvinced that virtualization translated into good value for money. 

Moving to the cloud is perhaps a bigger undertaking in that it requires people, processes and technology to unify to make it truly successful. Although many companies have migrated to virtualized environments, the task to evangelize it still falls on CIOs, whomustcontinually explain that the deployment aspect is only the first step in their company’s evolution to deliver infrastructure as a value-added, on-demand service to the business. Ironically, it is a ‘clouded’ view of how cloud technology can evolve a business, whichis likely to impede its successful adoption. 

However, once the CIO has successfully defined the benefits of cloud technology, they must then demonstrate to senior leadership how its attributes of on-demand Infrastructure-as-a-Service (IaaS) translates to improved operational efficiencies.

Below are five tips that CIOs can consider in making a case for cloud with their CEOs.

1) Highlight cloud’s competitive advantage. In addition to being an infrastructure investment, the cloud drives down costs and provides a repeatable, standardized and highly optimized process. CIOs can progress infrastructure conversations byaddressing the competitive advantage that cloud delivers through speed to market. By spearheading company-widecloud readiness assessments of their people, processes and technology, CIOs can determine total cost of ownership, gaps, process improvements, tools and roadmaps to implement cloud service delivery capabilities and related benefits.

2) Provide answers.CIOscanattend meetings with their CEOs armed with the aforementioned gap analysis to make the case for how the cloud delivers solutions to company inefficiencies. Examples of these solutions include self-service provisioning, its associated request and approval workflow automation, IT costing and showback (reports on the costs of all virtual assets, allowing business and application owners to increase awareness, understanding and accountability of actual costs required to support the business) and service catalogs associated with the private cloud. Documenting cloud benefits, which align to company goals and provide answers, can be a convincing strategy.

 

3) Promote performance improvements.CIOs can take this opportunity to discuss the value of speed, agility and the simplification of data center management.Cloud management solutions can calculate costs, automate routine administrative tasks and help optimize the performance and configuration of the virtual data center. Therefore, CIOs must highlight how the private cloud builds on the flexibility and cost savings the company can gain from moving to a virtual environment.

4) Focus on energy efficiency.CIOs can also explain how monitoring, measuring and managing IT consumption is a benefit that comes with cloud deployments. CIOs can also educate their leadership about how cloud’s smart provisioning of resources enables IT to be more productive.

5) Explain how the right solution makes transitioning to the cloud painless.CIOs can provide their CEOs with answers on how to select the right cloud management platform, and thenuse the opportunity to develop business and technical justification. It’s important to emphasize that transitioning to the cloud can be done painlessly, if a company uses the right solution.

By following these steps, CIOs can expect their fellow executives to agree on the business case for moving to the cloud. Cloud hype can turn to a promising reality once everyone is on the same page.

Jason Cowie is the vice president of product management at Embotics  and oversees product direction and strategy. Jason’s extensive management background spans sales, business development, consulting, and product marketing at various companies including EMC, Configuresoft, Microsoft, Scalable Software and Mission Critical Software (merged with NetIQ in 2000).

Leveraging the best that technology has to offer is always a challenge. CIOs are constantly struggling with how best to articulate to the rest of the C-Suite and especially the CFO of the value proposition of an essential piece of enterprise technology.  Procuring and deploying the right business collaboration technology solution is no exception. As CIOs want the best technology available for their end users,  CFOs  will typically require some practical financial answers when it comes to acquiring “the latest and greatest” particularly with IT. 

 

Technology innovation occurs almost daily and product refresh rates are routinely compressed to shorter and shorter intervals.  No sooner has the latest, greatest solution been deployed than a newer, better solution emerges. As the CIO of your organization you are faced with the reality that your business operates in a world where 40% of many workforces are mobile at any given point in time. It is important that you discover and introduce innovative technologies to let employees come together in groups to collaborate to do work from remote locations. The ultimate goal of the CIO in deployment of a collaborative technology solution is to deliver some type of business benefit such as faster problem resolution, more innovative ideas and quicker time to market new products. 

 

Hosted collaborative technology solutions can offer the potential to upgrade the business and functional applications rapidly with an ROI period that is short and simple to calculate.  Infrastructure cloud based collaborative solutions help to minimize the risk in making these investments as they are scalable for future growth and offer a minimized footprint in a virtualized environment.

 

The CIO should argue for investment in cloud based collaboration services because these investments in IT are truly providing competitive differentiation.  This stems from the current global trend in cloud computing where the cloud is shifting IT toward a utility model.

 

 Some business units within an organization desire the self-service, self-reliance choice of selecting and procuring their own SaaS solution.  CIOs can provide outside cloud based collaborative services that can provide independent operating business units with a feeling of empowerment. They can schedule, configure, coordinate, and collaborate across remote locations using the online tools of their choice all while staying in a single integrated product family.

Are you ready to have the conversation with your CFO? 

 

When CIOs ask for financial resources to support say a business collaboration solution, CFOs will typically ask for additional cost justification or an extensive ROI analysis.  CIOs should expect this and be prepared. CIOs should be confident that their informed purchasing recommendation is based on demonstrations and experiences which they know to be the right action at the right time for their organization. The CIO simply needs to document the request and put it in a form the CFO can understand.

It is important for the CIO to understand why the CFO has made the request for ROI calculations. Technology spending typically represents the biggest single area of capital expenditures within most organizations. Couple that with the kind of clout that CFOs typically gain during tough economic times along with the increase in regulatory and compliance activities in recent years (i.e. Sarbanes-Oxley) and it stands to reason why many  CIOs and IT organizations now fall under the CFO’s watch.

 

CIOs can make the following arguments to the CFO to win their financial support for the deployment of collaborative technologies.

The reasons for adopting cloud based collaboration services are clear: Cloud Computing has the ability to change the way the technology industry itself is shaped as Cloud has changed the computer pricing model. An organization can potentially buy capacity as I needed it and pay for it as Operating Expense instead of Capital Expense. This has the effect of enabling innovation because you may rapidly select a technology solution and deploy it very quickly.

Inform the CFO that by deploying your suggested collaboration solution the entire organization will have anytime, anywhere access to real-time business collaboration services.  The single biggest advantage of running business collaborative solutions in the cloud is that employees can be anywhere and have full access to each key system element through nearly any Internet-enabled device. Your company does not need to build out a complicated VPN. The cloud based collaboration service lends itself to improving access and accuracy of data and in many cases end user accountability.

While many companies adopt cloud applications with the assumption that positive ROI is a given, their main drivers for making the jump to the cloud are to gain overall process efficiencies and to run their businesses better, faster and cheaper. A survey by the Sand Hill Group recently found that increased business agility and cost efficiency are the key drivers for cloud adoption.

While the decision to move to the cloud is about investment justification for the CFO, it is also about using this technology to improve performance around key areas of the business and to drive the desired behaviors from both the CIOs team and the organization at large. The collaboration tools you select need to enable your organizations’ vision and strategy in order to drive the correct process and behaviors. By using the cloud to target opportunities and motivate people, business collaboration investments are ultimately justified.

To make the case for the investment to the CFO you can point out that the rules of funding a business collaboration deployment are the same no matter the size your company. To properly evaluate the project's feasibility, you must be able to compare the expected cost of the project against the expected value to the organization. With most IT projects, the future value of an investment is easy to predict by considering savings, efficiency gains or the reuse of existing resources. Simple forecasting methodology can then be used to calculate a potential return on investment (ROI) to determine a course of action. It is a tried-and-true method, and one the CFO understands. 

By starting with a small group and building on early collaboration technology roll out successes you can focus the CFO on the overall advantages to all the end users in the organization.

 

 

The latest quarterly IT Employee Confidence Index report from Technisource shows that overall confidence among U.S. technology professionals has risen to its highest level since Q4 of 2005. According to the report,  IT workers feel better about their job prospects, job stability, and their current company's future. All welcome news for IT pros and even CIOs, after all true leadership and good senior IT management encourages the growth of skills and confidence in their workers. 

The IT Employee Confidence Index is a measure of overall confidence among U.S. technology workers. The recent online survey was conducted by Harris Interactive on behalf of Technisource and Randstad Technologies included 253 individuals that are employed in the technology industry.

The number of technology workers indicating that the economy is getting stronger nearly doubled in the first quarter of 2012—leading to the highest confidence ratings in the history of the survey. In addition, 20 percent more IT workers reported that they are confident in their ability to find a new job in the first quarter, and 41 percent indicated a likelihood to act on it.

IT Worker Confidence in the Economy Spikes

Technology professionals demonstrated a large spike in confidence in the overall economy, with 40 percent now believing the economy is getting stronger, up 18 percentage points from Q4 2011.

One-Third of IT Workers Believe More Jobs are Available

Thirty-two percent of respondents believe that more IT jobs are now available (up 14 percentage points from the previous quarter).

Tech Workers Optimistic About their Employability

42% of IT workers reported feeling confident in their ability to find a new job—showing no change from the previous quarter.

Workers More Likely to Job Hunt

Forty-one percent (and nine percentage points higher than the previous quarter) of technology workers are likely to proactively seek new employment within the next year.

"Companies are once again looking to technology as a competitive advantage and embracing new implementations and migrations," said Bob Dickey, president of Technisource and Randstad Technologies. "We are seeing all levels of confidence ratings reach new highs—clear evidence indicative of an improving recovery in the tech market.  Likewise, our latest report is also seeing the highest number of IT professionals actively seeking to transition from their current employer onto new opportunities since the second quarter of 2008. Given the strength of our industry and the employability of highly-skilled IT workers, it is critical to not lose sight of retention efforts. Specifically, in our business, we continue to see a demand for specialized skills as the job market heats up. We are also seeing more of a rise in the demand for .net and java developers, business analysts, and project managers."

 

Published by myITview.com