Private Clouds, Cyber-security, Privacy: ISACA Issues Guidance on Top 2013 TrendsAdded 20th Dec 2012
ISACA, a non-profit global association of more than 100,000 IT audit, security, risk, and governance professionals, released guidance on managing three top trends expected to pose major challenges to Indian businesses in 2013: Private vs. public clouds, cyber-security threats, and data privacy.
Debate over Private vs. Public Cloud
Over the next 12 months, information security concerns will prompt a growing interest in private or hybrid (public/private) cloud solutions. The expected rise of “personal clouds” will add to the challenge of protecting data across multi-platforms. Cost, speed, manageability, and security are the factors most debated in cloud computing.
ISACA’s 2012 IT Risk/Reward Barometer shows that IT professionals remain wary of public clouds; 64 percent believe that the risk of using public clouds outweighs the benefit.
At the same time, it was highlighted that 66 percent of respondents in India believe that the private cloud has its own benefits which overcome the possible risk factors. This finding showed that respondents believe the benefits of private cloud far outweigh the risk, when compared with other cloud platforms, such as hybrid (17 percent) and public (15 percent) cloud platform.
The survey also highlighted that 31 percent of respondents have deployed private cloud for mission-critical services, compared to public cloud (6 percent) and hybrid cloud (7 percent). At the same time, for low-risk, non-mission critical services, enterprises are bullish on deploying public cloud (26 percent), compared to private cloud (22 percent) and hybrid cloud platform (23 percent).
Increasingly Sophisticated Cyber-security Threats in India
Viruses that send unsolicited e-mails and attack web sites, as well as search engine poisoning—where unwitting users are misdirected toward questionable or fraudulent sites—are among the increasingly sophisticated tactics used to capture and exploit consumer data and pose threats to international supply chains.
Due to phishing scams and social engineering attacks, clicking on an e-mail link from a work-supplied computer or smartphone presents a high risk to enterprises, say 56 percent of IT professionals in India.
Avinash Kadam, advisor, ISACA’s India Task Force, says, “With the growing number of cyber threats, it is critical for enterprises to safeguard their information assets. Addressing cyber issues should be considered beyond defining internet policies. It is equally important for enterprises to educate their employees on information risks, as it is not just an IT issue, but also a business issue.”
To address the growing cyber-security concerns in India and throughout the world, a team of ISACA members is dedicated to researching cyber-security issues and developing guidance to help enterprises protect their information assets. ISACA recommends that management address cyber-crime across all areas, including:
• Incident and crisis management
• Cooperation with investigating organizations
Growing Privacy Concerns
In the coming year, IT professionals will have to manage not just threats of data leakage and identity theft, but also growing consumer and employee concerns about data privacy.
Niraj Kapasi, IT auditor and chair of ISACA’s India Task Force, says, “Enterprises in India should be conscious that data protection goes beyond securing servers at datacenters or office premises. With the growing number of cyber threats globally, information risk can come from existing employees, customers, industrial surveillance by competitors, hackers, organized crime, and even foreign governments.” He added, “It is important for business leaders to govern privacy, evaluate the risk around privacy, ensure proper security management and effectively govern sensitive information.”
Enterprises can use the COBIT 5 framework to govern their information and systems. The framework publication is available as a free download at www.isaca.org/cobit.
Riverbed Technology has released a rebranded SteelFusion line of storage appliances, signaling its intention to further centralize its branch office lines and combine as much functionality as possible into a single device.
Red Hat is looking to advance the Docker Linux container application for wider enterprise use.
In a surprise announcement, enterprise asset intelligence company Zebra Technologies said it is acquiring Motorola's Enterprise business for US$3.45 billion in an all-cash transaction.
Microsoft may have ended support for Windows XP, but free antivirus software vendor Avast projects that for millions of users, that won't mean squat.
Microsoft is targeting the growing volume of data being generated by both machines and humans: CEO Satya Nadella on Tuesday showed off tools that could help organizations better understand -- and profit from -- this trove of information.
SAP user groups are stepping up pressure on the vendor over the fees charged for its user-friendly Fiori applications, saying they should be included as part of the substantial annual maintenance costs customers already pay.
Intel is trying desperately to grow its share of the tablet market, and with Windows flunking out on those devices, Android is where it's at.
VMware started patching its products against the critical Heartbleed flaw that puts encrypted communications at risk, and plans to have updates ready for all affected products by Saturday.
In the race to protect themselves from the Heartbleed vulnerability, enterprises could be opening themselves up to new attacks if they aren't careful.
The operator of an independent website aimed at helping users of J.D. Edwards enterprise resource planning software has shut it down after Oracle alleged the site infringed on its copyrights.
Big data analytics are driving rapid growth for public cloud computing vendors with revenues for the top 50 public cloud providers shooting up 47% in the fourth quarter last year to $6.2 billion, according to Technology Business Review Inc.
Microsoft is updating its Web-based Office Online suite, narrowing the features gap with the main Office 365 and Office 2013 suites installed on users' devices.
While almost all of the attention has centered on patching Web servers and advising users to change their passwords, security researchers have discovered that individual client PCs and devices are also at risk thanks to "Reverse Heartbleed."
McAfee has released a free 'Heartbleed checker' to help internet users easily gauge their susceptibility to the Heartbleed Bug.
Akamai Technologies, whose network handles up to 30 percent of all Internet traffic, said that a researcher found a fault in custom code that the company thought shielded most of its customers from the Heartbleed bug.