Dr. Philip Cao (aka #DrPC), EDBA, MSCS, ZTX-I, CCISO, CISM, CMSC, CCSP, CCSK, CASP, GICSP, PCSPI is a Strategist, Advisor, Educator, Contributor and Motivator. He’s also a Cyber | Zero Trust Strategist & Evangelist and Chief Trust Officer. He has 24 years’ experience in IT/Cybersecurity industry in various sectors & positions.
Sielte SpA is an international cloud-based information and communication technology (ICT) service provider that provides telecommunication and energy systems across fixed networks, mobile and wireless networks, and equipment and systems.
Sielte has over 500 customers operating in its cloud, encompassing approximately 10,000 devices and a wide range of applications. With such high levels of activity, Sielte has to be constantly vigilant against cyberthreats.
The increasing pressure from its customers, combined with a breach to its previous Cisco firewall, prompted the company to seek a new network security solution. Sielte chose to deployPalo Alto Networks Next-Generation Security Platform in its data center in Catania, Italy.
Sielte’s deployment of the Palo Alto Networks Next-Generation Platform included the PA-5050 Next-Generation Firewall as an Internet gateway for network security and segmentation, as well as subscriptions for Threat Prevention, URL Filtering (PAN-DB), and WildFire. Through this holistic approach, Sielte successfully established a preventive security posture to proactively identify and avert cyberattacks. In addition, the new platform increased their network performance by 150 percent, enabling greater throughput to support the highest number of concurrent user session, and reducing security administration time by 20 percent.
“Working with Palo Alto Networks gives Sielte a great advantage for expanding our cloud business,” Dr. Salvo Rosa, Sielte’s chief security officer, says. “Palo Alto Networks is a clear leader in security innovation, and as a partner, we will have exposure to their latest technology to protect our customers from the most advanced cyberthreats. We see partnership with Palo Alto Networks as a very important vehicle for increasing customer confidence in Sielte, attracting new customers, and opening new markets to help our business grow.”
Robert Megennis is a 16-year-old racing prodigy. Palo Alto Networks is proud to be an ongoing sponsor of Rob’s races for the 2016 Mazda Road to Indy racing season. We’ll be checking in to chronicle his adventures as a true next-generation competitor!
The summer is off to a big start for our Indy car driver Robert Megennis. Last week his goal of racing in the Indy 500 came a step closer to reality when he competed in the Carb Night Classic, a 75-lap race held in Indianapolis as a precursor to the main event, the Indy 500.
Robert was also recently featured in a New York Daily News story, and we invite you to read to learn more about Robert’s journey. It’s a tale of passion and inspiration, something we relate to strongly here at Palo Alto Networks. Best of luck, Robert!
Let me say in advance that you will not learn a new audit or data analytics technique from this article. It is purely to demonstrate the power of data analytics on a massive scale. My goal is to inspire you.
A few months ago I attended a conference that featured Dr. Neil deGrasse Tyson as the keynote speaker. And yes, he is that guy from the Cosmos: A Spacetime Odyssey TV show.
He was hilarious and engaged the audience, receiving a standing ovation from the data geeks. He inspired me to make even more use of data analytics.
His first comment was about Pluto: “It is not a planet. Get over it.” And then he said: “We demoted Pluto because we had more data.” Whaaat? That sentence resonated with me so much that I started researching about the data that demoted Pluto.
I learned how powerful new ground and space-based observatories have completely changed our understanding of the outer solar system. As these tools have evolved over the past generation, so too has our picture of the universe. New capabilities have provided new understandings about our place in the cosmos, but they have also unleashed a baffling torrent of data. Amazing discoveries might be right in front of us, yet hidden within all that information.
Since 2000, the Sloan Digital Sky Survey at Apache Point Observatory in New Mexico has imaged more than one-third of the night sky, capturing more than 930,000 galaxies and 120,000 quasars. Computational analysis of Sloan’s prodigious data set has uncovered evidence of some of the earliest known astronomical objects and has determined that most large galaxies harbor super massive black holes. It has even mapped out the three-dimensional structure of the local universe.
So it was just a question of time until someone started searching for large objects everywhere, including the Kuiper Belt. It was astronomer Mike Brown who was convinced by the data on the Belt that there must be many more nearby objects and that some of them were potentially larger than Pluto.
Bingo! In 2003 Brown thought he had found a new planet that was larger than Pluto. He named it Eris (EER-is). Instead of being the only planet in its region, like the rest of the solar system, Pluto and its moons are now known as just a large example of a collection of objects in the Kuiper Belt.
“You didn’t lose a Planet; you gained a new place in the universe.” Dr. Neil deGrasse Tyson
The Kuiper Belt data that led to Pluto’s demotion came from routine observations at Mount Palomar Observatory in California. These data are stored at many repositories, including the National Optical Astronomy Observatory (NOAO) in the United States. The NOAO collects a large quantity and variety of scientific data products, including images, spectra, catalogs, etc., from many instruments deployed on two continents. Wow!
The NOAO has archived all data from their telescopes, accumulating about 10 terabytes of data annually. These data are now available to the public, which is actually an exciting discovery for a data geek like me.
The key to maximizing knowledge extracted from this massive amount of data is the successful application of data mining and knowledge discovery techniques. The data can help classify stars, galaxies and planetary nebulae based on images and spectral parameters, forecasting of sunspots and geomagnetic storms from solar winds, antimatter search in cosmic rays, etc.
Astronomy professor Robert Brunner said: “Before Sloan, individual researchers or small groups dominated astronomy. You’d go to a telescope, get your data and analyze it. Then Sloan came along and suddenly there was this huge data set designed for one thing, but people were using it for all kinds of other interesting things.” Brilliant!
There you go—factual big data demoted Pluto and not some technicality pushed by a small group of scientists.
I hope you search for interesting ways to use the data available to you. Perhaps to revise long-standing decisions and notions formed when data and easy-to-use analytics tools were less reliable. What truth is hidden on your data just waiting to be set free? You may want to reflect on how much of this all applies to corporate environments.
Editor’s note: The ISACA Now Blog section is celebrating Women in Technology Month throughout June by featuring female bloggers. If you are a female blogger and would like to contribute a blog, please contact us at news@isaca.org.
Karina Korpela, CISA, CISM, CISSP, PMP, IT Audit Manager, AltaLink
It’s Backup Awareness Month—time to take stock of how well your backup system is serving your organization. To help you get started, here are five telltale signs you don’t have the most modern endpoint backup system:
1. You still get Help Desk calls to retrieve lost data.
The latest backup systems feature intuitive, self-service backup so employees can restore their own data. Not surprisingly, enterprises with a modern endpoint backup system cited fewer backup/restore-related support tickets as a top benefit in a recent survey. More importantly, they were able to use the reduced support time to cost justify their more-advanced system.
2. Your backup system doesn’t support multiple platforms.
Today, 96 percent of companies support Macs. That’s because the enterprise has gone heterogeneous and your backup system should, too. A modern endpoint backup system doesn’t care whether a file is on Windows, Linux or OS X, or whether a device operates on iOS, Android or Kindle Fire. It backs up every file, every time, from anywhere—without requiring a cumbersome VPN connection.
3. You have no visibility into what’s on employee devices.
The latest backup systems give IT a comprehensive, single point of visibility and control across every employee device in the enterprise—including desktops, tablets and smartphones. You gain the insight to pinpoint leaks and prevent insider threat, because you know:
Which employees are uploading which files to third-party clouds
Which employees have transferred which files to removable media
Which employees have uploaded which files via web browsers, including web-based email attachments
Unusual file restores that may signal compromised credentials
The content of files and folders
The location of sensitive, classified and “protected” data
4. You can’t pinpoint where a breach occurred.
With legacy backup, you have to conduct lots of inquiries that take lots of time. With a modern endpoint system, you have visibility into every endpoint (see #3 above), so you can quickly identify where a breach occurred and reduce your Mean Time to Contain (MTTC). You also eliminate unnecessary reporting, because with 100 percent data attribution, you know for certain whether or not there was a breach.
5. You have to confiscate a device to enact a legal hold.
Really? Are you still putting up with that significant productivity drain? With a modern endpoint backup system, your legal team can conduct in-place legal holds and file collection without confiscating user devices—and without having to rely on IT staff.
If two or more of these statements apply to your organization, it’s time to go shopping for modern endpoint backup. See #1 above on how to cost justify it.
We have two surveys open. If you have a few minutes and would like to win
some cool prizes, consider taking our surveys.
Mitigating Risk for Cloud Apps
Time: 10-15 minutes Prizes: 10 CCSK tokens and a fun new prize will be added shortly Abstract:
Current state of SaaS security – with several years of cloud adoption in many organizations, approaches to security have been evolving rapidly. The purpose of this survey is to look at the specific concerns, policies, and controls that enterprises are using. The goal will be to answer the question, what are today’s enterprises doing to mitigate risk across both sanctioned and unsanctioned cloud applications?
Time: 25 minutes Prizes:Oculus Rift virtual reality set and 5 CCSK Tokens Abstract:
The shift of IT resources to the cloud is changing the day-to-day operations of IT security teams. This survey investigates shifts in IT security in 2016 including changing budgets and the importance of new skills. The survey will also investigate IaaS adoption and barriers to securing corporate data stored in applications on IaaS platforms. Finally, the survey will gauge your organization’s perspective and experience with security alerts and endpoint agents.