CloudFlare’s New Keyless SSL Could Unlock Cloud For Financial Institutions

Ron Miller, TechCrunch,  Thursday, September 18, 2014

Financial institutions crave cloud scalability, but have been reluctant to jump on the cloud bandwagon because of security concerns. In particular, they have been hesitant to expose their precious SSL keys to the open internet. The key identifies them as a financial institution and lets the other party know they can accept or send funds. As you can imagine, they don’t ever want this information escaping their control. CloudFlare, a company that is trying to move all of the traditional networking hardware you typically have in an on-premises data center into the cloud, figured out how to let financial institutions have have it both ways.

Does the Government’s Mobility Program Go Far Enough to Protect Security and Privacy?

Julie Anderson by Julie Anderson, Civitas Group
Wednesday, September 17, 2014

From checking email to editing presentations on the fly, more federal employees are using mobile devices as part of their job. But technology policymakers at federal agencies, by and large, are still playing catch-up. But it hasn’t proven to be the last word on either protecting government-owned or private employee data. Among the lingering questions remaining to be answered: How can the government secure itself against the proliferation of devices and apps? And how will federal employees’ personal information stored on such platforms be protected?

Fundamentals of cloud security

Ram Lakshminarayanan, ZDNet,  Tuesday, September 16, 2014

Organisational pressure to reduce costs and optimise operations has led many enterprises to investigate cloud computing as a viable alternative to create dynamic, rapidly provisioned resources powering application and storage platforms. Despite potential savings in infrastructure costs and improved business flexibility, security is still the greatest barrier to implementing cloud initiatives for many companies. Information security professionals need to review a staggering array of security considerations when evaluating the risks of cloud computing.

The Dangers of Apps

Mary DeRosa by Mary DeRosa, The Chertoff Group
Monday, April 28, 2014

The explosion of smartphones and their apps has improved lives in many ways: greater convenience, more information, and far less boredom, to name a few. But the dangers of apps are beginning to get more attention. Apps access massive amounts of personal data, but they lag far behind other technologies when it comes to protection of privacy and data security.

What is the Cost of a Snowden?

Paul Rosenzweig by Paul Rosenzweig, The Chertoff Group
Wednesday, March 26, 2014

In 2012, the American cybersecurity company, Mandiant (now owned by FireEye) released a report tracking an extensive, comprehensive cybersecurity threat from China. It gave the Chinese program the name “APT-1,” where APT stands for Advanced Persistent Threat. APT was as accurate a characterization as one could imagine – the techniques used by the Chinese where highly sophisticated and advanced, and they were determined and continuous.

U.S. Cloud Services Companies Are Paying Dearly for NSA Leaks

Mary DeRosa by Mary DeRosa, The Chertoff Group
Monday, March 24, 2014

Edward Snowden’s leaks about National Security Agency surveillance practices have had a profound effect on the U.S. cloud computing industry. Experts disagree on the long-term harm to U.S. companies, but recent projections are for $22 billion or more in lost revenue over the next three years. The harm comes largely from backlash over the perceived complicity of U.S. technology companies with NSA operations. That U.S. companies will suffer harm this significant as a result of U.S. government activities raises important questions about U.S. decision-making. In particular, have economic issues, including the competitiveness of U.S. industry and the health of the Internet economy received enough attention in decisions about surveillance? The answer appears to be no.

Cyber Security: Finding the Balance

Scott Andersen by Scott Andersen, CGI
Monday, March 17, 2014

Cyber Security is a tough situation. You have to protect your digital assets. It isn’t in your organization’s best interest to leave things open and at risk. On the other hand, your end users are pushing for more and more capabilities and access to more and more resources from more and more locations.

12 ways to better merge cloud services with ongoing cyber initiatives

Jason Miller, Federal News Radio,  Thursday, January 23, 2014

In the rush to the cloud over the last three years, most agencies have tempered their desires and excitement because of security concerns. Agency chief information officers have struggled to satisfactorily answer a number of questions regarding data ownership and protection, and how do the existing cross-agency cyber initiatives fit into the cloud structure.

Industry group advocates linking cloud, cybersecurity planning

Rutrell Yasin, Government Computer News,  Wednesday, January 22, 2014

An IT industry group led by former Office of Management and Budget e-government administrator Karen Evans says it’s time for the federal government to interconnect the three major IT initiatives it has been driving along largely separate tracks for the last decade: cloud, cybersecurity and mobile computing.

Herding the stray cats of federal IT ambitions

Amber Corrin, Federal Computer Week,  Wednesday, January 22, 2014

Most government agencies are embracing the benefits of cloud computing, a mobile workforce and cybersecurity measures to protect critical networks and assets. But in many cases it has been a struggle just to get to that point, and hurdles remain as different approaches present a fragmented federal IT security picture.