Posts Tagged ‘security’

Interview: Gigamon President & CEO on Winning the Cybersecurity Cat-and-Mouse Game

Monday, May 9th, 2022

One week into being promoted to the top job of President and CEO of Gigamon, Shane Buckley sat down with to share his strategy for Gigamon and how Deep Observability can help enterprises turn the table on sophisticated hackers in the cat-and-mouse game that is Cybersecurity.

Shane Buckley, President and CEO of Gigamon.

Shane Buckley, President and CEO of Gigamon.

Cloud adoption has come into its own in recent years, with the COVID-19 pandemic spurring more digital transformation around the world in two years than the preceding 10 years.

“Here in Asia, the growth of hybrid cloud is phenomenal. 73% of organisations in Asia Pacific that were surveyed will deploy hybrid cloud – more than just a multi public cloud solution – because they want to leverage the existing infrastructure and data centres they have; and to enjoy the flexibility, scale, automation, orchestration, that you get from any of these different cloud based technologies, such as Nutanix, VMware and others,” Buckley said.

This growth and move to the cloud is the driver behind the increased challenges of cybersecurity in this era – because of the complexities of operating on hybrid multi cloud IT infrastructure, and the increased sophistication of hackers.

Buckley shares that “one of the biggest lessons from 2021 is that the nature of the threat is continuing to get more sophisticated, with nation state actors, as well as nefarious groups that have become extremely adept at hacking into some of the world’s supposedly most secure networks and infrastructures”.

Enterprises need all the help they can get securing their IT infrastructure and fending off attacks arising from the increased exposure of the cloud environment.

Buckley observes that this battle is like a “cat-and-mouse” game in which – unfortunately – the mouse is winning. His role at Gigamon is to make sure the nefarious actors don’t win, by teaching and equipping companies and organisations with the ability to better provide security for their infrastructure.

“Gigamon is the leader in visibility and analytics for organisations worldwide, we help secure some of the most secure, most complex, most challenging networks on the planet. Our ability to see, control and secure workloads, no matter where they sit in the hybrid, multi cloud is what we’ve delivered through the Gigamon labs,” says Shane Buckley, President and CEO, Gigamon.

Research has shown that in 2021, 68% of all US organisations were hacked, which was up from over 50% in 2020. Many of those cases – some 25-30 percent – are ransomware attacks where organisations have to pay literally billions of dollars to these actors to release data that had been illegally encrypted and beyond use for those organisations.

“In that environment, where the nature of the threat is getting more sophisticated, we companies who actually provide protection for customers, we’ve got to move faster, because the level of sophistication of these people is becoming exponentially higher. We have to make sure that we can respond,” said Buckley.

“We’re in a unique position to provide those customers with the foundational visibility analytics they need to enhance their security posture and ensure they can minimise risk, maximise compliance, and try as much as we can to get the bad actors out,” Buckley added.

More details from the interview below.


Appointment: Shane Buckley as Gigamon CEO and President

Monday, April 18th, 2022

Gigamon has appointed Shane Buckley as the President and Chief Executive Officer, effective Monday, 18 April 2022. After 10 years, Paul Hooper is stepping down from the CEO role but will remain an active member of the Gigamon Board of Directors.

Shane Buckley, President and CEO, Gigamon.

Shane Buckley, President and CEO, Gigamon.

As a leading deep observability company, Gigamon provides the tools and expertise required in today’s evolving threat landscape to help optimise and secure over 80 percent of Fortune 100 enterprises and 9 of the 10 largest mobile network providers.

“Enterprises are quickly shifting toward hybrid and multi-cloud deployments to accelerate digital transformation initiatives but, unfortunately, they must contend with an ever-more dangerous threat landscape. I look forward to entering this new phase of growth focused on addressing the evolving requirements of our customers by investing in the deep observability solutions required to achieve the full agility of a resilient digital infrastructure without risk,” said Paul Buckley, incoming President & CEO, Gigamon.

The company also serves hundreds of government agencies and educational organizations, as well as over 4,000 marquee enterprise customers worldwide including Lockheed Martin, AWS, Clemson University, Johns Hopkins Medical Institution, Under Armour and the Department of Defense.

Under the leadership of outgoing CEO, Paul Hooper, Gigamon became a trusted market leader in network visibility and security solutions.

A New Frontier: Deep Observability

Buckley will lead the next evolution of Gigamon as the company invests in and seeks to lead the emerging deep observability market.

Gigamon offers a deep observability pipeline that harnesses actionable network-level intelligence to amplify the power of cloud, security, and observability tools.


Study: 76% of Organisations Suffered Downtime & Data Loss in 2021

Thursday, March 31st, 2022

The losses were due to system crashes, human error and cyberattacks. The Acronis Cyber Protection Week Global Report 2022 highlights growing threats and need for integrated cyber protection solutions.

The annual Cyber Protection Week Global Report 2022 surveyed more than 6,200 IT users and IT managers from small businesses to enterprises across 22 countries.

The annual Cyber Protection Week Global Report 2022 surveyed more than 6,200 IT users and IT managers from small businesses to enterprises across 22 countries.

Acronis has released its annual Cyber Protection Week Global Report 2022 timed to this year’s World Backup Day.

“As the entire world is increasingly at risk from different types of attacks, accelerating to universal all-in-one solutions is the only way to achieve truly complete cyber protection. And that’s precisely the problem Acronis has set out to solve. Attackers don’t discriminate when it comes to means or targets, so strong and reliable security is no longer an option, it’s a necessity,” says Candid Wuest, Acronis V.P. of Cyber Protection Research.

The report exposes some of the most critical shortcomings appearing in cyber protection practices today and examines why they’re appearing, offering guidance on how they can be fixed.

One of the key findings last year was that 80% of organizations ran as many as 10 solutions simultaneously for data protection and cybersecurity — yet more than half of them suffered downtime because of data loss.

So more solutions do not necessarily translate into more protection.

This year, the trend seems to be getting worse.

While 78% of organizations globally run as many as 10 different solutions, 76% of organizations experienced downtime due to data loss — a 25% increase from 2021.


Tech Focus: Spot Your Security Vulnerability Before Hackers Do

Friday, March 18th, 2022

Every network has a security vulnerability – where is yours? In this guest commentary, Keith Bromley from Keysight Technologies shares a three-point plan on how to find your security vulnerability before hackers beat you to it.

Keith Bromley from Keysight Technologies shares his 3-step plan to help you discover your network security vulnerability before hackers do it for you.

Keith Bromley from Keysight Technologies shares his 3-step plan to help you discover your network security vulnerability before hackers do it for you.

One of the top questions on the minds of network security personnel is “how do I reduce my security risk?”

Even for smaller organisations this is important because every network has a weakness. But, do you know where you are the most vulnerable? Wouldn’t you like to fix the problem now, before a hacker exploits it?

Here is a three-point plan that works to expose intrusions and decrease network security risk.

Network security – It all starts with prevention

Inline security solutions are a high impact technique that businesses can deploy to address security threats. These solutions can eliminate 90% or more of incoming security threats before they even enter your network.


Cyberattacks on Retailers and Shoppers to Rise in November

Thursday, November 4th, 2021

Cyberattacks on online retailers and shoppers are projected to rise in November in conjunction with Singles’ Day, Black Friday and Cyber Monday. Here are some protective measures that shoppers and retailers can practise.

According to the Imperva’s “The State of Security Within eCommerce 2021” report, threats are escalating for the retail industry.

According to the Imperva’s “The State of Security Within eCommerce 2021” report, threats are escalating for the retail industry.

Imperva has released a new eCommerce report and issued advice around safe retailing in conjunction with the world’s biggest online shopping event on Nov 11 − Singles’ Day.

“The 2021 holiday shopping season is shaping up to be a nightmare for both retailers and consumers. With the global supply chain conditions worsening, retailers will not only struggle to get products to sell in Q4, but will face increased attacks from motivated cybercriminals who want to benefit from the chaos. Retailers and consumers alike need to take the necessary steps to protect themselves,” says Peter Klimek, Director of Technology, Office of the CTO, Imperva.

The company helps organisations protect their data and all paths to it – securing their applications, data and websites from cyber attacks.

Last year, Chinese e-commerce giants Alibaba and racked up around US$115 billion in sales across their platforms during the Singles Day shopping event, setting a new record.

Singles’ Day online sales in China usually surpass the US Cyber Monday sales, Black Friday or any other 24-hour shopping campaign by a wide margin making it the biggest shopping holiday in the world.

Scams typically rise in tandem with the number of online shoppers, and Imperva’s 12-month analysis on cybersecurity risks in the retail industry suggests that the 2021 holiday shopping season will be no different.

In fact, in Imperva’s “The State of Security Within eCommerce 2021” report, the number of victims this year is projected to surpass that of last year’s.

More details below from the report


New Arrival: Yubico Introduces Security Key C NFC

Wednesday, October 27th, 2021

The YubicoSecurity Key C NFC” (US$29) is the latest keey to join the Security Key Series.

The new Security Key C NFC key from Yubico.

The new Security Key C NFC key from Yubico.

The blue Security Key C NFC offers FIDO-only support in a USB-C form factor with NFC capabilities.

It provides enhanced, modern security for applications, services, and user accounts for both desktop and mobile authentication.


SexTech: Characteristics of Smart Sex Toys (ESET White Paper)

Monday, March 15th, 2021

Did you know that sex toys could be connected to the Internet, to a smartphone or to another sex toy? Along with the technology that makes sex toys smart, vulnerabilities are introduced that could endanger the user’s data, privacy and even safety!

Architecture of a smart sex toy.

Architecture of a smart sex toy.

With the emergence of the IoT, many manufacturers have entered the sexual pleasure market by integrating the ability to control devices through mobile apps as well as adding web-based interconnectivity.

There are currently numerous different apps available, each of which offers the ability to control a wide range of models.

In terms of their architecture, most of these devices can be controlled via Bluetooth Low Energy (BLE) from an app installed on a smartphone.

The main advantages of this protocol are that it has very low power requirements, communications are within an acceptable range, there is interoperability among chipset manufacturers, and it all comes in a very compact size.

As a result, a lot of smart devices for the home, health, car, and even sex toy fields, use BLE between the device and the app that controls it.

Like Bluetooth, BLE operates on the 2.4 GHz ISM band.

However, unlike standard Bluetooth, BLE stays in sleep mode all the time, except when a connection is initiated.

Also, the actual connection times themselves are just a few milliseconds, unlike Bluetooth, which takes more than 100 milliseconds.


SexTech: The Evolution of Sex Toys (ESET White Paper)

Sunday, March 14th, 2021

ESET has published a White Paper on their study on the potential security and safety flaws of connected sex toys. The title of the report is “Sex in the Digital Era – How secure are smart sex toys?” and here is an excerpt on the evolution of sex toys.

“Sex in the Digital Era - How secure are smart sex toys?” is an ESET Research White Paper published by Denise Giusto and Cecilia Pastorino.

“Sex in the Digital Era – How secure are smart sex toys?” is an ESET Research White Paper published by Denise Giusto and Cecilia Pastorino.

As IoT (Internet of Things) devices continue to seep into our homes and offer an increasingly wide range of features, new concerns are beginning to arise about the security of the data processed by these devices.

Though they have been subject to countless security breaches leading to the exposure of people’s login details, financial information, and geographical location, among others, there are few kinds of data with more potential to harm users, if published, than those relating to their sexual behavior.

With new models of smart toys for adults entering the market all the time, we might imagine that progress is being made in strengthening the mechanisms to ensure good practices in the processing of user information.

However, our research shows that we are a long way from being able to live out our sexuality through digital media without exposing ourselves to the risk of cyberattack.

Today, these findings are more relevant than ever, since we are seeing a rapid rise in sex toy sales as a reflection of the current health situation around the world and the social distancing measures related to COVID-19.

Though many experts have devoted time to identifying and reporting security flaws within this industry, with every passing year these devices incorporate an ever wider range of features: Group chats, multimedia messages, videoconferencing, synchronisation with lists of songs or audio books, and much more.

Each time their code is re-engineered, some vulnerabilities are corrected, new vulnerabilities may be created, and many more remain unchanged in the updated versions.

Read about the evolution of sex toys below.


Study: ESET Research into Security of Smart Sex Toys

Saturday, March 13th, 2021

Vulnerabilities in smart sex toys could leave users at risk of data breaches and attacks, both cyber and physical, according to a new white paper from global cybersecurity experts at ESET.

The We-Vibe Jive (left) and Lovense Max (right) analysed in the study.

The We-Vibe Jive (left) and Lovense Max (right) analysed in the study.

The “Sex in the Digital Era – How secure are smart sex toys?” report explores the potential security and safety flaws of connected sex toys and includes an in-depth analysis of two popular devices.

Amidst ongoing social restrictions due to the pandemic, sales of sex toys has risen rapidly, and associated cybersecurity concerns mustn’t be overlooked.

As newer, technologically advanced models of sex toys enter the marketplace, incorporating mobile apps, messaging, video chat, and web-based interconnectivity, devices become more appealing and exploitable to cybercriminals.

The consequences of data breaches in this sphere can be particularly disastrous when the information leaked concerns sexual orientation, sexual behaviors, and intimate photos.