IT News and Events  
February 3rd, 2020 — February 9th, 2020
Volume 263, Issue 1
Red Hat News
Friday Five - February 7, 2020
Red Hat News, February 7th, 2020

The Friday Five is a weekly Red Hat blog post with 5 of the week's top news items and ideas from or about Red Hat and the technology industry. Consider it your weekly digest of things that caught our eye.

  • Power Training at Red Hat Summit 2020 can build IT skills
  • How Omnitracs Transformed to a DevOps Culture with OpenShift
  • EnterpriseAI - Four Principles for Building a Culture of Automation, by Nick Hopman, VP, Red Hat
  • Seven questions to steer open source project community development
  • - Multi-Cloud Adoption to Better Enable the Developer Workforce

Read on fo details.

IT - CxO
4 Lessons From The Hertz vs. Accenture IT Disaster
CIO, February 5th, 2020

A tremendous amount of information and specific insight can be gleaned by analyzing projects gone wrong

"Here are four lessons IT leaders can apply to any outsourcing agreement.

Project successes tend to result in a lot of the same conclusions that every team identifies (e.g., we had a great team in place, or we had good leadership supporting it). Disasters, on the other hand can offer some of the best learning opportunities.

The Hertz vs. Accenture lawsuit filed last year provides some particularly valuable insights. This case, involving a digital transformation, teaches us that it's important to know best practices for holding your vendors accountable, specifically when you're leveraging agile-at-scale..."

CISOs Face A Range Of Cybersecurity Challenges In 2020
SearchSecurity, February 3rd, 2020

Every company is unique, of course, but certain challenges are widely shared. Learn what security concerns other CISOs and security leaders are focused on in 2020

"The list of cybersecurity challenges will remain unabated in 2020, with both emerging and existing threats and opportunities expected to dominate the CISO agenda in the months ahead.

The list of top concerns is broad. Changes and advances in technology, evolving threats, too few security personnel, emerging essential skills and the increasing number of threats are all top issues, according to the "State of Enterprise Risk Management 2020," from IT governance organization ISACA, the CMMI Institute and Infosecurity Group..."

5 Rules For A Healthy CIO-CISO Relationship
The Enterprisers Project, February 5th, 2020

Box's CIO shares tips on how to change the traditionally contentious CIO/CISO relationship into a more collaborative and effective one

"There is natural tension between the role of the chief information officer (CIO) and that of the chief information security officer (CISO). While the CIO looks to better leverage and implement new services, the CISO aims to find security risks in why certain services should not be used.

This is actually a complementary tension that should result in a healthy decision-making process that balances need with risk, but in practice, friction is often unavoidable. Security initiatives and solutions add complexity, overhead, and friction to architectures that some believe are already too complex. Access procedures and slow performance caused by security measures often frustrate employees and the very IT organizations looking to deliver seamless capabilities to those employees..."

8 Dark Secrets Of Organizational Change Management
CIO, February 5th, 2020

In the digital era, organizational change management is crucial to business success - far too crucial to be dogged by its misconceptions and false assumptions

"Organizational change management (OCM) has gained visibility, slowly but surely, among those responsible for making change happen, which is to say, just about every manager in just about every business.

It matters because, as you're doubtless tired of hearing, the only constant in business is change. That reality bumps up against a competing one: More often than not, business change efforts fail to satisfy, and that's if they don't fail entirely..."

New Decade, New You: The Evolution Of The CIO
InformationWeek, February 5th, 2020

Differentiate your enterprise by going more in-depth with cloud, leveraging data and analytics, embedding AI, and putting security at the center of the business

"There is no question -- technology is advancing and improving faster than ever before across enterprises, making the chief information officer's role more critical to the performance of an organization. In this new year, it is crucial for the CIO to carefully examine and determine which technologies are the best fit for their organization. A recent Accenture report found that 83% of companies want systems that will allow them to pivot into new strategic directions..."

Cisco CISO Says Today's Enterprise Must Take Chances
Search Security, February 4th, 2020

Cisco CISO Steve Martino talks about taking chances, threats, how the security leader's role is changing and what really works when it comes to keeping the company secure

"As leader of its information security and trust organization, Cisco CISO Steve Martino positions himself at the intersection of the company's IT and business interests. Unlike some cybersecurity executives of the old school -- gatekeepers focused on guarding against outside threats, at any cost -- Martino said he aims to more closely align Cisco's security stance with its corporate strategy. He wants to manage rather than eliminate vulnerabilities, he explained, in proportion to the organization's tolerance for risk and appetite for reward..."

IT Leadership: How To Build A Learning Culture
The Enterprisers Project, February 6th, 2020

Intrado's CTO shares his team's success building a culture that prizes ongoing learning - using a 'community of practice' program and other creative approaches

"If you're not building a culture of learning into your IT organization, you risk losing the ability to gain efficiencies that new technologies can provide.

Part of the purpose and goal of an IT organization is to optimize the company's use of technology - evaluating the value add of emerging tech and implementing new tools. Tech-forward organizations like Intrado are constantly exploring new technologies and working models in order to increase operational efficiencies and better serve customers. That means not only integrating them and educating employees, but also educating ourselves..."

Meet OpenSK, An Open-Source 2FA Security Key Platform From Google
9to5Linux, February 3rd, 2020

Google has released a fully open-source two-factor authentication (2FA) security key implementation called OpenSK

"Written in Rust, OpenSK supports both FIDO2 and FIDO U2F standards, and promises to allow security key manufacturers, researchers, and anyone else interested in better security for online accounts to make their own security keys with innovative features, just by flashing a firmware on a Nordic chip dongle.

Under the hood, OpenSK runs on TockOS, an embedded operating system that provides the isolation needed between the security key applet, kernel, and drivers to create defense in depth..."

How Device-Aware 2FA Can Defeat Social Engineering Attacks
Dark Reading, February 3rd, 2020

While device-aware two-factor authentication is no panacea, it is more secure than conventional SMS-based 2FA. Here's why.

"In the ever-escalating arms race between attackers and defenders, the latest defense to crumble under fire is two-factor authentication (2FA). Hackers have become increasingly successful in using social engineering techniques that defeat 2FA and let them take control of victim accounts.

Many of these attacks, however, including account takeover using SIM-jacked phone numbers, can be thwarted by restructuring part of the authentication process, using a minor modification to existing methods..."

What is TOTP MFA?
Security Boulevard, February 7th, 2020

Organizations concerned about identity security need to make multi-factor authentication (MFA) a standard practice for their users

"MFA is one of the most effective security methods for blocking unauthorized account takeovers. There are several types of MFA, but before we talk about TOTP MFA specifically, let's talk about MFA in general and why it's so effective at securing user accounts.

What is MFA?

MFA (also called two-factor authentication or 2FA) is the practice of requiring additional authentication factors beyond the standard username-password combination most authentication mechanisms require. If that credential combo is compromised for any reason, MFA acts as the final barrier between an attacker and their prize: the critical data housed within an organization's network. Since compromised credentials are the leading source of breaches, an additional layer of security through MFA works wonders. In fact, Symantec found that 80% of recent breaches could have been prevented with the addition of MFA..."

How To Enable Two-Factor Authentication On Facebook, Instagram, And Twitter
TECHPP, February 7th, 2020

This should be the year when you finally stop procrastinating the idea of installing a password manager

"While following good account practices such as using strong passwords, taking advantage of a password manager to create complex and unique passwords for different accounts, and avoiding the use of dictionary passwords, ensures your account security to a greater extent, there are instances when even accounts with strong passwords pose a risk of account compromise.

For such instances, having another layer of security on your account (say, Two-Factor Authentication), in addition to a strong password, further ensures that your account is less susceptible to attacks. So, to help you do that here's a guide on how to enable Two-Factor Authentication across different social platforms like Facebook, Instagram, and Twitter..."

IT - Storage
NVMe, Single Tiering, Data Awareness and Other High Performance Storage Trends for 2020
EnterpriseAI, February 3rd, 2020

High performance storage is changing as data (particularly unstructured data) volumes grow

"NVMe file storage will be adopted broadly for performance starved, low-latency applications NVMe is a communications protocol explicitly developed to optimized all-flash storage. NVMe enables an application to get the full performance out of the SSD storage devices that previously were not being optimally leveraged. It is geared for enterprise workloads that require top performance, such as video post-production, scientific research applications, financial service analytic applications and other latency-sensitive workloads. By the end of 2020, all NVMe file storage will be dominated by players that can deliver end-to-end value and performance to applications by optimizing the network, protocol interfaces, file system software and storage to eliminate bottlenecks..."

The Hard Disk Is Dead! (But Only In Your Datacenter)
Gigaom, February 3rd, 2020

Not Dead, Just Not Made For You Anymore

"During Storage Field Day, one of the most interesting sessions was with Western Digital. It was a 4-hour long session, so I won't tell you to watch all the segments (although some of them were particularly enlightening about the future of storage and infrastructure in general - If you have to pick only one watch the part about the gaming industry. I'm not a gamer, but it was really fascinating). Now, let's focus on the hard disk!..."

Data Storage 2020: Icebergs Ahead
Wikibon, February 3rd, 2020

Data storage has always been a very lucrative market

"In this week's Breaking Analysis we look into the storage market. Storage has been soft lately, as we've been reporting. Spending has been on the back burner. In this segment we want to highlight those few companies with momentum, understand why there's a softness, drill into the various segments and forecast the outlook for 2020.

Few Storage Companies with Momentum - Rubrik and Cohesity are Standouts Let's get right into it and look at a storage spending snapshot.

We're looking below at Net Score, which is a measure of spending velocity in the ETR data set. We're specifically isolating on storage spending..."

The CIO's Dilemma: Ai-Powered Innovation Without Chaos
AiTHORITY, February 5th, 2020

With the power of AI, companies are finding revolutionary ways to deliver customer engagement and business collaboration

"You're on your way to the airport for a birthday weekend getaway when you receive a notification from your airline on your phone: 'Hello, your connecting flight #2001 from Denver to San Francisco has been canceled.' Bad news, right? The kind of news that can cause a lot of stress or even ruin your entire trip. But wait - there's more. The notification continues: 'We have two alternative flight options for you. Please select your preference.'

The notification offers you a choice of two different flights, which you can choose at the tap of a button. You quickly select the earlier connecting flight..."

Robotic Process Automation Transforming Enterprises: Latest Trends And Insights
Business 2 Community, February 5th, 2020

Robotic Process Automation is on the top of the list as enterprises look for capabilities to manage regular and repetitive tasks

"Almost every process within a workflow can be improved; however, it depends on businesses. Enterprises should start small with RPA and take a more strategic view toward RPA implementation.

Why do businesses need to opt for RPA software?

1. Data related tasks are time-consuming

Data entry, analysis, transferring, and storage are some of the genuine challenges faced by most of the enterprise. These tasks require time and are tedious. Thus, it creates boredom for human employees, to work on it. Also, for human employees, it's not always possible to perform error-free tasks..."

AI and AIOps: Top 5 User Trends for 2020
Jaxenter, February 4th, 2020

What will 2020 look like in terms of AI and AIOps? I thought I'd break this down into three distinct areas: technology, market and users

"For each of these I've come up with five major trends which I think will have significant impact on how AIOps, and AI in general, evolves over the next twelve months. At the outset I'd like to say that the most significant changes will be seen in user behaviors and user practices, this is the year where we will see substantial transformation. Let's finish this series with five user trends.

Until now, many enterprises have allowed DevOps teams to operate independently, and in reality, allow individuals to act independently of one another - a DevOps anarchy. What we will see in 2020 is that many organisations will take the stance that this has gone too far, that DevOps needs to be reined in. There will be more discipline enforced in terms of coordinating their efforts and reducing their focus on agile development. Therefore, a DevOps backlash, or at least an attempt to take what's good in DevOps but impose more external control..."

2020s: The Decade Artificial Intelligence Will Dominate
TechTaks, February 5th, 2020

Isaac Asimov, roboticist and science fiction writer, predicted in his novel I, Robot in 1950 that robots and artificial intelligence were going to be banned from Earth in the year 2030

"Instead, we are seeing huge advances in AI and this is likely to continue within the next decade.

The UK's investment in AI recently reached a record high for 2019, rising from $1.02 billion for the whole of 2018 to $1.06 billion in the first six months of 2019. What's more, the European Commission's new president, Ursula von der Leyen recently made calls for a GDPR-style regulation for the use of AI to be put in place, signaling the predicted mass uptake of the technology amongst businesses across different industries..."

IT - Humor
Memory-Lane Monday: PEBKAC - but VERY close to the keyboard
Computerworld, February 3rd, 2020

This solution has nothing to do with a dress code

"User's brand-new laptop keeps going into standby mode at random, reports a pilot fish on the scene.

Local techs try replacing parts, updating the BIOS and everything else they can think of, but nothing improves the situation.

So someone decides to observe the user as she works - and sees that every time she moves her left hand past the corner of the laptop, the laptop drops into standby mode..."

Printer Not Found
ComputerWorld, February 4th, 2020

You'll be amazed at the things you'll see when you go up on the roof

"It's the '80s, and this consultant pilot fish gets sent out to see what's going on with a client who is complaining that files are printing days and even weeks after they were submitted. But not completely - only a page or two at a time.

Fish has plenty of things to check before giving serious consideration to the idea that there's a time portal hidden somewhere..."

Wayback Wednesday: Still Not Done
Computerworld, February 5th, 2020

And maybe never will be

This newly hired networking pilot fish is tasked by the almost-as-new IT director with helping to create a cohesive network for the company's 14 remote sites.

It's no small task. 'Each site had its own server and local email system,' says fish. 'Each site had 30 to 100 computer users on three shifts using 15 to 50 computers per site. And there were no corporate standards.'

Flashback Friday: If Only He Had Known It Was Impossible
Computerworld, February 7th, 2020

We'd still be doing it the hard way?

"This pilot fish is fed up with manually dealing with backup problems. 'I had to reset the daemons database and put the tape back in the autoloader before the batch could rerun a failed backup,' he says.

The simple solution is to write a script that automatically checks everything involved in the backup and adjusts anything that's not right..."

IT - Blockchain
Predictions Around Blockchain And Data For IT Leaders
InformationWeek, February 4th, 2020

Blockchain technologies will ignite the era of decentralization, where customers own their data and decide how it is used. IT leaders should start to rethink their strategies

"Blockchain has introduced alternative methods for tracking and managing customer data. IT leaders need to understand the direction of decentralized technologies -- or risk falling behind.

Scan the latest news: Many tech sector reports mention the misuse of data and the erosion of privacy. Among the disconcerting newsflashes are also new terms such as 'surveillance economy,' where customers sacrifice data privacy for 'free' services. In an effort to combat such erosion, pieces of legislation like the California Consumer Privacy Act give consumers the right to learn what data companies are collecting about them and demand they not sell it. Technology solutions, like advancements in blockchain, are less often discussed but perhaps even more seismic..."

Is Blockchain The Solution To Internet Insecurity? These Two Projects Say Yes.
Jaxenter, February 6th, 2020

The Internet was originally built without concerns for privacy, especially not the complicated security features required by today's standards

"It's far too late to redesign the entire Internet, however, two blockchain projects offer potential security solutions. Blockchain's capabilities of serving as a decentralized payment system could be the secret for the future of internet security.

In the beginning, the internet grew from the idea that multiple, arbitrarily designed networks could combine to create a global digital data interchange system. When the technologies needed to affect that idea were designed, nobody really thought they might eventually be used for everything from sensitive communications to commerce and everything in between. For that reason, it's plain to see that the bedrock technologies that make up today's internet have almost no built-in security features to speak of..."

How Blockchain Is Changing The Fortune Of Online Gambling
NEWSBTC, February 6th, 2020

The age of the internet was a game-changer for the gambling industry

"It enabled anyone with an internet connection to play their favorite casino games or engage in sports better from anywhere. Now, despite being heavily regulated in many countries, the online gambling sector is growing at an impressive rate. According to a report from market research firm Mordor Intelligence, the industry can expect further growth of 8.77% CAGR between now and 2020.

However, despite this optimistic projection, the online gambling space also faces several key challenges. There is a lack of trust on the part of users, partly driven out of the fact that there's a low level of transparency into wins and losses..."

3 Ways To Build Positive Relationships With B2B Customers
CRMBuyer, February 4th, 2020

For most businesses, meeting target sales goals and key revenue metrics are top priorities

"While executive teams understand that building positive relationships with customers is important, it isn't the easiest metric to quantify. For this reason, many companies end up ignoring the work it takes to build relationships with customers, and begin to focus on other, more easily-tracked metrics like deals closed and upsells..."

Five Forces Shape The Modern CRM Landscape
Forrester, February 4th, 2020

What is CRM? It's not SFA (sales force automation) and it's not marketing automation

'The business processes and supporting technologies that support the key activities of targeting, acquiring, retaining, understanding, and collaborating with customers.'

. . . that is, to support customers through their entire journey with a company.

Today, companies both large and small widely deploy CRM - not as a singular technology but as a collection of discrete technologies: marketing automation, sales automation (including high-velocity sales), eCommerce, customer service, and field service technologies. These technologies are underpinned by intelligence (analytics, reporting, and AI) and an extensible platform. Read our latest Forrester Wave report to understand the strengths of leading vendors in this space..."

The New App Dev CRM Model
CRMBuyer, February 5th, 2020

CRM is an industry that's been full of turning points, and I think it is at another

"There have been many smaller turns, like the additions of analytics, social media and process flows. However, to get a sense of this point in time, I think you have to go all the way back to the turn of the century and the rise of cloud computing.

The cloud was important as an economic marker in ways that other turning points were not. When software as a service emerged, it represented a long overdue initiation of a commoditization wave in the whole technology market, and CRM was the test case..."

The Future Of AI And Four New Demands On ERP Systems
AiTHORITY, February 3rd, 2020

Artificial intelligence (AI) will have a significant impact on companies and their business models over the next five years

"85 percent of CEOs surveyed in PwC's 22nd Annual Global CEO Survey are convinced of this. But with only 33 percent having dipped their toe into AI for 'limited uses', and fewer than one in ten using it on a wide scale, the range of applications has been limited so far.

However, this is soon set to change. Despite the use of AI being a distant dream for many businesses, the current maturity of intelligent technologies and the expectations of Enterprise Resource Planning (ERP) systems in particular - to support innovations - have fundamentally changed business demands..."

Why Companies Should Make ERP Security A Top Priority
SearchERP, February 3rd, 2020

Whether your ERP system is on premises or in the cloud, it's still vulnerable -- and you need to take the right measures to secure it. Here's advice on how to do just that

"Your ERP is a treasure chest filled with valuable data -- and hackers may be planning a cyberattack right now. That's why your IT and infosec teams need to understand ERP security issues and best practices.

An ERP system is likely to contain both the company's intellectual property and employee and customer personally identifiable information, and it's critical to keep this data safe. But it's not easy..."

Coaching To Become Talent Development Mainstay, Study Suggests
HRDive, February 4th, 2020

More than 80% of organizations represented in the study said they plan to expand coaching use among leaders and managers

"Coaching and one-on-one training have gained increased attention in recent years thanks in part to demand from younger employees. A March 2019 survey by InsideOut Development, for example, found 75% of Generation Z members wanted a boss who coaches employees.

But the trend isn't just generational in nature. Calls for a more personalized learning experience have become a fixture in the L&D space, and models that allow for coaching and mentorship - which fit under the broader umbrella of "knowledge sharing" - can allow organizations a low-cost path to a more hands-on approach. Embracing training relationships can also help to foster emotional connections between team members, experts previously told HR Dive, further boosting the cultural case for coaching..."

96% Of HR And IT Leaders Agree That Meeting Hiring Goals Is Critical To Their Organization's Success
AiTHORITY, February 5th, 2020

Yet IT leaders identify HR as their lowest investment priority, according to new research from iCIMS

iCIMS, Inc., the market leader for cloud-based talent acquisition software solutions, released the results of an independent survey of 500 IT and HR Operations leaders' perceptions, priorities and challenges supporting HR and Talent Acquisition.

'In the same way new technology and data revolutionized marketing, it is now transforming HR, and organizations are accelerating their investment in new recruiting solutions to gain an advantage in the war for talent,' said Adam Feigenbaum, chief customer officer at iCIMS. 'However, many HR digital transformation projects fall short of their goals, in part because IT and HR Operations shoulder too much of the responsibility to realize the value from the investment. Our study helps HR and Talent Acquisition leaders better understand and align with their partners in HR Ops and IT to modernize recruiting.'

6 Golden Rules For Managing Remote Employees
Business 2 Community, February 7th, 2020

Remote work isn't going anywhere, in fact it's growing

"According to Upwork's Future Workforce report, in the next decade 73% of all teams will have remote workers. The road to entirely remote companies has been paved by companies like Buffer, Hotjar, InVision and Gitlab.

With partially or fully distributed teams on the rise, it's important to follow these 6 basic rules when managing remote employees..."

Why HR And IT Must Come Together To Help Improve Employee Experience
Citrix News, February 6th, 2020

HR and IT aren't natural bedfellows

"Historically, a lack of mutual understanding has been the biggest barrier to collaboration between the two. However, amid a mushrooming employee engagement crisis, the two functions are recognising that they must come together to jointly deliver a long-term solution to the problem.

Gallup's most recent State of the Global Workforce report found that as many as 85 percent of employees are disengaged at work, and a fifth of those are actively disengaged. Any asset operating at just 15 percent capacity is going to present a phenomenal burden, and some business forecasts estimate the issue is costing the global economy as much as $7 trillion a year in lost productivity..."

Employees' Top Office Wishes Are Windows, Quiet Spaces
HR Dive, February 7th, 2020

Most survey respondents said areas for ping pong or pool didn't matter to them

"Other research has resulted in similar findings. For example, 90% of professionals in a Capital One survey said they perform better in a well-designed office area. Three quarters of the respondents favored a work environment that fosters collaboration, and even more said workspaces designed for concentration also improve performance..."

5G Will Make Augmented Reality A World Changer - If We Get The Glasses Right
IT Business Edge, February 7th, 2020

5G could change augmented reality, but there are hurdles

"I was on an update call with Qualcomm this week, and they went through several things that will dramatically change once 5G is in place and the industry begins to step up to the power of this far faster and more secure technology. AI will become far smarter and primarily reside in the cloud and will be used to optimize your wireless online experience further. User authentication using biometrics like facial recognition will become far more common and far more accurate. Pretty much everything you can now do on a PC you'll be able to do on any 5G device with a screen. And apps like real-time translation will be more common, more accurate, and better able to make our travels to foreign countries enjoyable. But one thing caught my eye, and that was applied Augmented Reality.

Let's talk about how 5G is going to change both how we shop and how we see the world..."

Google Makes Glass Enterprise Edition 2 Available For Direct Purchase
ZDNet, February 4th, 2020

Google is also sharing new open source applications and code samples to help developers build applications for the glasses

"Developers and businesses can now buy Google's Glass Enterprise Edition 2 directly from a handful of hardware resellers, Google announced Tuesday. Previously, interested enterprise customers had to work with Google partners to build custom software for the augmented reality glasses that fit their specific needs.

After Google Glass failed to take off as a consumer product, Google revived the AR glasses for the enterprise in 2017. It launched the second edition in May of last year. They're used in a variety of sectors, including logistics, manufacturing and field services..."

IT - Operations
A Glossary Of 12 Network Management And Monitoring Key Terms
SearchNetworking, February 7th, 2020

This network management and monitoring glossary delves into common issues, processes and capabilities all networks share. Explore these 12 key terms and concise definitions

"As networks change and transform due to advancements such as automation and software-defined concepts, network management and monitoring must keep pace.

Network management and monitoring are universally crucial for organizations, regardless of location, workload or size. The moving pieces in these aspects of networking can seem complicated, especially as times and technologies change, but those factors also increase the importance of how network teams manage and monitor their networks. In addition to universal importance, network management and monitoring are also universal when it comes to protocols, issues and processes. Most networks face similar issues -- such as bottlenecks and outages -- that the use of the same protocol and similar best practices can fix..."

IT - Security
Why Monitoring Third-Party SSL Certificates Matters
Recorded Future, February 5th, 2020

"This week, Microsoft Teams - a workplace collaboration tool similar to Slack - went down for three hours. Users attempting to log in were met with a message stating that the app failed to establish an HTTPS connection.

The problem? An expired SSL certificate, which normally allows users to ensure a secure connection between a web browser and a web server..."

Hiring Tips For CISOs Closing The Cyber Skills Gap
CSO Online, February 5th, 2020

Professionals in the cybersecurity space are well aware of the skills gap, which has already left 4 million global jobs unfilled

"CISOs are already feeling the effects across their team, especially in their efforts to hire experienced professionals.

Closing the skills gap at your organization is becoming increasingly challenging as intense competition means many companies are priced out of hiring experienced talent based on their ability to get a higher salary elsewhere. Moreover, because the security space, and the responsibilities of those working within it, are changing so rapidly, it is becoming increasingly difficult for CISOs and hiring managers to articulate exactly what they need in a candidate..."

How CISOs Can Justify Cybersecurity Purchases
HelpNet Security, February 4th, 2020

Sometimes a disaster strikes: ransomware encrypts critical files, adversaries steal sensitive data, a business application is compromised with a backdoor...

"This is the stuff that CISOs' nightmares are made of. As devastating as such incidents can be, for the short time after they occur, the enterprise usually empowers the CISO to implement security measures that he or she didn't get funding for earlier.

Of course, waiting for disastrous events is a reckless and unproductive way to fund cybersecurity purchases. How can you make a proactive business case for justifying expenses that advance your security program? I have a few suggestions based on my prior consulting experience and my recent work as a CISO at a cybersecurity firm..."

Enterprise Security In 2020: How To Keep Attackers Out
CIO, February 5th, 2020

When every employee is part of the security equation, having a security culture that includes education, collaboration between IT operations and security teams, and security tools is essential.

"Securing the enterprise is no easy task. With a huge workforce to train, hundreds or even thousands of devices to manage and protect, and forever evolving security threats - the job never stands still.

CSOs and CISOs rely on their strong network of information to keep their organization as secure as possible. IDG TECH(Talk) led a Twitter discussion, plus a live-streamed video, with security experts and tech industry watchers to talk about the state of enterprise security in 2020 and how to keep attackers out..."

Ransomware Attacks: Why It Should Be Illegal To Pay The Ransom
Dark Reading, February 4th, 2020

For cities, states and towns, paying up is short-sighted and only makes the problem worse

"When it comes to ransomware attacks on municipalities, paying hackers isn't the right solution. First, there's no guarantee hackers will return sensitive data. Second, there's no guarantee cybercriminals won't leverage and monetize the data anyway, returned or not. To effectively fight back, we need to make ransomware payments illegal, and develop a strong industry of cyber professionals, a digital army of sorts, to proactively increase security awareness and data protection..."

The Security Snapshot: Data Privacy, The Biggest Concern Of The New Decade
Forrester, February 3rd, 2020

At the end of 2019, Forbes identified data privacy and security as the most pressing issue in the upcoming decade

"The issue is already prevalent: Every day, a new story crops up about leaked, compromised, or misused data. While clicking through their often numerous social media accounts, consumers are providing these companies with more personal data. The growth of home security devices such as the Ring camera has also fed the collection of personal data into the surveillance economy..."

DOD Issues Cyber Standards For Contractors
GCN, February 4th, 2020

The Defense Department has issued the long-awaited cybersecurity standards that all must meet.

"On Jan 31, the Pentagon released the official version 1.0 Cybersecurity Maturity Model Certification. It requires any company that does business with the Department of Defense, primes as well as subcontractors, to meet to meet "at least a basic level of cybersecurity standards" when they respond to requests for proposals.

CMMC is informed by the National Institute of Standards and Technology's guidance on protecting controlled unclassified information (CUI) in non-federal systems and on security and privacy controls for federal systems. It outlines five levels of certification addressing both cybersecurity practices and processes..."

Which Vulnerabilities Were Most Exploited By Cybercriminals In 2019?
HelpNet Security, February 6th, 2020

Which ten software vulnerabilities should you patch as soon as possible (if you haven't already)?

"Recorded Future researchers have analyzed code repositories, underground forum postings, dark web sites, closed source reports and data sets comprising of submissions to popular malware repositories to compile a list of the ten most exploited vulnerabilities by cybercriminals in 2019.

The list

The list is comprised of two vulnerabilities in Adobe Flash Player, four vulnerabilities affecting Microsoft's Internet Explorer browser, three MS Office flaws and one WinRAR bug:..."

Fresh Thinking On Cybersecurity Threats For 2020
SearchSecurity, February 3rd, 2020

It's a good time to take a clear-eyed view of the likely security threats facing your organization. But then what? Experts suggest getting creative with your threat responses

"Metaphors may be cheesy, but often they make total sense, especially when it comes to cybersecurity. For example, when eye doctors say someone has 20/20 vision, the person's vision isn't perfect, but it's enough to see an object from a distance of 20 feet. A cybersecurity program doesn't need to be perfect either. It needs to be sufficient enough to protect an organization's unique data and assets from cybersecurity threats..."

A Journalist's Perspective on Global Cyber Threats (Podcast)
Recorded Future, February 3rd, 2020

This podcast was produced in partnership with the CyberWire

"In our conversation this week, we discuss the challenges of reporting on a highly technical subject area, making your stories accessible to the general public, and having the courage to ask the obvious questions. We'll get his insights on being a good consumer of news, as well as his thoughts on where journalism is headed..."

Decomposing DevOps: What is and what is not DevOps?
Thursday, February 20th, 2020: 6:00 PM to 7:30 PM

TBD - Miami

Confused about DevOps and what it can do for you and your organization? Join us at our February 20 MeetUp, where we will decompose DevOps into what it is, we will identify the top three myths surrounding this topic, and will give guidance on how to keep learning more about DevOps.

Hosted by Rick Regueira from South Florida Agile Association

Best Antivirus Software: 13 Top Tools
CSO Online, February 7th, 2020

These top-ranking Windows 10 client antivirus products were tested on three primary criteria: protection, performance and usability

"The AV-TEST Institute recently tested the most popular Windows 10 client antivirus products on three primary criteria: protection, performance, and usability. Four of the 15 products tested earned a perfect rating of 6 for each of those criteria:

  • Kaspersky Small Office Security
  • Kaspersky Endpoint Security
  • Symantec Endpoint Protection
  • Symantec Endpoint Protection Cloud

The top 13 antivirus offerings shown here in alphabetical order scored at least 17 points out of a possible 18..."

Threat Intelligence Offers Promise, But Limitations Remain
SearchSecurity, February 3rd, 2020

Do you know how to use threat intelligence feeds to best effect in your company? Learn what this valuable yet often confusing resource can and can't do for cybersecurity

"In August, coordinated ransomware attacks hit municipalities and local government agencies hard in Texas. For example, the town of Borger, Texas, lost access to its vital statistics and utility-payment systems. Another town, Kaufman, couldn't use phones, access its systems or accept payments from its residents.

While better security could have helped each individual town detect an attack and, perhaps, avoid an infection, protecting the more than 1,200 towns and cities in Texas requires the ability to turn attacks seen by one municipality into threat intelligence that can protect every other town as well. The attackers' infiltration of systems in town offices, police departments and other organizations could have been detected, said Daniel Basile, CISO for the Rellis Campus of the Texas A&M University System, if information on the exploitation techniques and the indicators of compromise (IOC) had been collected from initial victims and shared..."

IT - Social Media
How To Set Social Media Goals In 2020
Business 2 Community, February 4th, 2020

Create the Most Effective Social Media Marketing Plan

"There's a vast sea of social media information out there. Experts are everywhere and there are just so many opinions on best practices and tactics.

Not only that, but the platforms themselves are constantly changing, whether it's adding new features, increasing character limits or otherwise changing the rules.

That's why I've created this guide to help you understand how to set social media goals for 2020. This article is especially good for you if you've never taken stock of your marketing campaigns or created objectives..."

How To Combat The Top 5 Enterprise Social Media Risks
SearchSecurity, February 6th, 2020

Learn how social networking sites compound the insider threat risk, and explore how to mitigate the threat with policy, training and technology

"Security professionals have experienced a sharp uptick in the complexity and quantity of challenges in the modern threat landscape. From IoT to BYOD, there are numerous technologies and threats today that did not exist prior to the early 2000s.

Social media is one area where security teams have faced a steep learning curve. Beyond being used by employees connected to corporate networks, platforms such as LinkedIn, Facebook and Twitter have been harnessed by enterprises as toolkits to conduct brand awareness, customer service, advertising and recruitment processes. However, each user on every platform presents a social media risk for security pros to contend with -- and the risks are plenty..."

IT - Database
43% Of Cloud Databases Are Currently Unencrypted
HelpNet Security, February 7th, 2020

Palo Alto Networks released research showing how vulnerabilities in the development of cloud infrastructure are creating significant security risks

"The Unit 42 Cloud Threat Report: Spring 2020 investigates why cloud misconfigurations happen so frequently. It finds that as organizations move to automate more of their cloud infrastructure build processes, they are adopting and creating new infrastructure as code (IaC) templates. Without the help of the right security tools and processes, these infrastructure building blocks are being crafted with rampant vulnerabilities..."

How To Carefully Plan A Database Migration To The Cloud
Search Cloud Applications, February 6th, 2020

Plenty of organizations decide to migrate databases to the cloud. Is it the right move? Consider application type, provider lock-in and the appeal of cloud-specific features.

"Enterprises continue to march their applications and workloads into the cloud, but, for many, a database migration to the cloud feels like a bridge too far.

Gartner predicts 75% of databases will run on cloud database platforms by 2023. Most of this growth in database migration to the cloud will come from apps used by small to medium-sized businesses, which tend to be more nimble than large organizations. Enterprise adoption, however, will be a bit slower, particularly for transaction-processing apps with numerous integrations to other enterprise apps, said Gartner analyst Donald Feinberg..."

IT - Server
AI Is Boosting Server Sales
EnterpriseAI, February 3rd, 2020

Emerging AI workloads are propelling the booming Chinese server market

"The chief benefactor has been China's server leader, Inspur (SHA: 600756). According to datacenter market survey, demand for server co-processors has helped Inspur expand its China market dominance over Huawei, Dell EMC and Lenovo (OTCMKTS: LNVGY). IHS Markit reported that Inspur is riding a wave of demand for AI-ready servers, capturing 39 percent of the Chinese market during the third quarter of 2019. Huawei was a distant second with 14 percent of Chinese server revenues..."

15 Notable Open Source Apps
Datamation, February 4th, 2020

These notable open source apps prove how useful open source can be, from creating your own racecourse to contributing to science

"Open source software is always in flux, and new projects are being born every day. Open Source principles are spreading beyond software to not only include code, but in some cases, code that is being used to write an open source book or to do open source science where anyone is welcome to participate. And, cross-platform or platform-independent apps that work on any operating system are becoming much more common than those designed for a particular OS. We like to shine a spotlight on those that seem particularly noteworthy, but there are plenty more that didn't get included. If you know of one, please make a note in the comments section below..."

IT - DevOps
DevOps Vs Agile: What's The Difference?, February 4th, 2020

The difference between the two is what happens after development

"Early on, software development didn't really fit under a particular management umbrella. Then along came waterfall, which spoke to the idea that software development could be defined by the length of time an application took to create or build.

Back then, it often took long periods of time to create, test, and deploy software because there were no checks and balances during the development process. The results were poor software quality with defects and bugs and unmet timelines. The focus was on long, drawn-out plans for software projects..."

IT - Cloud
Is It Time To Consider A Cloud Exit Strategy?
SearchCloudComputing, February 4th, 2020

Cloud repatriation -- or a cloud exit, as it is sometimes called -- is probably not a good choice in most situations. Sometimes, however, it's exactly the right thing to do

"The move to cloud computing continues its steady growth, but sometimes an organization decides to retreat from the cloud or to move certain workloads back on premises. While not a widespread phenomenon, a cloud exit is a way for businesses to regain control over spending and better manage workloads they believe are struggling in a public cloud environment..."

Google Cloud Hits A $10B Annual Revenue Run Rate
ZDNet, February 4th, 2020

With its mixed fourth quarter financial results, Google's parent company Alphabet began disclosing revenue on a more granular basis, including for Google Cloud

"Google Cloud has hit a $10 billion annual revenue run rate, Google said Monday as its parent company Alphabet reported fourth quarter fiscal 2019 results. The growth in Cloud, up 53 percent year-over-year, was driven by significant growth in the Google Cloud Platform (GCP).

"The growth rate of GCP was meaningfully higher than that of Cloud overall, and GCP's growth rate acclerated from 2018 to 2019," Sundar Pichai, CEO of Alphabet and Google, said on Monday's conference call..."

7 Cloud Cost Management Tips
CIO, February 4th, 2020

As cloud budgets rocket skyward, a growing number of enterprises are looking for ways to cap costs. Check out these tips designed to bring cloud expenditures back to earth

"Many enterprises that once looked to the cloud as a way to curb data center expenditures are now beginning to wonder why they're not saving as much money as they expected.

"There are no guarantees that cloud computing in any form will save you money," observes David Linthicum, chief cloud strategy officer at professional services firm Deloitte. Bringing cloud cost goals back on track is relatively simple, however. "It's a matter of advanced planning and setting realistic expectations," he notes..."

4 Strategies For Simplifying Your Cloud Bill
Data Center Knowledge, February 4th, 2020

Making sense of your cloud bill will help you manage cloud costs more effectively

"Cloud computing can be costly. And while there are a variety of techniques available for optimizing cloud spend, any company with a sizeable cloud footprint should also be working to make their cloud bill easier to understand. If you struggle to figure out what you actually paid for when reviewing a cloud bill, it's hard to know where resources are being wasted or how you can make your cloud more cost-effective..."

The Hybrid Cloud Challenge CIOs Need To Address
Search Cloud Applications, February 6th, 2020

Your IT team needs a standardized approach to application development to truly benefit from a hybrid cloud. Containers and Kubernetes may be the key to making that happen

"CIOs are confronted with a real challenge when they seek to deploy hybrid clouds. They need to create an application model that addresses their data center, security and compliance rules but also takes full advantage of the elasticity of the public cloud.

The biggest benefit of cloud computing is agility -- the ability to replace broken components or scale overloaded ones. But CIOs are finding that cloud front ends are less resilient than expected when incorporated into hybrid cloud architectures. That's because the back-end data center portions of these applications can't respond to problems with the same agility. In fact, scalable cloud front ends can overload on-premises, legacy applications and negate the public cloud benefits..."

IT - Wireless
It's 2020. Is Using Public Wi-Fi Still Dangerous?
How-To Geek, February 4th, 2020

You've probably heard that public Wi-Fi is dangerous. Advice about avoiding it is almost as widespread as public Wi-Fi itself

"Some of this advice is outdated, and public Wi-Fi is safer than it used to be. But there are still risks.

Is Public Wi-Fi Safe or Not?

This is a complicated topic. It's true that browsing on public Wi-Fi is much safer and more private than it used to be thanks to the widespread embrace of HTTPS on the web. Other people on the public Wi-Fi network can't just snoop on everything you're doing. Man-in-the-middle attacks aren't as trivially easy as they used to be..."

Achieve Multi-Cloud Data Protection With Archiving, Backup And DR
SearchDataBackup, February 7th, 2020

How can multi-cloud users effectively use DR, backup and archiving together? Although multiple clouds complicate infrastructure, they also offer benefits for data protection

"To improve business continuity and better control costs, in 2020, enterprises will pressure their IT professionals to start breaking down the silos between on- and off-premises infrastructure, and between public cloud providers' discrete environments. Doing so requires transitioning to multi-cloud data protection practices that join on-premises private cloud and traditional IT infrastructures with multiple public cloud services.

Although enterprises are still in the early days of transitioning their infrastructures and operating models to multi-cloud, data protection technologies will play a pivotal role in providing foundational data management capabilities. Evaluator Group surveyed more than 200 IT professionals about how they address their multi-cloud data management needs and found archive and long-term retention as well as backup storage systems and cloud services to be the most popular building blocks -- both noted by 54% of respondents. This study, "Trends in Multi-Cloud Data Management," also found backup software and disaster recovery technologies and products to be the second- and third-most popular, noted by 48% and 46%, respectively..."

IT - Networks
SD-WAN Requirements For A Multi-Cloud World
SearchNetworking, February 5th, 2020

With the emergence of a multi-cloud world, SD-WAN vendors must upgrade their platforms to ensure secure and reliable SD-WAN connectivity to cloud services.

"For many IT organizations, software-defined WAN has become the primary on-ramp for branch and edge communications to cloud environments. These organizations have also begun to adopt multi-cloud architectures, where applications run on the best platform, regardless of location.

In response, SD-WAN providers aim to rapidly innovate their platforms to enable secure, reliable and high-quality SD-WAN connectivity to leading IaaS cloud platforms. As IaaS cloud providers extend their networks toward the edge -- and their customers -- SD-WAN requirements call for providers to use new means of traffic acceleration to and from cloud environments. New integration opportunities for SD-WAN providers include Microsoft Azure Virtual WAN and AWS Transit Gateway..."

Top SD-WAN Benefits And The Case For Deployment
SearchNetworking, February 6th, 2020

Make the case for an SD-WAN implementation, and explore the benefits and main use cases for SD-WAN in enterprises, beyond traditional hybrid WANs

"For organizations considering software-defined WAN adoption, SD-WAN can offer internet connectivity advantages, like reduced cost and increased bandwidth, by alleviating concerns about internet reliability and security. Organizations with distributed workforces in remote and branch offices should consider SD-WAN adoption to implement hybrid WAN -- by combining MPLS and internet -- or internet-only connectivity..."

IT - IoT
A Two-Pronged Strategy For IoT Security Awareness
GCN, February 7th, 2020

The full-blown internet of things may seem far in the future, but IT decision-makers need to address it now

''Smart home' applications are becoming commonplace in the consumer world, and IoT adoption is growing quickly in the enterprise. Given that IoT is all about collecting and sharing data from a broad range of endpoints, this trend will have an impact on the security of government agencies.

As internet-enabled sensors become embedded in a wide range of workplace hardware -- devices, endpoints and more -- we will soon enter the era of the 'smart enterprise.' Unfortunately, agencies' aging IT infrastructure is simply not natively equipped for what's coming..."

Top Security Challenges That Will Impact The Internet Of Things
Information Management, February 6th, 2020

Over the past two years, the Internet of Things has seen a dramatic rise across the board

"IoT devices have become increasingly ubiquitous in both the home and in businesses, with early adopters now giving way to the majority.

Although it is important to remember that the IoT network is wider than the devices it supports, smart devices give us a good bellwether of the rise of IoT. Smart speaker ownership grew by 78% in 2018, with 1 in 4 Americans now owning one..."

Understand IoT Data Management Essentials
IoT Agenda, February 6th, 2020

The flood of data from IoT devices requires careful planning of infrastructure and data management, and current processes might not be up to the task.

"IoT data management has changed the way organizations must design their infrastructure to gain the most advantages from IoT technology. The changes caused by IoT and demand for real-time analysis may not be intuitive for IT pros when, historically, they secured data in a centralized, on-premises data center.

Jason Carolan, chief innovation officer of Denver-based data center and colocation company Flexential Corp., discussed the best practices for creating secure infrastructure for IoT data management. The organization augments its data centers with network connectivity to reduce latency, provides cloud services and offers security and compliance consulting..."

IT - Careers
She Got Mugged In A Stress Interview
Ask The Headhunter, February 3rd, 2020

In the February 4, 2020 Ask The Headhunter Newsletter we consider the meaning of a stress interview


"My daughter just went through what's called a 'stress interview.' She said she held it together, but came home and burst into tears. She didn't know this was a thing. She's had three such interviews in a row that left her feeling worthless in some unknown way. WHY is this a thing? It's just mean. Why would anyone want to work with such awful people?..."

6 Hiring Trends That Are Changing How IT Talent Is Found
CIO, February 3rd, 2020

Struggling to fill roles? Here's how improved employee experience, internal recruiting, and sophisticated use of AI are giving some companies an IT hiring edge

"A tight market for IT talent is leading to a shift in how tech pros are discovered, hired and then engaged once on board. While some of the advances are technology-driven, others emphasize the culture your organization cultivates to attract and retain top talent.

A new report from LinkedIn warns that only half of employees think the on-the-job experience is positive, reducing productivity and harming retention. 'If they're not on their way out,' the report cautions, 'they're likely performing well below their capabilities'...."

Zoom's CIO Sees A Rise In The Decentralized Workforce
CoinDesk, February 6th, 2020

Talent isn't evenly distributed. The only way to hire is to hire remotely

"Zoom might not be a decentralized app but as the go-to video conferencing tool for crypto project communications, it is seen by many as an important enabler of the industry's various decentralized communities. Harry Moseley, a technologist with an eclectic career who is now Zoom's chief information officer, sat down with CoinDesk's Michael Casey to talk about the product and the future of the decentralized workplace..."

IT Careers: 10 Job Skills In High Demand This Year
InformationWeek, February 3rd, 2020

If you're looking to add skills to your resume, experience with these technologies might help you land a new job or promotion

"At many organizations, the start of the new year coincides with the annual review process. As a result, this is a popular time to take stock of your career and set some goals for the next 12 months. And that in turn, means that a whole lot of tech workers are wondering which skills are the most marketable right now and which are trending upwards.

To answer that question, researchers from online job board published a series of four reports that took an in-depth look at their job posting data. They examined which skills appeared in the most job postings and which skills have increased in popularity the most over the past year and the past five years. They also noted some key trends, as well as which skills are the most important for some of the most in-demand job titles..."

6 Hot Network Specializations To Pursue
Network Computing, February 4th, 2020

It''s important to remember that the new skills learned in a specialization must be built on top of a solid foundation of networking basics

Being a network administrator in 2020 often requires skills far and beyond what is often considered "core competencies." These disciplines commonly focus on routing, switching, WiFi, remote access, and basic network device hardening. But for those that have mastered the essentials, many are left wondering what areas they should specialize in that will not only be interesting - but will also be skills that are highly sought after. Let's look at six hot areas of enterprise networking that aspiring professionals may want to consider pursuing.

IT - Compliance
California's New Privacy Law Is Off To A Rocky Start
TechCrunch, February 8th, 2020

Privacy startups are trying to help. One got it wrong

"California's new privacy law was years in the making.

The law, California's Consumer Privacy Act - or CCPA - became law on January 1, allowing state residents to reclaim their right to access and control their personal data. Inspired by Europe's GDPR, the CCPA is the largest statewide privacy law change in a generation. The new law lets users request a copy of the data that tech companies have on them, delete the data when they no longer want a company to have it, and demand that their data isn't sold to third parties. All of this is much to the chagrin of the tech giants, some of which had spent millions to comply with the law and have many more millions set aside to deal with the anticipated influx of consumer data access requests.

But to say things are going well is a stretch..."

Guess What? GDPR Enforcement Is On Fire!
ZDNet, February 3rd, 2020

Data protection authorities (DPAs) are rapidly increasing their GDPR enforcement activities and here are some trends coming to surface

"You read that right: GDPR enforcement is on fire! While fines are not always particularly high, our analysis shows that, in terms of volume, data protection authorities (DPAs) are rapidly increasing their GDPR enforcement activities. Some interesting trends are also emerging:

  • DPAs have levied 190 fines and penalties to date. With 43 enforcement decisions made so far, Spain leads the pack as Europe's most active regulator, followed by Romania (21) and Germany (18). The UK has imposed the highest total amount of fines -- more than 315 million Euros -- if both British Airways' and Marriott's fines are upheld after appeal. Following are France's Commission Nationale de l'Informatique et des Libertes, with just over 51 million Euros in fines, and Germany's DPA, at nearly 25 million Euros..."

IT - Backup
Cloud Tiering And Object Storage For Backup
Storage Newsletter, February 7th, 2020

There are 2 kinds of organizations: those that use the cloud for backup, and those that are going to use the cloud for backup.

"And why not enjoy the advantages of the cloud for backup restore, DR and long-term retention? The cloud has become ubiquitous and its accessibility and cost structure are flexible. Cloud tiering has become popular as companies turn to object storage for the growing amount of data that may never change or may be accessed only infrequently.

But organizations don't reap those advantages simply by pushing their data into Amazon S3 or Azure block blobs. They get the most out of cloud storage when they consider and implement architectural changes to fully support its advantages. Careful consideration around technology and deployment will keep them from making costly mistakes, like sending duplicate data to the cloud and storing low-priority data in expensive tiers..."

IT - Big Data
Three Red Flags Your Organization Has Data Black Holes
TechRepublic, February 7th, 2020

It's easy for data to disappear. Here are some warning signs of, and solutions to, poor data organization

"The amount of data in the world keeps growing, making it increasingly easy for important information to slip through the cracks.

Tolga Tarhan, CTO at the cloud provider Onica, said those "data black holes" are only becoming more of a problem as time goes on..."

IT - Java
Top Java Technologies In 2020 - JVM Programming Languages, IDEs, Tools & More
Jaxenter, February 6th, 2020

We compared two current survey reports to find out about this year's top three Java IDEs, frameworks, build tools and the most popular JVM languages

"And, of course, the surveys conducted by Snyk and JRebel didn't miss out on asking about the most used Java versions. The winner was no surprise, but what reasons speak against migrating?

The security company Snyk has just released its annual JVM Ecosystem Report 2020. We seized the opportunity and compared the survey results to the 2020 Java Developer Productivity Report, published by Java tooling company JRebel in mid-January.

Let's see what IDEs and JVM programming languages are most popular, and whether companies are choosing to upgrade the Java version they use in production..."