Containers Expo Blog Authors: Pat Romanski, Elizabeth White, Dana Gardner, TJ Randall, Hollis Tibbetts

Related Topics: @CloudExpo, Java IoT, Microservices Expo, Containers Expo Blog, Agile Computing, Cloud Security

@CloudExpo: Article

Deploying Cloud Security for Shifting and Evolving Defenses

Cloud offers agile and flexible defenses that consider situational context and real time management

A few weeks back I was watching my beloved San Diego Chargers lose in a most embarrassing way on Monday night. And in the waning seconds of blaming the quarterback for such ineffectual 2nd half play, it occurred to me, it wasn’t his fault.  It was the coach. It was the lack of planning for the type of attack the Denver Broncos would bring. It was the lack of leadership that should have easily closed the deal. In short, it was sticking to the status quo while everything around was changing.

My second epiphany was that this is a spot-on metaphor for the recent spate of bank hacks being levied by the hacktivist group Izz ad-Din al-Qassam. Not to make light of a serious issue, but the Charger collapse reminded me that the most insidious and effective attacks are not brute force in nature. In fact, most banks (according to compliance mandates) have decent processes to repel these attacks. In this case, the brutish DDoS (denial of service) was a feint to misdirect a smaller DDoS attack launched at the same time…and it was these more subtle attacks that were effective against 8 banks and counting. Continuing the football metaphor, it is like showing the blitz and falling back into tight pass defense resulting in the quarterback throwing an interception.

So the moral of the story is organizations need to evolve their security platforms to provide an agile shifting defense and change with the scenarios.

Now this is not to say the sky is falling, but a reputable IT security report noted a 50% increase in total number of DDoS attacks since Q2 of 2011 and a 10% increase since April. This means it’s time to look at your defensive processes and ensure they transcend compliance code. But moreso, to start anticipating what new threats, compliance requirements and business needs might be coming your way. You can’t be that guy who says “I’ll worry about it when I have to worry about it.” You simply can’t be paralyzed by the status quo. It’s a recipe for throwing 4 interceptions in the second half and squandering a 24 point lead.

We grouse a great deal about the burden of compliance, but they create a wall of protection that would otherwise create greater vulnerabilities. But all the audits, all the bureaucracy…it simply detracts from you being able to do the job you were hired to do. So the question begs, how do we evolve? How can we make security management easier yet stronger. Effective yet efficient. Agile yet layered? Proactive rather than reactive? If these questions are keeping you up at night, then it is time you took a deeper look at security-as-a-service or security managed from the cloud.

If you approach the security issue from the traditional sense of on-premise brick-building, server-stacking, resource-adding development, then yes, there are significantly costs in capital expenditures, human resources, and still not guaranteed that you have the necessary functionality, capability and visibility to anticipate tomorrow’s issues.


By implementing a best-of-breed enterprise you gain a holistic view of what’s happening to your enterprise in real time. And because of the cloud computing advantages, the price point is very affordable (for what you are paying in support and maintenance, you could integrate an entire enterprise solution). You gain capability, you lessen expenses and, if your vendor also practices security as a service, your automated efficiencies come with 7/24/365 review of your logs by a live expert analyst.

But let’s put a real face on potential changes. Take FFIEC standards; very soon they will be more than guidelines. It's highly likely they will become compliance mandates. And they force you to address possible vulnerability gaps in your enterprise. Will you be prepared to meet the shifts in emphasis?

  • Layered security:

Most compliance-beholden organizations must recognize that security is not just about implementing virus scan and configuring firewalls. Ways and devices people reach your networks are changing quickly. Beyond log management protocols, you might need to add a SIEM or access management components. But the interpretation of layered security is choosing what is monitored and not relying on just a firewall to beat back possible intrusions, worms, phishing expeditions and user carelessness. You need multiple means, protocols and processes managed centrally.

  • Real-time, intelligence based assessment

There’s a saying in security circles: If you’ve noticed it, it’s already too late. The goal is to prevent, alert and remediate. And the only way to do this is through round the clock vigilance. Anything less than 24/7/365 monitoring opens the risk door too wide. It’s a cliché, but we are all acutely aware that hackers don’t sleep. But part of the question is not that monitoring is active, but how is it monitored? What data is collected? If you automate too much, you lose the human expertise; the context and the ability to respond effectively. Cloud-based security can cover a large enterprise or modest SMB with the same watchfulness while integrating the human intelligence assessment. Additionally, it provides additional resources, wider intelligence and greater coverage you don't have to fund.

  • Rapid adaptation against evolving threats

By applying a solution that uses real-time forensics including advanced correlations to examine for specific patterns, you create real time operational visibility. By recognizing traffic patterns correlated with a variety of other rules and processes you not only remove the false positive alerts, but can predict where your perimeter is soft and takes the necessary steps to shore them up.

  • Protect against ID and personal theft

Passwords are not enough. Time and again this has proven to be the weakest link. However, by instituting a solution that includes multi-credentialing, identity management, provisioning and the like, you can secure access to the most sensitive information. And if you make is easy for the user and minimize the impact of their usage experience, you take another step in maintaining the necessary trust while still ensuring people only see what they are supposed to see.

And all this can be deployed and managed from the cloud. The technology and security of these features has already matured to meet the concept.

These FFIEC guidelines seem very vague, but their meaning is clear: today’s operation needs to change. Not to keep up with the bureaucracy, but to improve the scalability, flexibility and control of an often volatile and fluid IT threatscape. However, don’t mistake this as a suggestion for mega-suite replacement. This should be part of any go-forward initiative that builds on or what is already in place. The cloud provides that agility to maintain an enterprise-powered security solution, yet adapt to the changing needs faster and more completely than most organizations can do on their own.

With that said, the best defense against an aggressive opponent is knowing what play is being called. Your holistic view gives you the ability to predict when the blitzes are coming, from what side, and most important, provide the flexibility to call an audible. One thing is for certain, you just can't stand still anymore; you can't rely on the status quo I just wish the Chargers saw that on Monday.

As an additional note, I participated in the development of a white paper for Fairway Technologies called , Get Your Head Into The Clouds! Industry Experts Answer Today’s Cloud Computing Questions ! Fairway’s collaborative new report not only examines the cloud computing issues that are dominating the industry, but also identifies key challenges behind cloud adoption and implementation, and presents best practices for organizations to develop and implement a sound cloud strategy. Guidance on cloud service brokers, open source cloud, data destruction, cloud bursting, and other topical issues are also discussed.

More Stories By Kevin Nikkhoo

With more than 32 years of experience in information technology, and an extensive and successful entrepreneurial background, Kevin Nikkhoo is the CEO of the dynamic security-as-a-service startup Cloud Access. CloudAccess is at the forefront of the latest evolution of IT asset protection--the cloud.

Kevin holds a Bachelor of Science in Computer Engineering from McGill University, Master of Computer Engineering at California State University, Los Angeles, and an MBA from the University of Southern California with emphasis in entrepreneurial studies.

@ThingsExpo Stories
In the next forty months – just over three years – businesses will undergo extraordinary changes. The exponential growth of digitization and machine learning will see a step function change in how businesses create value, satisfy customers, and outperform their competition. In the next forty months companies will take the actions that will see them get to the next level of the game called Capitalism. Or they won’t – game over. The winners of today and tomorrow think differently, follow different...
“Media Sponsor” of SYS-CON's 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. CloudBerry Backup is a leading cross-platform cloud backup and disaster recovery solution integrated with major public cloud services, such as Amazon Web Services, Microsoft Azure and Google Cloud Platform.
According to Forrester Research, every business will become either a digital predator or digital prey by 2020. To avoid demise, organizations must rapidly create new sources of value in their end-to-end customer experiences. True digital predators also must break down information and process silos and extend digital transformation initiatives to empower employees with the digital resources needed to win, serve, and retain customers.
SYS-CON Events announced today that SoftNet Solutions will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. SoftNet Solutions specializes in Enterprise Solutions for Hadoop and Big Data. It offers customers the most open, robust, and value-conscious portfolio of solutions, services, and tools for the shortest route to success with Big Data. The unique differentiator is the ability to architect and ...
You think you know what’s in your data. But do you? Most organizations are now aware of the business intelligence represented by their data. Data science stands to take this to a level you never thought of – literally. The techniques of data science, when used with the capabilities of Big Data technologies, can make connections you had not yet imagined, helping you discover new insights and ask new questions of your data. In his session at @ThingsExpo, Sarbjit Sarkaria, data science team lead ...
A completely new computing platform is on the horizon. They’re called Microservers by some, ARM Servers by others, and sometimes even ARM-based Servers. No matter what you call them, Microservers will have a huge impact on the data center and on server computing in general. Although few people are familiar with Microservers today, their impact will be felt very soon. This is a new category of computing platform that is available today and is predicted to have triple-digit growth rates for some ...
In past @ThingsExpo presentations, Joseph di Paolantonio has explored how various Internet of Things (IoT) and data management and analytics (DMA) solution spaces will come together as sensor analytics ecosystems. This year, in his session at @ThingsExpo, Joseph di Paolantonio from DataArchon, will be adding the numerous Transportation areas, from autonomous vehicles to “Uber for containers.” While IoT data in any one area of Transportation will have a huge impact in that area, combining sensor...
SYS-CON Events announced today that Transparent Cloud Computing (T-Cloud) Consortium will exhibit at the 19th International Cloud Expo®, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. The Transparent Cloud Computing Consortium (T-Cloud Consortium) will conduct research activities into changes in the computing model as a result of collaboration between "device" and "cloud" and the creation of new value and markets through organic data proces...
SYS-CON Events announced today that Niagara Networks will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Niagara Networks offers the highest port-density systems, and the most complete Next-Generation Network Visibility systems including Network Packet Brokers, Bypass Switches, and Network TAPs.
In today's uber-connected, consumer-centric, cloud-enabled, insights-driven, multi-device, global world, the focus of solutions has shifted from the product that is sold to the person who is buying the product or service. Enterprises have rebranded their business around the consumers of their products. The buyer is the person and the focus is not on the offering. The person is connected through multiple devices, wearables, at home, on the road, and in multiple locations, sometimes simultaneously...
Everyone knows that truly innovative companies learn as they go along, pushing boundaries in response to market changes and demands. What's more of a mystery is how to balance innovation on a fresh platform built from scratch with the legacy tech stack, product suite and customers that continue to serve as the business' foundation. In his General Session at 19th Cloud Expo, Michael Chambliss, Head of Engineering at ReadyTalk, will discuss why and how ReadyTalk diverted from healthy revenue an...
SYS-CON Media announced today that @WebRTCSummit Blog, the largest WebRTC resource in the world, has been launched. @WebRTCSummit Blog offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. @WebRTCSummit Blog can be bookmarked ▸ Here @WebRTCSummit conference site can be bookmarked ▸ Here
Intelligent machines are here. Robots, self-driving cars, drones, bots and many IoT devices are becoming smarter with Machine Learning. In her session at @ThingsExpo, Sudha Jamthe, CEO of IoTDisruptions.com, will discuss the next wave of business disruption at the junction of IoT and AI, impacting many industries and set to change our lives, work and world as we know it.
Established in 1998, Calsoft is a leading software product engineering Services Company specializing in Storage, Networking, Virtualization and Cloud business verticals. Calsoft provides End-to-End Product Development, Quality Assurance Sustenance, Solution Engineering and Professional Services expertise to assist customers in achieving their product development and business goals. The company's deep domain knowledge of Storage, Virtualization, Networking and Cloud verticals helps in delivering ...
The Internet of Things (IoT), in all its myriad manifestations, has great potential. Much of that potential comes from the evolving data management and analytic (DMA) technologies and processes that allow us to gain insight from all of the IoT data that can be generated and gathered. This potential may never be met as those data sets are tied to specific industry verticals and single markets, with no clear way to use IoT data and sensor analytics to fulfill the hype being given the IoT today.
SYS-CON Events announced today that Hitrons Solutions will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Hitrons Solutions Inc. is distributor in the North American market for unique products and services of small and medium-size businesses, including cloud services and solutions, SEO marketing platforms, and mobile applications.
OnProcess Technology has announced it will be a featured speaker at @ThingsExpo, taking place November 1 - 3, 2016, in Santa Clara, California. Dan Gettens, OnProcess’ Chief Analytics Officer, will discuss how Internet of Things (IoT) data can be leveraged to predict product failures, improve uptime and slash costly inventory stock. @ThingsExpo is an annual gathering of IoT and cloud developers, practitioners and thought-leaders who exchange ideas and insights on topics ranging from Big Data in...
SYS-CON Events announced today that Enzu will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Enzu’s mission is to be the leading provider of enterprise cloud solutions worldwide. Enzu enables online businesses to use its IT infrastructure to their competitive advantage. By offering a suite of proven hosting and management services, Enzu wants companies to focus on the core of their online busine...
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...
The Open Connectivity Foundation (OCF), sponsor of the IoTivity open source project, and AllSeen Alliance, which provides the AllJoyn® open source IoT framework, today announced that the two organizations’ boards have approved a merger under the OCF name and bylaws. This merger will advance interoperability between connected devices from both groups, enabling the full operating potential of IoT and representing a significant step towards a connected ecosystem.