BizTech Magazine - Technology Solutions That Drive Business https://biztechmagazine.com/rss.xml en How to Manage Multiple Cloud Platforms https://biztechmagazine.com/article/2019/08/how-manage-multiple-cloud-platforms <span>How to Manage Multiple Cloud Platforms</span> <span><span lang="" about="/dashboard/rickyribeiro" typeof="schema:Person" property="schema:name" datatype="">ricky.ribeiro</span></span> <span>Thu, 08/22/2019 - 10:08</span> <div><p>As most IT leaders have learned over the past several years, <strong>the cloud offers unparalleled levels of agility, scale and elasticity</strong>. That’s why most businesses regard it as a core component of digital transformation. But while the decision to move to the cloud may be easy, that’s where the hard work begins.</p> <p>Deciding which cloud platform to use can be difficult; the various cloud providers all have their own strengths and weaknesses. Because of this, most organizations — 85 percent, according to an IBM survey — are currently using multiple clouds.</p> <p>Even businesses that try to standardize on a single cloud often adopt a second or third through the consumption of specific services or features that ­better align with an organization’s strategy. This is sensible when one considers the cloud to be a mainstream enterprise IT platform. Most companies use multiple server, storage, network and security vendors, so why shouldn’t they also adopt more than one cloud?</p> <p>The answer is that they should.</p> <p><a href="https://www.cdw.com/content/cdw/en/orchestration/hybrid-cloud-infrastructure-report.html" target="_blank"><img alt="IT%20Infrastructure_IR_2.jpg" src="https://biztechmagazine.com/sites/biztechmagazine.com/files/IT%20Infrastructure_IR_2.jpg" /></a></p> </div> <div> <div class="field-author"><a href="/taxonomy/term/12116" hreflang="en">Zeus Kerravala</a></div> </div> Thu, 22 Aug 2019 14:08:57 +0000 ricky.ribeiro 44571 at https://biztechmagazine.com As Hackers Get More Sophisticated, Businesses Should Focus on Fundamentals https://biztechmagazine.com/article/2019/08/hackers-get-more-sophisticated-businesses-should-focus-fundamentals <span>As Hackers Get More Sophisticated, Businesses Should Focus on Fundamentals</span> <span><span lang="" about="/dashboard/bobkeaveneyu64t" typeof="schema:Person" property="schema:name" datatype="">Bob.Keaveney_u64t</span></span> <span>Wed, 08/21/2019 - 15:17</span> <div><p>It’s an increasingly challenging world for IT security professionals. Yet those who ensure they’re deploying the right mix of network monitoring and threat mitigation solutions and focus on continuing their employee education efforts have the best chance of keeping their networks secure.</p> <p>Those were the key takeaways from a morning of presentations by IT security leaders at the <a href="https://biztechmagazine.com/cdw-protect-summit-philadelphia">CDW Protect SummIT in Philadelphia</a>.</p> <p>“There’s <strong>more and more of a thin line between what’s legit and what’s not</strong>,” said G. Mark Hardy, president of the National Security Corporation, a security consulting firm.</p> <p>He led audience members through a typical phishing attempt, one masked as an email from a seemingly highly credentialed professional. The security professionals in attendance knew better. However, Hardy said, “You think other people don’t click on those things? At some point, they do.”</p> <p>If there was any doubt that threat actors are working harder and getting smarter, Chris Kachigian soon erased them. Kachigian, the senior director of global solutions architecture for cybersecurity firm <a href="https://www.cdw.com/content/cdw/en/brand/crowdstrike.html?cm_mmc=Vanity-_-CrowdStrike-_-NA-_-NA" target="_blank">CrowdStrike</a>, delivered the results of his company’s “2019 Global Threat Report,” which found, among other things, that organizations around the world are experiencing <strong>280 billion cybersecurity events a day — nearly 3 trillion per week or as many as 4 million per second</strong>.</p> <p>“Attackers only need to find one way in,” Hardy said. “Doesn’t sound very fair, does it?”</p> <p><a data-entity-type="" data-entity-uuid="" href="https://www.cdw.com/content/cdw/en/orchestration/cyber-security-report.html" target="_blank"><img alt="CDW Cybersecurity Insight Report " data-entity-type="" data-entity-uuid="" src="https://biztechmagazine.com/sites/statetechmagazine.com/files/Cybersecurity_IR_stayprotected_700x220%20(2).jpg" /></a></p> <h2>What Is a Zero-Trust Network?</h2> <p>Among security professionals, the increasing interest developing “zero-trust” networks is part of the response to the growing threat. <strong>Zero trust is a security model that requires strict identity verification for every person and device</strong> that seeks to gain network access, regardless of where they sit in relation to the network perimeter.</p> <p>“Here’s how I describe zero trust to people who don’t know,” said David Lewis, global advisory CISO for Duo Security, a <a href="https://www.cdw.com/content/cdw/en/brand/cisco.html?cm_mmc=Vanity-_-cisco-_-NA-_-NA" target="_blank">Cisco</a> brand, as he showed a slide with a photo of a burning house. “It’s very simple: Everything’s on fire.”</p> <p>Although many technology providers offer solutions that they claim are essential to moving toward a zero-trust network, <strong>the model itself does not demand any specific technology solution</strong>. Rather, it’s an approach to cybersecurity that many believe is critical to ensuring maximum network protection.</p> <p>“When we look at zero trust, we’re really talking about things we should have been doing for 30 years,” Lewis explained. “<strong>We’re talking about network segmentation, inventory management </strong>and so on.”</p> <p>That is not to say that a zero-trust model is nothing more than a new way of describing the process of following best practices. It’s a process — often a long one — that <strong>requires rethinking how networks are configured</strong>, how executives and IT teams think about security, and how employees work.</p> <p>It requires <strong>multifactor authentication as standard</strong> and a new understanding of what’s meant by perimeter security — and even what the perimeter itself is. “The perimeter is anywhere an access decision is being made, and we need to remember that,” Lewis said.</p> <p>For these reasons, Lewis advises companies embarking on a <strong>transition to zero trust to ready themselves for the long hau</strong>l — even Google took seven years to complete its transition — and to set realistic interim goals for themselves. Moreover, businesses should refrain from thinking about zero trust as merely another solution acquisition process.</p> <p>“Don’t go to a vendor and say, ‘We heard about zero trust, where do we go from here?’” Lewis said. “Do your homework before you talk to one of us.”</p> <p><a href="https://biztechmagazine.com/article/2019/01/5-tips-updating-cybersecurity-incident-response-plan" target="_blank" title="5 Tips for Updating a Cybersecurity Plan"><b><i>MORE FROM BIZTECH</i></b><i>: Update your cybersecurity response plan before an attack occurs.</i></a></p> <h2>Nation-State Threat Actors Are Growing</h2> <p>Kachigian noted that CrowdStrike’s research suggests good news and bad news for security teams. The bad news is that globally, state-sponsored cyberattacks — and the sophisticated tactics they usually entail — are growing rapidly. <strong>Russia has been especially active and is the world’s leader in devising attacks that move through networks quickly</strong> after initial penetration, with an average “breakout time” of under 19 minutes.</p> <p>The good news is that breakout time generally is actually growing, meaning <strong>organizations are getting better at responding to attacks</strong>. The average breakout time in 2018 was more than 4 hours and 30 minutes, Kachigian said, which is ample time for organizations to slow and ultimately thwart attacks after the initial intrusion.</p> <p>“We recommend that organizations strive to <strong>follow what we call the 1-10-60 rule</strong>,” he said, meaning that an attack should take no longer than 1 minute to detect, 10 minutes to investigate and 60 minutes to contain and remediate.</p> <p>“If you can get everything contained and remediated within that first 60 minutes, you can stop virtually every attack,” he said.</p> <p><em><a href="https://biztechmagazine.com/cdw-protect-summit-philadelphia">Check out our event page</a> for more articles and videos from the CDW Protect SummIT.</em></p> </div> <div> <div class="field-author"><a href="/author/bob-keaveney" hreflang="en">Bob Keaveney</a></div> </div> Wed, 21 Aug 2019 19:17:17 +0000 Bob.Keaveney_u64t 44566 at https://biztechmagazine.com VMworld 2019 https://biztechmagazine.com/ad/vmworld-2019 <span>VMworld 2019</span> <span><span lang="" about="/dashboard/andrewstegerachh" typeof="schema:Person" property="schema:name" datatype="">Andrew.Steger_acHH</span></span> <span>Wed, 08/21/2019 - 13:35</span> <div class="pw-widget pw-size-medium pw-layout-vertical" data-layout="vertical" data-url="https://biztechmagazine.com/ad/vmworld-2019" data-title="VMworld 2019" data-via="BizTechMagazine" data-button-background="none"> <span> <span>Aug</span> <span>21</span> <span>2019</span> </span> <a class="pw-button-twitter cdw-taboola-social"></a> <a class="pw-button-facebook cdw-taboola-social"></a> <a class="pw-button-linkedin cdw-taboola-social"></a> <a class="pw-button-reddit cdw-taboola-social"></a> <a class="pw-button-flipboard cdw-taboola-social"></a> <a class="pw-button-email cdw-taboola-social"></a> <!-- Pinterest button is in EdTechk12 theme's vertical template --> </div> <div class="pw-widget pw-size-medium pw-layout-horizontal" data-counter="true" data-url="https://biztechmagazine.com/ad/vmworld-2019" data-title="VMworld 2019" data-via="BizTechMagazine" data-button-background="none"> <div> <a class="pw-button-twitter cdw-taboola-social"></a> <a href="https://twitter.com/search?f=realtime&amp;q=https%3A%2F%2Fbiztechmagazine.com%2Frss.xml%3Fitem_id%3D609" target="_blank"><span class="pw-box-counter cdw-taboola" data-channel="twitter"></span></a> </div> <div> <a class="pw-button-facebook cdw-taboola-social"></a> </div> <div> <a class="pw-button-linkedin cdw-taboola-social"></a> </div> <div> <a class="pw-button-reddit cdw-taboola-social"></a> </div> <div> <a class="pw-button-flipboard cdw-taboola-social"></a> </div> <div> <a class="pw-button-email cdw-taboola-social"></a> </div> <!-- Pinterest button is in EdTechk12 theme's horizontal template --> </div> <div class="pw-widget pw-size-medium pw-layout-horizontal" data-url="https://biztechmagazine.com/ad/vmworld-2019" data-title="VMworld 2019" data-via="BizTechMagazine" data-button-background="none"> <div> <a class="pw-button-twitter"></a> <span class="pw-box-counter" pw:channel="twitter"></span> </div> <div> <a class="pw-button-facebook"></a> <span class="pw-box-counter" pw:channel="facebook"></span> </div> </div> Wed, 21 Aug 2019 17:35:47 +0000 Andrew.Steger_acHH 44561 at https://biztechmagazine.com VMworld 2019: Digital Innovation to Take Center Stage https://biztechmagazine.com/article/2019/08/vmworld-2019-digital-innovation-take-center-stage <span>VMworld 2019: Digital Innovation to Take Center Stage</span> <span><span lang="" about="/dashboard/andrewstegerachh" typeof="schema:Person" property="schema:name" datatype="">Andrew.Steger_acHH</span></span> <span>Wed, 08/21/2019 - 13:07</span> <div><p>Today’s IT environment is rapidly evolving, forcing businesses to radically rethink how they approach technology, people and processes. <a href="https://www.cdw.com/content/cdw/en/brand/vmware.html?enkwrd=vmware" target="_blank">VMware</a> will explore this idea of digital innovation at <a href="https://www.vmworld.com/en/us/index.html" target="_blank">the VMworld 2019 conference</a>, Aug. 25-29 in San Francisco.</p> <p>Digital innovation is not only changing how business are perceived, but also how they perform. Companies today rely on digital technologies for many purposes, including performance, relevance and product and services development. IT leaders know that <strong>innovation is imperative for their business’s success</strong>; however, reimagining a digital approach is often easier said than done.</p> <p><strong>This year’s theme is Make Your Mark</strong>, and VMware hopes to promote learning, connection and innovation among conference attendees. Attendees should be on the lookout for sessions and exhibits exploring emerging technologies and trends that enable businesses to carry out successful digital transformation strategies.</p> <p>“At this year’s event, <strong>attendees can expect to find the best information, tools and partnerships</strong> to take IT to the next level,” VMware <a href="https://events.vmblog.com/vmworld-2019/item/641-vmworld-2019-q-a-vmware-provides-details-ahead-of-the-show-benefits-and-success-hands-on-labs-trends-topics-and-more.html" target="_blank">says on its VMblog</a>. “This includes: discovering new innovations on how to transform networking and security, learning about what enhances digital workspaces to drive amazing mobile experiences, and exploring new solutions that accelerate the cloud journey to drive digital transformation.”</p> <p><a href="https://biztechmagazine.com/article/2019/04/why-move-innovative-workplace-it-essential-business-survival" target="_blank"><em><strong>MORE FROM BIZTECH:</strong> Learn why the move to innovative workplace IT is essential for business survival.</em></a></p> <p>The conference’s general sessions will kick off Aug. 26 with an opening keynote from <strong>VMware CEO Pat Gelsinger</strong> and <strong>COO Sanjay Poonen</strong>, highlighting the company’s top announcements and its technology outlook for the next year. The following day, <strong>VMware CTO Ray O’Farrell</strong> will take the stage to demonstrate the interactions between cloud, infrastructure, security, apps and devices. Poonen will interview <strong>professional skier Lindsey Vonn</strong> along with <strong>Steve Young</strong>, Pro Football Hall of Famer and former quarterback for the San Francisco 49ers. </p> <p>The conference will have <a href="https://www.vmworld.com/en/us/video/top-sessions.html" target="_blank">an array of tracks for attendees to choose from</a>, including sessions on <strong>data center and cloud, digital transformation, networking and security, and digital workspace</strong>, and addressing next-generation trends such as artificial intelligence, blockchain and the Internet of Things.</p> <p>During the conference, follow us on Twitter at <a href="https://twitter.com/BizTechMagazine" target="_blank">@BizTechMagazine</a>, follow the official conference Twitter account, <a href="https://twitter.com/VMworld" target="_blank">@VMworld</a>, and join the conversation by using <a href="https://twitter.com/search?q=%23VMworld&amp;src=hashtag_click" target="_blank">#VMworld</a>.</p> <p><em>BizTech</em> staff will be in San Francisco to cover the conference through articles and social media. <strong><a href="https://biztechmagazine.com/vmworld-2019">Bookmark this page</a></strong> to follow our coverage.</p> </div> <div> <div class="field-author"><a href="/taxonomy/term/12316" hreflang="en">Andrew Steger</a></div> </div> Wed, 21 Aug 2019 17:07:16 +0000 Andrew.Steger_acHH 44556 at https://biztechmagazine.com Why Every Small Business Needs a Data Strategy https://biztechmagazine.com/article/2019/08/why-every-small-business-needs-data-strategy <span>Why Every Small Business Needs a Data Strategy</span> <span><span lang="" about="/dashboard/andrewstegerachh" typeof="schema:Person" property="schema:name" datatype="">Andrew.Steger_acHH</span></span> <span>Wed, 08/21/2019 - 10:39</span> <div><p>Not very long ago, <a href="https://biztechmagazine.com/business-intelligence/data-analytics">data</a> was just a byproduct of business processes: It was created because the business did something, but it had no value of its own. So, businesses did almost nothing with their data.</p> <p>Those days are gone, of course. The business and tech leaders I meet now understand that <strong>data isn’t just a product of the business</strong>; in many ways, it is the business. Aside from its people, <strong>an organization’s data is its most important asset</strong>.</p> <p>Yet when I ask those leaders to tell me about <a href="https://biztechmagazine.com/article/2019/02/why-small-businesses-need-digital-strategy">their data strategies</a>, the responses are all over the place. The truth is that most companies, especially smaller ones, don’t know what a data strategy really is. While they recognize the value of data, few have modernized their approaches to managing it. </p> <p><strong>They’re not properly analyzing it and they’re not sharing it</strong> throughout the organization. So, instead of maximizing the value of their data, they’re spending all their time figuring out how to retain it. And that’s especially true among small to medium-sized businesses.</p> <p>It’s time to fix that.</p> <p><a href="https://biztechmagazine.com/article/2019/02/4-ways-data-management-translates-digital-transformation-success" target="_blank"><em><strong>MORE FROM BIZTECH: </strong>Discover four ways data management translates to digital transformation success.</em></a></p> <h2 id="toc_0">Data Strategies Should Involve More Than Storage</h2> <p>First, let’s define our terms. Simply put, a data strategy is a plan that’s designed to improve all the ways an organization acquires, stores, manages, shares and uses data.</p> <p>That means that <strong>creating a data st­rategy requires all hands on deck</strong>. This is not a mere project of the IT department; it’s a ­mission that business and IT leaders must complete together.</p> <p>When IT departments think about data, they typically focus on storage, security and <a href="https://biztechmagazine.com/article/2019/03/businesses-turn-simpler-faster-more-reliable-disaster-recovery-service">disaster recovery</a>. And while all of that is obviously crucial, <a href="https://blog.cdw.com/networking/start-data-strategy-identifying-goals" target="_blank">a true data strategy</a> must also account for how data is identified, accessed, shared and used.</p> <p><strong>How do you start?</strong> The most successful data strategy projects I’ve seen have answered the following questions.</p> <p><strong>What is the role of data in driving the business strategy? </strong>Only after identifying your organization’s strategic priorities and business goals can you even begin to identify the ways data can help you get there.</p> <p><strong>What data do you have?</strong> Once you understand data’s role in meeting your business objectives, you need to determine whether you currently have it. That requires establishing a metadata process to identify and represent the data content in your environment. Enterprise content management solutions can be invaluable here, even for relatively small to medium-sized companies. You may find that you do have the information you need but aren’t using it to achieve your goals. Or it may be that you have some data but not everything you need, which means you aren’t collecting what you need to know from your customers, business partners or suppliers.</p> <p><strong>How should you store and protect your data?</strong> Here is where the IT team has most likely done the most thinking. Yet organizations continue to grapple with questions over how much to move into the cloud (and which cloud or clouds) and <a href="https://biztechmagazine.com/article/2019/07/why-better-cloud-security-critical-business-growth">what IT security solutions to deploy</a>.</p> <p>I advise you to reach out for expert advice on these questions. Regardless of what you decide, the point is that storage and security are really just one part of a larger data strategy.</p> <p><strong>How will different parts of your business access data?</strong> It’s imperative that data collected by and contained in one business application be made available for every part of the organization to access and use. If data is truly a corporate asset, then all data must be packaged and prepared for sharing.</p> <p><strong>How will your data be analyzed?</strong> Data doesn’t become an organizational asset until you actually use it to inform business decisions. Until then, let’s face it, it’s a burden — something to be stored and protected. A good business intelligence solution can help you ask the right questions and get the best answers.</p> <p>Data is crucial to every business, regardless of size or sector. Yet most businesses still seem to treat their data as something to manage and secure rather than deploy to their advantage. Businesses of every kind need to change that, and there’s no better time to start than now.</p> </div> <div> <div class="field-author"><a href="/taxonomy/term/12166" hreflang="en">Norm Lillis</a></div> </div> Wed, 21 Aug 2019 14:39:20 +0000 Andrew.Steger_acHH 44551 at https://biztechmagazine.com Security Threats Make Users a Top Target https://biztechmagazine.com/media/video/security-threats-make-users-top-target <span>Security Threats Make Users a Top Target</span> <div><p>Phishing, spear phishing and social engineering attacks are among the most dangerous cybersecurity threats. What do they have in common? All prey on users to achieve a foothold on networks to carry out deeper intrusions into an organization's systems. At the CDW Protect SummIT in Philadelphia, we spoke to security experts about why users are such a vulnerable target and how organizations can protect them. For more videos and articles from the Protect SummIT, visit <a href="https://biztechmagazine.com/cdw-protect-summit-philadelphia" target="_blank">biztechmag.com/CDW-Protect-Summit-Philadelphia</a>.</p> <p><strong>&gt;&gt;<a href="https://www.cdw.com/content/cdw/en/orchestration/cyber-security-report.html" target="_blank">Download "The Cybersecurity Insight Report" by CDW</a></strong> to learn more about how organizations can protect their systems and data.</p> </div> <span><span lang="" about="/dashboard/mattmclaughlin" typeof="schema:Person" property="schema:name" datatype="">matt.mclaughlin</span></span> <span>Wed, 08/21/2019 - 09:55</span> <div> <div>Tweet text</div> <div>Security experts at the #CDWProtectSummIT see users as a key #cybersecurity vulnerability. See what they recommend for protecting users from attacks.</div> </div> <div> <div>Video ID</div> <div><p>1744955177</p> </div> </div> <div> <div>video type</div> <div><a href="/conference" hreflang="en">Conference</a></div> </div> <div> <div>CDW Activity ID</div> <div><p>MKT34004</p> </div> </div> <div> <div>CDW VV2 Strategy</div> <div>Security</div> </div> <div> <div>CDW Segment</div> <div>Med/Lar</div> </div> <div> <div>Customer Focused</div> <div>True</div> </div> <div> <div>Buying Cycle</div> <div><a href="/awareness" hreflang="en">Awareness</a></div> </div> <div class="pw-widget pw-size-medium pw-layout-vertical" data-layout="vertical" data-url="https://biztechmagazine.com/media/video/security-threats-make-users-top-target" data-title="Security experts at the #CDWProtectSummIT see users as a key #cybersecurity vulnerability. See what they recommend for protecting users from attacks." data-via="BizTechMagazine" data-button-background="none"> <span> <span>Aug</span> <span>21</span> <span>2019</span> </span> <a class="pw-button-twitter cdw-taboola-social"></a> <a class="pw-button-facebook cdw-taboola-social"></a> <a class="pw-button-linkedin cdw-taboola-social"></a> <a class="pw-button-reddit cdw-taboola-social"></a> <a class="pw-button-flipboard cdw-taboola-social"></a> <a class="pw-button-email cdw-taboola-social"></a> <!-- Pinterest button is in EdTechk12 theme's vertical template --> </div> <div class="pw-widget pw-size-medium pw-layout-horizontal" data-url="https://biztechmagazine.com/media/video/security-threats-make-users-top-target" data-title="Security experts at the #CDWProtectSummIT see users as a key #cybersecurity vulnerability. See what they recommend for protecting users from attacks." data-via="BizTechMagazine" data-button-background="none"> <div> <a class="pw-button-twitter"></a> <span class="pw-box-counter" pw:channel="twitter"></span> </div> <div> <a class="pw-button-facebook"></a> <span class="pw-box-counter" pw:channel="facebook"></span> </div> </div> <div class="pw-widget pw-size-medium pw-layout-horizontal" data-counter="true" data-url="https://biztechmagazine.com/media/video/security-threats-make-users-top-target" data-title="Security experts at the #CDWProtectSummIT see users as a key #cybersecurity vulnerability. See what they recommend for protecting users from attacks." data-via="BizTechMagazine" data-button-background="none"> <div> <a class="pw-button-twitter cdw-taboola-social"></a> <a href="https://twitter.com/search?f=realtime&amp;q=https%3A%2F%2Fbiztechmagazine.com%2Frss.xml%3Fitem_id%3D609" target="_blank"><span class="pw-box-counter cdw-taboola" data-channel="twitter"></span></a> </div> <div> <a class="pw-button-facebook cdw-taboola-social"></a> </div> <div> <a class="pw-button-linkedin cdw-taboola-social"></a> </div> <div> <a class="pw-button-reddit cdw-taboola-social"></a> </div> <div> <a class="pw-button-flipboard cdw-taboola-social"></a> </div> <div> <a class="pw-button-email cdw-taboola-social"></a> </div> <!-- Pinterest button is in EdTechk12 theme's horizontal template --> </div> <div> <div>Pull Quote</div> <div> <p class="quote"><a href="/media/video/security-threats-make-users-top-target"> &quot;I think that it&#039;s really important to let your employees know that it&#039;s safe to report a mistake.&quot; </a></p> <p class='speaker'> <span>Chester Ney</span> IT Director, All4 </p> </div> </div> Wed, 21 Aug 2019 13:55:29 +0000 matt.mclaughlin 44546 at https://biztechmagazine.com How to Hire and Retain More Cybersecurity Professionals https://biztechmagazine.com/article/2019/08/how-hire-and-retain-more-cybersecurity-professionals <span>How to Hire and Retain More Cybersecurity Professionals</span> <span><span lang="" about="/dashboard/bobkeaveneyu64t" typeof="schema:Person" property="schema:name" datatype="">Bob.Keaveney_u64t</span></span> <span>Wed, 08/21/2019 - 09:11</span> <div><p>For all the difficulties that modern threat actors throw at them, IT security leaders’ biggest challenge may be a simple human one: how to hire and retain enough qualified professionals to maintain secure networks.</p> <p>According to the <a href="https://www.isc2.org/-/media/B7E003F79E1D4043A0E74A57D5B6F33E.ashx" target="_blank">2017 Global Information Security Workforce</a> Study, <strong>two-thirds of organizations said they lack the number of cybersecurity professionals needed </strong>for today’s threat climate. By <a href="https://www.csoonline.com/article/3394876/is-the-cybersecurity-skills-shortage-getting-worse.html" target="_blank">another estimate</a>, 74 percent of organizations say the cybersecurity skills shortage has impacted them to some degree.</p> <p>Part of the challenge is that the speed of technological advancement is difficult to keep up with, said Bob Bragdon, publisher of CSO and moderator of the <a href="https://biztechmagazine.com/cdw-protect-summit-philadelphia">CDW Protect SummIT</a> in Philadelphia.</p> <p>“We’re <strong>adopting these technologies in organizations where our skill sets in using them are very limited</strong>,” he said. “We talk about blockchain. We talk about zero trust. Where are the people who know how to use this stuff?”</p> <p><a data-entity-type="" data-entity-uuid="" href="https://www.cdw.com/content/cdw/en/orchestration/cyber-security-report.html" target="_blank"><img alt="CDW Cybersecurity Insight Report " data-entity-type="" data-entity-uuid="" src="https://biztechmagazine.com/sites/statetechmagazine.com/files/Cybersecurity_IR_stayprotected_700x220%20(2).jpg" /></a></p> <h2 id="toc_0">What’s the State of Cybersecurity Staffing?</h2> <p>Some have described the state of staffing for cybersecurity as a crisis. But Alyssa Miller, manager of CDW’s Information Security Solutions practice, said it “depends on whom you ask.”</p> <p>“You ask a lot of <strong>people in the security community who are looking, and they say they can’t get in</strong>. They’re wondering how they get a job,” Miller said. “So what’s the state of things? I’d say it’s really confused.”</p> <p>Yet most businesses continue to struggle with hiring and retention. So Bragdon moderated a panel to discuss solutions with Miller; Mark Leary, CISO of Tarrytown, N.Y.-based Regeneron Pharmaceuticals; and Ken Weirman, CIO of Berwyn, Pa.-based manufacturer Ametek.</p> <p><strong>Retaining employees may be even more challenging</strong> than hiring them in the first place, panelists said. The era of the 30-year employee is “over, definitely,” Weirman said, because employees find it impossible to meet all of their career-growth objectives within a single organization.</p> <p>“Keeping people motivated is a big issue,” he said. “After about two years, an employee has typically mastered the role they were hired for, and if you don’t have something that’s next for them to move into, you’ll lose them.”</p> <p>That means <strong>it’s incumbent up employers to try to retain top workers for as long as possible</strong> by helping to create a career path.</p> <p>“We have something called 30/30s,” Weirman said. “That’s 30 minutes every days for 30 days with your managers, where you don’t talk about your job. You talk about your career.”</p> <!--2--><p><a href="https://biztechmagazine.com/article/2019/01/5-tips-updating-cybersecurity-incident-response-plan" target="_blank" title="5 Tips for Updating a Cybersecurity Plan"><b><i>MORE FROM BIZTECH</i></b><i>: Update your cybersecurity response plan before an attack occurs.</i></a></p> <h2>Make Work More Interesting for Cyber Pros</h2> <p>It’s no surprise that employees who are engaged in their work stay longer. Yet in security, too many young employees spend all day in security operations centers, staring at a screen and working their way through one alert after another, Leary said. It can be dreary.</p> <p>“We have to <strong>find ways to make work meaningful</strong>,” Miller argued. “Things like that can be automated, so we should do that. We need to ask: How can we enable that person so that when they have something they can react to, they can really see change?”</p> <p>Miller said that many employers struggle with misperceptions about technical workers that limit their careers, leading to dissatisfied employees. The perception is that people with strong technical backgrounds are unsuited to the kinds of management tasks that business leaders must perform.</p> <p>“It’s kind of dumbfounding to me because these people are incredibly intelligent and well-educated,” Miller said.</p> <p>Money is another impediment to retention, the panelists said. It’s possible to hire a young security analyst for, say, $60,000 a year, but within a couple of years that analyst will have developed the skills necessary to land a six-figure job. Employers who can’t move that employee up will lose him or her.</p> <p><a data-entity-type="" data-entity-uuid="" href="https://www.cdw.com/content/cdw/en/orchestration/hybrid-cloud-infrastructure-report.html" target="_blank"><img alt="IT%20Infrastructure_IR_1%20(2)_0.jpg" data-entity-type="" data-entity-uuid="" src="https://fedtechmagazine.com/sites/fedtechmagazine.com/files/IT%20Infrastructure_IR_1%20(2)_0.jpg" /></a></p> <h2>Think Differently to Increase Cyber Hires</h2> <p>The panelists had several suggestions for organizations looking to add to their cybersecurity teams but struggling to find qualified professionals:</p> <ul><li><strong>Change your perceptions of what a cybersecurity professional looks like. </strong>Miller said that employers should be aware of their “subconscious bias” that IT teams will be mostly men, white and straitlaced, and they should actively recruit women, people of color and people whose personal styles are a little different. “Understand that you’re going to see tattoos, you’re going to see colored hair and mohawks,” she said. “We have to challenge those visions of what it is we think we’re looking for.”</li> <li><strong>Get out in the community. </strong>Employers should be active in Twitter’s information security communities, should be sponsoring IT security events and sending current employees to them, and working with local universities and public schools.</li> <li><strong>Rethink job descriptions. </strong>It’s common for employers to make unrealistically high demands when drafting job descriptions, then wonder why they’re not getting many applicants, panelists said. It’s important to remember that cybersecurity pros often lack decades of experience because the profession itself is relatively young and constantly in flux</li> </ul><p><em><a href="https://biztechmagazine.com/cdw-protect-summit-philadelphia">Check out our event page</a> for more articles and videos from the CDW Protect SummIT.</em></p> <p> </p> </div> <div> <div class="field-author"><a href="/author/bob-keaveney" hreflang="en">Bob Keaveney</a></div> </div> Wed, 21 Aug 2019 13:11:48 +0000 Bob.Keaveney_u64t 44541 at https://biztechmagazine.com Integrating Security Layers Helps Organizations Deal with Shifting Threats https://biztechmagazine.com/media/video/integrating-security-layers-helps-organizations-deal-shifting-threats <span>Integrating Security Layers Helps Organizations Deal with Shifting Threats</span> <div><p>High-profile breaches have gotten the attention of business executives, raising security to a higher level of priority. This change in status is driven by the emergence of sophisticated state-sponsored cyberthreats that bring an effective, persistent approach to their attacks. At the CDW Protect SummIT in Philadelphia, we spoke with G. Mark Hardy of National Security Corp., who advises integrating different security efforts to improve the effectiveness of an organization's defenses. For more videos and articles from the Protect SummIT, visit <a href="https://biztechmagazine.com/cdw-protect-summit-philadelphia" target="_blank">biztechmag.com/CDW-Protect-SummIT-Philadelphia</a>.</p> <p><strong>&gt;&gt;<a href="https://www.cdw.com/content/cdw/en/orchestration/cyber-security-report.html" target="_blank">Download "The Cybersecurity Insight Report" by CDW</a></strong> to learn more about how organizations can protect their systems and data.</p> </div> <span><span lang="" about="/dashboard/mattmclaughlin" typeof="schema:Person" property="schema:name" datatype="">matt.mclaughlin</span></span> <span>Tue, 08/20/2019 - 18:47</span> <div> <div>Tweet text</div> <div>.@g_mark says compliance is a &quot;C minus, barely a passing grade&quot; in cybersecurity. Organizations need to do more for true security #CDWProtectSummIT </div> </div> <div> <div>Video ID</div> <div><p>1959201109</p> </div> </div> <div> <div>video type</div> <div><a href="/conference" hreflang="en">Conference</a></div> </div> <div> <div>CDW Activity ID</div> <div><p>MKT34004</p> </div> </div> <div> <div>CDW VV2 Strategy</div> <div>Security</div> </div> <div> <div>CDW Segment</div> <div>Med/Lar</div> </div> <div> <div>Customer Focused</div> <div>False</div> </div> <div> <div>Buying Cycle</div> <div><a href="/awareness" hreflang="en">Awareness</a></div> </div> <div class="pw-widget pw-size-medium pw-layout-vertical" data-layout="vertical" data-url="https://biztechmagazine.com/media/video/integrating-security-layers-helps-organizations-deal-shifting-threats" data-title=".@g_mark says compliance is a 'C minus, barely a passing grade' in cybersecurity. Organizations need to do more for true security #CDWProtectSummIT" data-via="BizTechMagazine" data-button-background="none"> <span> <span>Aug</span> <span>20</span> <span>2019</span> </span> <a class="pw-button-twitter cdw-taboola-social"></a> <a class="pw-button-facebook cdw-taboola-social"></a> <a class="pw-button-linkedin cdw-taboola-social"></a> <a class="pw-button-reddit cdw-taboola-social"></a> <a class="pw-button-flipboard cdw-taboola-social"></a> <a class="pw-button-email cdw-taboola-social"></a> <!-- Pinterest button is in EdTechk12 theme's vertical template --> </div> <div class="pw-widget pw-size-medium pw-layout-horizontal" data-url="https://biztechmagazine.com/media/video/integrating-security-layers-helps-organizations-deal-shifting-threats" data-title=".@g_mark says compliance is a 'C minus, barely a passing grade' in cybersecurity. Organizations need to do more for true security #CDWProtectSummIT" data-via="BizTechMagazine" data-button-background="none"> <div> <a class="pw-button-twitter"></a> <span class="pw-box-counter" pw:channel="twitter"></span> </div> <div> <a class="pw-button-facebook"></a> <span class="pw-box-counter" pw:channel="facebook"></span> </div> </div> <div class="pw-widget pw-size-medium pw-layout-horizontal" data-counter="true" data-url="https://biztechmagazine.com/media/video/integrating-security-layers-helps-organizations-deal-shifting-threats" data-title=".@g_mark says compliance is a 'C minus, barely a passing grade' in cybersecurity. Organizations need to do more for true security #CDWProtectSummIT" data-via="BizTechMagazine" data-button-background="none"> <div> <a class="pw-button-twitter cdw-taboola-social"></a> <a href="https://twitter.com/search?f=realtime&amp;q=https%3A%2F%2Fbiztechmagazine.com%2Frss.xml%3Fitem_id%3D609" target="_blank"><span class="pw-box-counter cdw-taboola" data-channel="twitter"></span></a> </div> <div> <a class="pw-button-facebook cdw-taboola-social"></a> </div> <div> <a class="pw-button-linkedin cdw-taboola-social"></a> </div> <div> <a class="pw-button-reddit cdw-taboola-social"></a> </div> <div> <a class="pw-button-flipboard cdw-taboola-social"></a> </div> <div> <a class="pw-button-email cdw-taboola-social"></a> </div> <!-- Pinterest button is in EdTechk12 theme's horizontal template --> </div> <div> <div>Pull Quote</div> <div> <p class="quote"><a href="/media/video/integrating-security-layers-helps-organizations-deal-shifting-threats"> &quot;Doing cyber effectively ensures the continuity of operations, the sustaining of the reputation of an organization.&quot; </a></p> <p class='speaker'> <span>G. Mark Hardy</span> Founder and CEO, National Security Corp. </p> </div> </div> Tue, 20 Aug 2019 22:47:29 +0000 matt.mclaughlin 44531 at https://biztechmagazine.com Here’s How to Keep Up with the Faster Cadence of Windows 10 Updates https://biztechmagazine.com/article/2019/08/heres-how-keep-faster-cadence-windows-10-updates <span>Here’s How to Keep Up with the Faster Cadence of Windows 10 Updates</span> <span><span lang="" about="/dashboard/elizimmerman9856" typeof="schema:Person" property="schema:name" datatype="">eli.zimmerman_9856</span></span> <span>Tue, 08/20/2019 - 13:53</span> <div><p><a href="https://www.cdw.com/content/cdw/en/brand/microsoft/windows-10.html?enkwrd=Windows%2010" target="_blank">Windows 10</a>, delivered as a service, features monthly quality updates and biannual feature updates that are not optional. </p> <p>The new, quicker delivery model can <strong>cause challenges during and after migration if an IT department is unprepared</strong>. </p> <p>Users of Windows 10 Pro or higher products can delay updates, but not forever: The ­twice-yearly updates, in spring and fall, are supported for just <strong>18 and 30 months</strong>, respectively. Here are four ideas for handling the new cadence.</p> <p><a href="https://biztechmagazine.com/article/2019/05/fact-or-fallacy-windows-10-worth-upgrade" target="_blank"><em><strong>MORE FROM BIZTECH: </strong>Read more about the facts and fallacies around Windows 10 migration.</em></a></p> <h2 id="toc_0">1. Choose a Servicing Tool</h2> <p>Windows Update for Business is configured in Group Policy. Users can <strong>receive updates as they are publicly released or wait for the twice-yearly cadence</strong>, known as the Semi-Annual Channel (SAC). </p> <p>Feature updates can be delayed for up to a year. For more control, use <strong>Windows Server Update Services (WSUS) </strong>or <strong>System Center Configuration Manager (SCCM)</strong>. </p> <p>Windows Update for Business pulls updates from <a href="https://www.cdw.com/content/cdw/en/brand/microsoft-interstitial.html?enkwrd=Microsoft" target="_blank">Microsoft</a>’s online update servers or neighboring devices; WSUS uses a local repository.</p> <h2 id="toc_1">2. Create Deployment Rings to Test Updates</h2> <p>Test the updates on a limited group of computers before rolling them out to all devices. Some devices might update on the SAC as soon as a monthly update is released, and others might use the SAC to test updates before wider distribution.</p> <p>Use Windows Update for Business settings or the SCCM to <strong>create deployment rings</strong>. </p> <p>Each Group Policy object can contain unique settings, which are applied to a given ring. SCCM collections can target devices with specific updates. </p> <p><a href="https://biztechmagazine.com/article/2018/12/why-and-how-nonprofits-should-upgrade-windows-10" target="_blank"><em><strong>MORE FROM BIZTECH: </strong>Check out why and how nonprofits should upgrade to Windows 10.</em></a></p> <h2 id="toc_2">3. Test Critical Apps in Advance</h2> <p>Line-of-business applications should be tested before a feature update is installed. </p> <p>New features and other changes can break applications, so <strong>develop a test for each app to ensure critical functionality isn’t affected</strong>. </p> <p>Consider joining the <a href="https://insider.windows.com/en-us/for-business/" target="_blank">Windows Insider Program for Business</a> to get advance access to builds in active development. The Security Update Validation Program provides access to updates three weeks before release. </p> <h2 id="toc_3">4. Use New Technology</h2> <p>Consider modern deployment options, such as mobile device management and Windows Autopilot; the latter makes use of the image installed by the vendor, but it can be configured with additional software and settings using MDM. Deployments can be cloud or IT-driven, letting businesses use Windows Configuration Designer to <strong>create provisioning packages that can be deployed locally</strong>. </p> </div> <div> <div class="field-author"><a href="/author/russell-smith" hreflang="en">Russell Smith</a></div> </div> Tue, 20 Aug 2019 17:53:12 +0000 eli.zimmerman_9856 44526 at https://biztechmagazine.com At Penn Medicine, Decisions About Cybersecurity Are Driven by Data https://biztechmagazine.com/article/2019/08/penn-medicine-decisions-about-cybersecurity-are-driven-data <span>At Penn Medicine, Decisions About Cybersecurity Are Driven by Data</span> <span><span lang="" about="/dashboard/bobkeaveneyu64t" typeof="schema:Person" property="schema:name" datatype="">Bob.Keaveney_u64t</span></span> <span>Tue, 08/20/2019 - 10:20</span> <div><p>Most organizations’ cybersecurity programs follow a familiar pattern: First, do what’s required. Next, do what’s recommended.</p> <p>“But what happens after that is kind of the wild west,” said Dan Costantino, CISO at <a href="https://www.pennmedicine.org/" target="_blank">Penn Medicine</a> in Philadelphia. “You get to a roomful of security professionals who are making recommendations that everyone just assumes are correct.”</p> <p>Too often, Costantino told attendees of the <a href="https://biztechmagazine.com/cdw-protect-summit-philadelphia">CDW Protect SummIT in Philadelphia</a>, <strong>organizations simply implement solutions based on what their peers are doing</strong>, without knowing how effective those actions are. Or, they deploy whatever they believe is state of the art. By implementing evidence-based security at Penn Medicine, he’s adding a third layer to his organization’s strategy: Do what works.</p> <p>­“If you look at what <strong>most security programs do today, they start with compliance</strong>: They make sure that they’re complying with all applicable laws and regulations in their industry,” said Costantino. “Then they move on to framework alignment, meaning they pick a cybersecurity framework that makes sense for them, and they make sure that they’re aligned with those recommendations.”</p> <p><a href="https://biztechmagazine.com/article/2019/01/5-tips-updating-cybersecurity-incident-response-plan" target="_blank" title="5 Tips for Updating a Cybersecurity Plan"><b><i>MORE FROM BIZTECH</i></b><i>: Update your cybersecurity response plan before an attack occurs.</i></a></p> <h2>Data Analysis Is Critical to Effective Cybersecurity</h2> <p>As a large academic medical center in a major metro area, Penn Medicine confronts a number of unique cybersecurity challenges. Unlike many businesses, it cannot shut its network down for several hours to deploy a new solution or conduct maintenance. It employs 40,000 people working in six hospitals and 10 specialty centers across the Philadelphia area, and its network is also accessed regularly by professionals who are not employees, such as independent physicians with admitting privileges.</p> <p>For the academic medical center, <strong>evidence-based cybersecurity means aggregating information from several external sources</strong> and then comparing it with their own data. Costantino said his team pays close attention to the <a href="https://enterprise.verizon.com/products/security/verizon-risk-report/?cmp=paid_search:google&amp;gclid=EAIaIQobChMInMjsuveP5AIVQpyzCh3yvQtlEAAYASAAEgKhH_D_BwE" target="_blank">Verizon Risk Report</a> and other well-regarded cybersecurity research. At the same time, they carefully analyze their own security data to determine the efficacy of their actions.</p> <p>That helps keep Penn Medicine focused on doing the things that the data suggests are most crucial to keeping its network safe.“If you look at how other programs are built, they’re built on compliance and alignment, and then they’re built on what everyone else is doing,” Costantino explained. “You see a lot of people asking: ‘What are you doing? How are you solving this problem?’ And that’s great; we certainly look at what others are doing too. But most important, <strong>what we’re doing is what the evidence says is the best next decision </strong>specifically for Penn Medicine.”</p> <p><a data-entity-type="" data-entity-uuid="" href="https://www.cdw.com/content/cdw/en/orchestration/cyber-security-report.html" target="_blank"><img alt="CDW Cybersecurity Insight Report " data-entity-type="" data-entity-uuid="" src="https://biztechmagazine.com/sites/statetechmagazine.com/files/Cybersecurity_IR_stayprotected_700x220%20(2).jpg" /></a></p> <h2>In Cybersecurity, the Fundamentals Are Still Key</h2> <p>Some security professionals might be surprised by what that evidence suggests. While others are deploying sexy solutions, such as those driven by artificial intelligence, Costantino said the cybersecurity challenges at Penn Medicine are more prosaic, according to the data he sees.</p> <p>“The <strong>evidence says that people still can’t help themselves, and they click on those phishing emails</strong>,” he explained, and that employees continue to make various other mistakes with data security. “So the evidence really comes back to the fundamentals in a lot of ways.”</p> <p>The <strong>success of a cybersecurity program is always hard to measure</strong>. For a large and complex organization like Penn Medicine, the challenge is even greater. Yet one key advantage of evidence-based security planning is precisely that Costantino and his team can observe how well its actions are performing.</p> <p>“Ultimately, <strong>we can see how well we’re making decisions for Penn Medicine year after year</strong>,” he said. “If we’re driving phishing down and moving patching up and getting people to stop moving data into places where they’re not supposed to, then you know you’re moving forward in the right way.”</p> <p>But while Costantino believes in the value of data to drive effective security decisions, he said it’s important to balance what the data suggests with what his experience tells him. There are times, he said, when the data is “telling you something that doesn’t feel right,” and in those cases, “you have to let common sense prevail.”</p> <p><em><a href="https://biztechmagazine.com/cdw-protect-summit-philadelphia">Check out our event page</a> for more articles and videos from the CDW Protect SummIT.</em></p> </div> <div> <div class="field-author"><a href="/author/bob-keaveney" hreflang="en">Bob Keaveney</a></div> </div> Tue, 20 Aug 2019 14:20:56 +0000 Bob.Keaveney_u64t 44521 at https://biztechmagazine.com