A record 61 percent of enterprises worldwide are on the path to becoming “intelligent,” compared to only 49 percent in 2018. The Zebra Technologies Corporation global survey analyzes the extent to which companies connect the physical and digital worlds to drive innovation through real-time guidance, data-powered environments and collaborative mobile workflows. Their “Intelligent Enterprise” Index scores are calculated using 11 criteria that include Internet of Things (IoT) vision, adoption, data management, intelligent analysis and more. … More →
Increasing spend efficiency and cutting waste are challenging with respect to gaining visibility into costs and managing IT spend effectively, according to Flexera survey. Survey respondents are IT executives working in large enterprises with 2,000 or more employees, headquartered in North America and Europe, encompassing industries such as financial services, retail, e-commerce and industrial products. More than half are C-level executives. Managing IT spending The top challenge to managing spend effectively, cited by 86 percent … More →
Digital architects are struggling to satisfy their organizations’ digital transformation ambitions, research from Couchbase has found. In a survey of 450 heads of digital transformation responsible for managing data architecture at enterprises across the U.S., U.K., France and Germany, 85 percent of respondents were under pressure to deliver digital projects – with 41 percent experiencing “high” or “extremely high” pressure. This is not helped by the apparent scale of the challenge facing architects. Sixty eight … More →
After some of its major backers including eBay, MasterCard, PayPal and Visa Inc. announced their withdrawals, 21 members of the Facebook-led Libra Association formally signed onto its charter and formalized the Libra Association council.
How often do you get the opportunity to sit in on a free flow of ideas between senior business thought leaders? Probably, not often enough. But on Nov. 14, ITWC is giving you your chance as it hosts a virtual town hall featuring seven of the 2019 ITAC CanadianCIO of the Year award finalists. These…
With $3.5 million in support from the Opportunity Calgary Investment Fund (OCIF), Finger Food Advanced Technology Group is opening up an advanced technology centre in Calgary, which will lead to the creation of 200 full time jobs in the city by 2023, according to the B.C.-based enterprise solution provider.
Canada ranks third in absolute venture capital (VC) dollars invested, but businesses that rely exclusively on U.S. and other foreign funding in their Series A round raise more money than Canadian-financed firms, according to a study from the University of Toronto's Impact Centre.
Every second counts when someone is having a heart attack, and paramedics in Eastern Ontario have found a way to cut seven precious minutes out of the time it takes to get automated external defibrillators (AEDs) to victims.
In today’s world, we have more technology innovation being developed than any other time in history. In many cases the technology will improve our quality of life and in other cases will have a negative effect not realized until many years later. And, this is why discussions need to keep occurring across the collective community…
This is one in a series of profiles of tech leaders named as a finalist for the 2019 ITAC CanadianCIO of Year Award. Mr. Sanderson will be part of a Nov. 14 Town Hall discussion for finalists focused on the changing role of the CIO. The ITAC CanadianCIO of the Year winners will be announced…
A recent study commissioned by Microsoft and Intel reported that the cost of using a PC older than four years is more than buying a new one. As per StatsCanada, the country is home to around 1.2 million small and medium businesses. These businesses comprise 98.8 per cent of the total employee businesses in the…
A recent report by McKinsey noted that 40,000 exabytes of data will be collected worldwide in 2020. If just five exabytes is equal to all the words ever spoken by mankind, it’s not an understatement to suggest there is a prodigious amount of material for a data scientist to process to glean insights. To tackle…
In order to make work and play more intuitive and natural than before, Microsoft has brought about innovations in voice, digital ink, and touch across Office 365. In addition to announcing several new devices at its Surface event, Oct. 2, 2019, aimed at making modern work more intuitive and natural for everyone, Microsoft also shared…
Organizations agree, building security into digital transformation initiatives is a priority, yet the recommended path to progress is unclear, according to a survey conducted by ZeroNorth. Companies of all sizes and in all industries are experiencing the pains of digital transformation, with 79% of survey respondents indicating their organization already has related initiatives underway. All participants indicate the importance of digital transformation to the future of their organization, even those who have not yet embarked … More →
It’s been almost four decades since Sun Microsystems’ employee John Gage announced in 1982 that the “network is the computer.” In a recent interview, Gage noted that at the time, this was a bit of an oversimplification. It’s hard to believe that when Gage made the statement the “internet” was still largely a government funded…
One of the greatest challenges for any business organization is finding the right balance between secure technology and an engaging, timely customer experience. For financial institutions, in particular, it’s a struggle to satisfy customers’ demands for digital innovation without compromising compliance and security. “It’s important to realize that it’s not a trade-off,” says Sam Bakken,…
The future of 5G lies in the enterprise, states ABI Research. Use cases across different vertical markets, such as industrial automation, cloud gaming, private Long-Term Evolution (LTE), and smart transport systems, will become pervasive, and will unlock new opportunities for Mobile Service Providers (MSPs) along the way. This bright and lucrative future may be hampered by 5G’s past. That’s because early 5G implementations were designed to fit the needs of the consumer market first. “The … More →
Lost revenue (49%) and reputational damage (52%) are among the biggest concerns as businesses transform into software businesses and move to the cloud, according to Dynatrace. As CIOs struggle to prevent these concerns from becoming reality, IT teams now spend 33% of their time dealing with digital performance problems, costing businesses an average of $3.3 million annually, compared to $2.5 million in 2018; an increase of 34%. To combat this, 88% of CIOs say AI … More →
27% of IT teams in the financial industry migrated data to the cloud for no specific reason, and none of them received financial support from management for their cloud initiatives, according to Netwrix. Moreover, every third organization that received no additional cloud security budget in 2019 experienced a data breach. Other findings revealed by the research include: 56% of financial organizations that had at least one security incident in the cloud last year couldn’t determine … More →
I was a panellist at the e-Crime & Cybersecurity Congress last week, the discussion was titled 'What's happening to your business? Cloud security, new business metrics and future risks and priorities for 2019 and beyond", a recap of the points I made.
Cloud is the 'Default Model' for Business
Cloud is now the default model for IT services in the UK; cloud ticks all the efficiency boxes successful business continually craves. Indeed, the 'scales of economy' benefits are not just most cost-effective and more agile IT services, but also include better cybersecurity (by the major cloud service providers), even for the largest of enterprises. It is not the CISO's role to challenge the business' cloud service mitigation, which is typically part of a wider digital transformation strategy, but to ensure cloud services are delivered and managed to legal, regulatory and client security requirements, and in satisfaction of the board's risk appetite, given they ultimately own the cybersecurity risk, which is an operational business risk.
There are security pitfalls with cloud services, the marketing gloss of 'the cloud' should not distract security professionals into assuming IT security will be delivered as per the shiny sales brochure, as after all, cloud service providers should be considered and assessed in the same way as any other traditional third-party IT supplier to the business.
Cloud Security should not be an afterthought It is essential for security to be baked into a new cloud services design, requirements determination, and in the procurement process. In particular, defining and documenting the areas of security responsibility with the intended cloud service provider.
Cloud does not absolve the business of their security responsibilities All cloud service models, whether the standard models of Infrastructure as a Service (IaaS), Platform as a Service (PaaS) or Software as a Service (SaaS), always involve three areas of security responsibilities to define and document:
Cloud Service Provider Owned
Shared (Cloud Service Provider & Business)
For example with a PaaS model, the business is fully responsible for application deployment onto the cloud platform, and therefore the security of applications. The cloud service provider is responsible for the security of the physical infrastructure, network and operating system layers. The example of the 'shared' responsibility with this model, are the processes in providing and managing privileged operating system accounts within the cloud environment.
Regardless of the cloud model, data is always the responsibility of the business.
A "Trust but Verify" approach should be taken with cloud service providers when assuring the security controls they are responsible for. Where those security responsibilities are owned by or shared with the cloud service provider, ensure the specific controls and processes are detailed within a contract or in a supporting agreement as service deliverables, then oversight the controls and processes through regular assessments.
The cloud security guidance resources I recommended were: