Archive for

Nov 30

How To Excel At Secured Cloud Migrations With A Shared Responsibility Model

60% of security and IT professionals state that security is the leading challenge with cloud migrations, despite not being clear about who is responsible for securing cloud environments.
71% understand that controlling privileged access to cloud service administrative accounts is a critical concern, yet only 53% cite secure access to cloud workloads as a key objective of their cloud Privileged Access Management (PAM) strategies.

These and many other fascinating insights are from the recent Centrify survey, Reducing Risk in Cloud Migrations: Controlling Privileged Access to Hybrid and Multi-Cloud Environments, downloadable here. The survey is based on a survey of over 700 respondents from the United States, Canada, and the UK from over 50 vertical markets, with technology (21%), finance (14%), education (10%), government (10%) and healthcare (9%) being the top five. For additional details on the methodology, please see page 14 of the study.

What makes this study noteworthy is how it provides a candid, honest assessment of how enterprises can make cloud migrations more secure by a better understanding of who is responsible for securing privileged access to cloud administrative accounts and workloads.

Key insights from the study include the following:

Improved speed of IT services delivery (65%) and lowered total cost of ownership (54%) are the two top factors driving cloud migrations today. Additional factors include greater flexibility in responding to market changes (40%), outsourcing IT functions that don’t create competitive differentiation (22%), and increased competitiveness (17%). Reducing time-to-market for new systems and applications is one of the primary catalysts driving cloud migrations today, making it imperative for every organization to build security policies and systems into their cloud initiatives.

Security is the greatest challenge to cloud migration by a wide margin. 60% of organizations define security as the most significant challenge they face with cloud migrations today. One in three sees the cost of migration (35%) and lack of expertise (30%) being the second and third greatest impediments to cloud migration project succeeding. Organizations are facing constant financial and time constraints to achieve cloud migrations on schedule to support time-to-market initiatives. No organization can afford the lost time and expense of an attempted or successful breach impeding cloud migration progress.

71% of organizations are implementing privileged access controls to manage their cloud services. However, as the privilege becomes more task-, role-, or access-specific, there is a diminishing interest of securing these levels of privileged access as a goal, evidenced by only 53% of organizations securing access to the workloads and containers they have moved to the cloud. The following graphic reflects the results.

An alarmingly high 60% of organizations incorrectly view the cloud provider as being responsible for securing privileged access to cloud workloads. It’s shocking how many customers of AWS and other public cloud providers are falling for the myth that cloud service providers can completely protect their customized, highly individualized cloud instances. The native Identity and Access Management (IAM) capabilities offered by AWS, Microsoft Azure, Google Cloud, and others provide enough functionality to help an organization get up and running to control access in their respective homogeneous cloud environments. Often they lack the scale to adequately address the more challenging, complex areas of IAM and Privileged Access Management (PAM) in hybrid or multi-cloud environments, however. For an expanded discussion of the Shared Responsibility Model, please see The Truth About Privileged Access Security On AWS and Other Public Clouds. The following is a graphic from the survey and Amazon Web Services’ interpretation of the Shared Responsibility Model.

Implementing a common security model in the cloud, on-premises, and in hybrid environments is the most proven approach to making cloud migrations more secure. Migrating cloud instances securely needs to start with Multi-Factor Authentication (MFA), deploying a common privileged access security model equivalent to on-premises and cloud systems, and utilizing enterprise directory accounts for privileged access. These three initial steps set the foundation for implementing least privilege access. It’s been a major challenge for organizations to do this, particularly in cloud environments, as 68% are not eliminating local privilege accounts in favor of federated access controls and are still using root accounts outside of “break glass” scenarios. Even more concerning, 57% are not implementing least privilege access to limit lateral movement and enforce just-enough, just-in-time-access.

When it comes to securing access to cloud environments, organizations don’t have to re-invent the wheel. Best practices from securing on-premises data centers and workloads can often be successful in securing privileged access in cloud and hybrid environments as well.

Conclusion

The study provides four key takeaways for anyone working to make cloud migrations more secure. First, all organizations need to understand that privileged access to cloud environments is your responsibility, not your cloud providers’. Second, adopt a modern approach to Privileged Access Management that enforces least privilege, prioritizing “just enough, just-in-time” access. Third, employ a common security model across on-premises, cloud, and hybrid environments. Fourth and most important, modernize your security approach by considering how cloud-based PAM systems can help to make cloud migrations more secure.

Nov 29

7 Signs It’s Time To Get Focused On Zero Trust

When an experienced hacker can gain access to a company’s accounting and financial systems in 7 minutes or less after obtaining privileged access credentials, according to Ponemon, it’s time to get focused on Zero Trust Security. 2019 is on its way to being a record year for ransomware attacks, which grew 118% in Q1 of this year alone, according to McAfee Labs Threat Report. Data breaches on healthcare providers reached an all-time high in July of this year driven by the demand for healthcare records that range in price from $250 to over $1,000 becoming best-sellers on the Dark Web. Cybercriminals are using AI, bots, machine learning, and social engineering techniques as part of sophisticated, well-orchestrated strategies to gain access to banking, financial services, healthcare systems, and many other industries’ systems today.

Enterprises Need Greater Urgency Around Zero Trust

The escalating severity of cyberattacks and their success rates are proving that traditional approaches to cybersecurity based on “trust but verify” aren’t working anymore. What’s needed is more of a Zero Trust-based approach to managing every aspect of cybersecurity. By definition, Zero Trust is predicated on a “never trust, always verify” approach to access, from inside or outside the network. Enterprises need to begin with a Zero Trust Privilege-based strategy that verifies who is requesting access, the context of the request, and the risk of the access environment.

How urgent is it for enterprises to adopt Zero Trust? A recent survey of 2,000 full-time UK workers, completed by Censuswide in collaboration with Centrify, provides seven signs it’s time for enterprises to get a greater sense of urgency regarding their Zero Trust frameworks and initiatives. The seven signs are as follows:

77% of organizations’ workers admit that they have never received any form of cybersecurity skills training from their employer. In this day and age, it’s mind-blowing that three of every four organizations aren’t providing at least basic cybersecurity training, whether they intend to adopt Zero Trust or not. It’s like freely handing out driver’s licenses to anyone who wants one so they can drive the freeways of Los Angeles or San Francisco. The greater the training, the safer the driver. Likewise, the greater the cybersecurity training, the safer the worker, company and customers they serve.
69% of employees doubt the cybersecurity processes in place in their organizations today. When the majority of employees don’t trust the security processes in place in an organization, they invent their own, often bringing their favorite security solutions into an enterprise. Shadow IT proliferates, productivity often slows down, and enterprise is more at risk of a breach than ever before. When there’s no governance or structure to managing data, cybercriminals flourish.
63% of British workers interviewed do not realize that unauthorized access to an email account without the owner’s permission is a criminal offense. It’s astounding that nearly two-thirds of the workers in an organization aren’t aware that unauthorized access to another person’s email account without their permission is a crime. The UK passed into law 30 years ago the Computer Misuse Act. The law was created to protect individuals’ and organizations’ electronic data. The Act makes it a crime to access or modify data stored on a computer without authorization to do so. The penalties are steep for anyone found guilty of gaining access to a computer without permission, starting with up to two years in prison and a £5,000 fine. It’s alarming how high the lack of awareness is of this law, and an urgent call to action to prioritize organization-wide cybersecurity training.
27% of workers use the same password for multiple accounts. The Consensus survey finds that workers are using identical passwords for their work systems, social media accounts, and both personal and professional e-mail accounts. Cybersecurity training can help reduce this practice, but Zero Trust is badly needed to protect privileged access credentials that may have identical passwords to someone’s Facebook account, for example.
14% of employees admitted to keeping their passwords recorded in an unsecured handwritten notebook or on their desk in the office. Organizations need to make it as difficult as possible for bad actors and cybercriminals to gain access to passwords instead of sharing them in handwritten notebooks and on Post-It notes. Any organization with this problem needs to immediately adopt Multi-Factor Authentication (MFA) as an additional security measure to ensure compromised passwords don’t lead to unauthorized access. For privileged accounts, use a password vault, which can make handwritten password notes (and shared passwords altogether) obsolete.
14% do not use multi-factor authentication for apps or services unless forced to do so. Centrify also found that 58% of organizations do not use Multi-Factor Authentication (MFA) for privileged administrative access to servers, leaving their IT systems and infrastructure unsecured. Not securing privileged access credentials with MFA or, at the very least, vaulting them is like handing the keys to the kingdom to cybercriminals going after privileged account access. Securing privileged credentials needs to begin with a Zero Trust-based approach that verifies who is requesting access, the context of the request, and the risk of the access environment.
1 out of every 25 employees hacks into a colleague’s email account without permission. In the UK, this would be considered a violation of the Computer Misuse Act, which has some unfortunate outcomes for those found guilty of violating it. The Censuswide survey also found that one in 20 workers have logged into friend’s Facebook accounts without permission. If you work in an organization of over 1,000 people, for example, 40 people in your company have most likely hacked into a colleague’s email account, opening up your entire company to legal liability.

Conclusion

Leaving cybersecurity to chance and hoping employees will do the right thing isn’t a strategy; it’s an open invitation to get hacked. The Censuswide survey and many others like it reflect a fundamental truth that cybersecurity needs to become part of the muscle memory of any organization to be effective. As traditional IT network perimeters dissolve, enterprises need to replace “trust but verify” with a Zero Trust-based framework. Zero Trust Privilege mandates a “never trust, always verify, enforce least privilege” approach to privileged access, from inside or outside the network. Leaders in this area include Centrify, who combines password vaulting with brokering of identities, multi-factor authentication enforcement, and “just enough” privilege, all while securing remote access and monitoring of all privileged sessions.

Nov 27

1 Comment

What’s New On The Zero Trust Security Landscape In 2019

Forrester added in Checkpoint, Forescout, Google, illumio, MobileIron, Proofpoint, Symantec, and Unisys in their latest Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers this year.
Forrester’s 2019 scorecard increased the weight on network security, automation and orchestration, and portfolio growth rate compared to last year, adding in Zero Trust eXtended (ZTX) ecosystem advocacy to the scorecard for the first time.
Microsoft and VMWare are no longer included in the Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers this year.

These and many other interesting insights are from what’s new in the Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers, Q4 2019, written by Chase Cunningham and published on October 29, 2019. Chase is a leading authority on Zero Trust Security, and I was fortunate to have the opportunity to interview him earlier this year. You can read the interview here,10 Questions With Chase Cunningham On Cybersecurity. Forrester included 14 vendors in this assessment: Akamai Technologies, Check Point, Cisco, Cyxtera Technologies, Forcepoint, Forescout, Google, illumio, MobileIron, Okta, Palo Alto Networks, Proofpoint, Symantec, and Unisys. The following is the Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers, Q4 2019 graphic from the free reprint offered by MobileIron here.

Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers, Q4 2019

Summary of What’s New In Forrester’s Zero Trust Wave This Year

The latest Forrester Wave adds in and places high importance on Zero Trust eXtended (ZTX) ecosystem advocacy, allocating 25% of the weight associated with the Strategy section on the scorecard. Forrester sees Zero Trust as a journey, with vendors who provide the greatest assistance and breadth of benefits on a unified platform being the most valuable. The Wave makes it clear that Zero Trust doesn’t refer to a specific technology but rather the orchestration of several technologies to enable and strengthen their Zero Trust framework. Key insights from what’s new this year in the Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers, Q4 2019 include the following:

Platforms are powering the Zero Trust landscape and delivering the greatest value to organizations on their Zero Trust journey. Forrester notes that organizations are getting the greatest benefits from choosing a single vendor who can deliver integrated, real-world capabilities instead of marketing hype.
Ease of use and excellent usability need to be the new normal when it comes to Zero Trust Solutions. Forrester sees a widening gap between Zero Trust solutions that take administrator and end-user experience into account and deliver the critical capabilities that make ZTX frameworks successful and those that don’t. It’s common knowledge of how challenging Zero Trust solutions and platforms are to deploy. Raising the issue of improving usability will help expand the total available market for Zero Trust solutions and increase the effectiveness of every platform installed.
A much stronger focus on Application Programmer Interfaces (APIs) and integration. This year’s Wave places much greater emphasis on APIs and the need to integrate every application and Web Service across a Zero Trust platform. The greater the integration expertise of any Zero Trust vendor, the faster an organization adopting their systems and platforms will attain secured stability across every threat surface.
Forrester advises Zero Trust vendors to concentrate on four key aspects of their strategy if they’re going to deliver overwhelming value to organizations they’re selling to. These four key aspects include actively advocating for Zero Trust as evidenced by driving product strategies that prioritize needed capabilities; supporting micro-segmentation; enforcing policy everywhere by first enabling extensive, proven integrations using well-documented and tested APIs that make it possible to enable policy definition and enforcement across enterprises; and provide identity beyond identity and access management (IAM).
Cyxtera Technologies, MobileIron, and Proofpoint are new to the Zero Trust World, each bringing valuable contributions to enterprises on their Zero Trust journey. Of the three, MobileIron is the most noteworthy as their approach to Zero Trust begins with the device and scales across mobile infrastructures. Forrester observes that “MobileIron’s recently released authenticator, which enables passwordless authentication to cloud services, is a must for future-state Zero Trust enterprises and speaks to its innovation in this space.” MobileIron’s product suite also includes a federated policy engine that enables administrators to control and better command the myriad of devices and endpoints that enterprises rely on today. Forrester sees all three vendors as having excellent integration at the platform level, a key determinant of how effective they will be in providing support to enterprises pursuing Zero Trust Security strategies in the future.

Conclusion

The latest Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers, Q4 2019, reflects the growing maturity of the Zero Trust eXtended (ZTX) Ecosystem. Adding in Zero Trust eXtended (ZTX) ecosystem advocacy and weighing it at 25% reflects how serious Forrester is about evaluating vendors on solid, real product features over marketing claims. The increased focus on platforms, APIs and integration also reflect the growing maturity of enterprises adopting Zero Trust frameworks today.

Nov 24

1 Comment

10 Charts That Will Change Your Perspective Of AI In Security

Rapid advances in AI and machine learning are defining cybersecurity’s future daily. Identities are the new security perimeter and Zero Trust Security frameworks are capitalizing on AI’s insights to thwart breaches in milliseconds. Advances in AI and machine learning are also driving the transformation of endpoint security toward greater accuracy and contextually intelligence.

69% of enterprise executives believe artificial intelligence (AI) will be necessary to respond to cyberattacks with the majority of telecom companies (80%) saying they are counting on AI to help identify threats and thwart attacks according to Capgemini. Gartner predicts $137.4B will be spent on Information Security and Risk Management in 2019, increasing to $175.5B in 2023, reaching a CAGR of 9.1%. Cloud Security, Data Security, and Infrastructure Protection are the fastest-growing areas of security spending through 2023. The following ten charts illustrate the market and technological factors driving the rapid growth of AI in security today:

AI shows the greatest potential for fraud detection, malware detection, assigning risk scores to login attempts on networks, and intrusion detection. Supervised and unsupervised machine learning algorithms are proving to be effective in identifying potentially fraudulent online transaction activity. By definition, supervised machine learning algorithms rely on historical data to find patterns not discernible with traditional rule-based approaches to fraud detection. Finding anomalies, interrelationships, and valid links between emerging factors and variables is unsupervised machine learning’s core strength. Combining each is proving to be very effective in identifying anomalous behavior and reducing or restricting access. Kount’s Omniscore relies on these technologies to provide an AI-driven transaction safety rating. Source: Capgemini Research Institute, Reinventing Cybersecurity with Artificial Intelligence – The new frontier in digital security (28 pp., PDF, no opt-in).

10 Charts That Will Change Your Perspective Of AI In Security

80% of telecommunications executives stated that they believe their organization would not be able to respond to cyberattacks without AI. Across all seven industries studied in a recent Capgemini survey, 69% of all senior executives say they would not be able to respond to a cyberattack without AI. 75% of banking executives realize they’ll need AI to thwart a cyberattack. Interestingly, 59% of Utilities executives, the lowest response to this question on the survey, see AI as essential for battling a cyberattack. Utilities are one of the more vulnerable industries to attacks given their legacy infrastructure. Source: Statistica, Share of organizations that rely on artificial intelligence (AI) for cybersecurity in selected countries as of 2019, by industry

51% of enterprises primarily rely on AI for threat detection, leading prediction, and response. Consistent with the majority of cybersecurity surveys of enterprises’ AI adoption for cybersecurity in 2019, AI is relied the majority of the time for detecting threats. A small percentage of enterprises have progressed past detection to prediction and response, as the graphic below shows. Many of the more interesting AI projects today are in prediction and response, given how the challenges in these areas expand the boundaries of technologies fast. Source: Capgemini Research Institute, Reinventing Cybersecurity with Artificial Intelligence – The new frontier in digital security (28 pp., PDF, no opt-in).

75% of enterprises are relying on AI-based platforms and solutions for network security today, making it the most common use case. 71% are relying on AI for data security, and 68% for endpoint security. The graphic below reflects how AI now is integral to the top seven cybersecurity strategies many enterprises rely on today. Source: Statistica, Top Artificial Intelligence (AI) Use Cases For Cybersecurity In Organizations In Selected Countries As Of 2019

Enterprises are relying on AI as the foundation of their security automation frameworks. AI-driven security automation frameworks are designed to flex and support new digital business models across an organization. Existing security automation frameworks can crunch and correlate threat patterns on massive volumes of disparate data, which introduces opportunities for advanced cybersecurity without disrupting business. Using alerts and prescriptive analytics for dynamic policies to address identified risks, enterprises can speed deployment of threat-blocking measures, increasing the agility of security operations. Source: Cognizant, Combating Cybersecurity Challenges with Advanced Analytics (PDF, 24 pp., no opt-in).

Cybersecurity leads all other investment categories this year of TD Ameritrade’s Registered Investment Advisors (RIA) Survey. The survey found RIAs are most interested in investment opportunities for their clients in AI-based cybersecurity new ventures. Source: TD Ameritrade Institutional 2019 RIA Sentiment Survey (PDF, 35 pp., no opt-in)

62% of enterprises have adopted and implemented AI to its full potential for cybersecurity, or are still exploring additional uses. AI is gaining adoption in U.S.-based enterprises and is also being recommended by government policy influencers. Just 21% of enterprises have no plans for using AI-based cybersecurity today. Source: Oracle, Security In the Age Of AI (18 pp., PDF. no opt-in

71% of today’s organizations reporting they spend more on AI and machine learning for cybersecurity than they did two years ago. 26% and 28% of U.S. and Japanese IT professionals believe their organizations could be doing more. Additionally, 84% of respondents believe cyber-criminals are also using AI and ML to launch their attacks. When considered together, these figures indicate a strong belief that AI/ML based cybersecurity is no longer simply nice to have; it’s crucial to stop modern cyberattacks. Source: Webroot, Knowledge Gaps: AI and Machine Learning in CyberSecurity Perspectives from the U.S. and Japanese IT Professionals (PDF, 9 pp., no opt-in)

73% of enterprises have adopted security products with some form of AI integrated into them. Among enterprises that receive more than 1,000 alerts per day, the percentage that has AI-enabled products in their security infrastructure jumps to 84%. The findings suggest that some decision makers view AI as useful capability in dealing with the flood of alerts that they receive. Source: Osterman Research, The State of AI in Cybersecurity: The Benefits, Limitations and Evolving Questions (PDF, 10 pp., opt-in).

AI’s greatest benefit is the increase in the speed of analyzing threats (69%) followed by an acceleration in the containment of infected endpoints/devices and hosts (64%). Because AI reduces the time to respond to cyber exploits organizations can potentially save an average of more than $2.5 million in operating costs. Source: The Value of Artificial Intelligence in Cybersecurity – Sponsored by IBM Security Independently conducted by Ponemon Institute LLC, July 2018.

Nov 14

1 Comment

5 Proven Ways Manufacturers Can Get Started With Analytics

46% of manufacturers agree that implementing and using data analytics is necessary to stay competitive and grow their businesses.
69% of manufacturing decision-makers believe analytics will be crucial for business success in 2020, with 15% considering it crucial today.
32% of manufacturers see the potential for analytics to improve supply chain performance and increase revenue. Manufacturers perceive data analytics as a key component of successful sourcing, procurement, and production strategies.

Going into 2020, manufacturers are at an inflection point in their adoption of analytics and business intelligence (BI). Analytics applications and tools make it possible for them to gain greater insights from the massive amount of data they produce every day. And with manufacturing leading all industries on the planet when it comes to the amount of data generated from operations daily, the potential to improve shop floor productivity has never been more within reach for those adopting analytics and BI applications.

Analytics and BI Are High Priorities In Manufacturing Today

Increasing the yield rates and quality levels for each shop floor, machine and work center is a high priority for manufacturers today. Add to that the pressure to stay flexible and take on configure-to-order and engineer-to-order special products fulfilled through short-notice production runs and the need for more insight into how each phase of production can be improved. Gartner’s latest survey of heavy manufacturing CIOs in the 2019 CIO Agenda: Heavy Manufacturing, Industry Insights, by Dr. Marc Halpern. October 15, 2018 (Gartner subscription required) reflects the reality all manufacturers are dealing with today. I believe they’re in a tough situation with customers wanting short-notice production time while supply chains often needing to be redesigned to reduce or eliminate tariffs. They’re turning to analytics to gain the insights they need to take on these challenges and more. The graphic below is from Gartner’s latest survey of heavy manufacturing CIOs, it indicates the technology areas where heavy manufacturing CIOs’ organizations will be spending the largest amount of new or additional funding in 2019 as well as the technology areas where their organizations will be reducing funding by the highest amount in 2019 compared with 2018:

Knowing Which Problems To Solve With Analytics

Manufacturers getting the most value from analytics start with a solid business case first, based on a known problem they’ve been trying to solve either in their supply chains, production or fulfillment operations. The manufacturers I’ve worked with focus on how to get more orders produced in less time while gaining greater visibility across production operations. They’re all under pressure to stay in compliance with customers and regulatory reporting; in many cases needing to ship product quality data with each order and host over 60 to 70 audits a year from customers in their plants. Analytics is becoming popular because it automates the drudgery of reporting that would otherwise take IT team’s days or weeks to do manually.

As one CIO put it as we walked his shop floor, “we’re using analytics to do the heavy data crunching when we’re hosting customer audits so we can put our quality engineers to work raising the bar of product excellence instead of having them run reports for a week.” As we walked the shop floor he explained how dashboards are tailored to each role in manufacturing, and the flat-screen monitors provide real-time data on how five key areas of performance are doing. Like many other CIOs facing the challenge of improving production efficiency and quality, he’s relying on the five core metrics below in the initial roll-out of analytics across manufacturing operations, finance, accounting, supply chain management, procurement, and service:

Manufacturing Cycle Time – One of the most popular metrics in manufacturing, Cycle Time quantifies the amount of elapsed time from when an order is placed until the product is manufactured and entered into finished goods inventory. Cycle times vary by segment of the manufacturing industry, size of manufacturing operation, global location and relative stability of supply chains supporting operations. Real-time integration, applying Six Sigma to know process bottlenecks, and re-engineering systems to be more customer-focused improve this metrics’ performance. Cycle Time is a predictor of the future of manufacturing as this metric captures improvement made across systems and processes immediately.
Supplier Inbound Quality Levels – Measuring the dimensions of how effective a given supplier is at consistently meeting a high level of product quality and on-time delivery is valuable in orchestrating a stable supply chain. Inbound quality levels often vary from one shipment to the next, so it’s helpful to have Statistical Process Control (SPC) charts that quantify and show the trends of quality levels over time. Nearly all manufacturers are relying on Six Sigma programs to troubleshoot specific trouble spots and problem areas of suppliers who may have wide variations in product quality in a given period. This metric is often used for ranking which suppliers are the most valuable to a factory and production network as well.
Production Yield Rates By Product, Process, and Plant Location – Yield rates reflect how efficient a machine or entire process is in transforming raw materials into finished products. Manufacturers rely on automated and manually-based approaches to capture this metric, with the latest generation of industrial machinery capable of producing its yield rate levels over time. Process-related manufacturers rely on this metric to manage every production run they do. Microprocessors, semiconductors, and integrated circuit manufacturers are continually monitoring yield rates to determine how they are progressing against plans and goals. Greater real-time integration, improved quality management systems, and greater supply chain quality and compliance all have a positive impact on yield rates. It’s one of the key measures of production yield as it reflects how well-orchestrated entire production processes are.
Perfect Order Performance – Perfect order performance measures how effective a manufacturer is at delivering complete, accurate, damage-free orders to customers on time. The equation that defines the perfect order Index (POI) or perfect order performance is the (Percent of orders delivered on time) * (Percent of orders complete) * (Percent of orders damage free) * (Percent of orders with accurate documentation) * 100. The majority of manufacturers are attaining a perfect order performance level of 90% or higher, according to The American Productivity and Quality Center (APQC). The more complex the product lines, configuration options, including build-to-order, configure-to-order, and engineer-to-order, the more challenging it is to attain a high, perfect order level. Greater analytics and insights gained from real-time integration and monitoring help complex manufacturers attained higher perfect order levels over time.
Return Material Authorization (RMA) Rate as % Of Manufacturing – The purpose of this metric is to define the percentage of products shipped to customers that are returned due to defective parts or not otherwise meeting their requirements. RMAs are a good leading indicator of potential quality problems. RMAs are also a good measure of how well integrated PLM, ERP and CRM systems, resulting in fewer product errors.

Conclusion

The manufacturers succeeding with analytics start with a compelling business case, one that has an immediate impact on the operations of their organizations. CIOs are prioritizing analytics and BI to gain greater insights and visibility across every phase of manufacturing. They’re also adopting analytics and BI to reduce the reporting drudgery their engineering, IT, and manufacturing teams are faced with as part of regular customer audits. There are also a core set of metrics manufacturers rely on to manage their business, and the five mentioned here are where many begin.

Nov 12

1 Comment

Financial Services Rely On BYOD – How Do They Stay Secure?

Bottom Line: 2020 is going to be the year companies launch more digital business initiatives that depend on BYOD than ever before, making Zero Trust Security a key contributor to their success.

Financial Services firms are at an inflection point going into 2020. Mobile-first products and services now dominate their product roadmaps for next year, with applications’ speed and security being paramount. In fintech, DevOps teams have been working with AngularJS for years now, and the scale and speed of their applications reflect their expertise. How well existing IT infrastructure flexes to support the new mobile-first product and services strategies depends on how quickly members of IT, customer service, and customer success teams can respond. BYOD is proving invaluable in achieving the speed of response these new digital business models require.

In 2020 more employees of Financial Services firms will rely on their mobile devices as their primary form of digital ID than has ever been the case before. A recent survey conducted by IDG in association with MobileIron found that 89% of security leaders believe mobile devices will be the primary digital ID employees use to gain access to resources and get work done. The CIOs I’ve spoken agree. A copy of the IDG and MobileIron study, Say Goodbye to Passwords, can be downloaded here.

Counting On BYOD To Deliver Responsiveness And Speed

CIO and IT bonuses are often indexed to the revenue contributions their new products and services deliver, making speed, scale, security, and responsiveness the most important features of all. Fintech CIOs are saying that BYOD is proving indispensable in scaling IT in support of new digital business initiatives as a result. By 2022, 75% of smartphones used in the enterprise will bring your own device (BYOD), up from 35% in 2018, forcing a migration from device-centric management to app- and data-centric management, according to Gartner’s Competitive Landscape: Managed Mobility Services.

Two factors continue to propel BYOD adoption in financial services, fueling the need for Zero Trust Security across every mobile device. The first is the need for real-time responsiveness from internal team members and the second is having every threat surface protected without degrading the time to respond to customers. Every CIO, IT and Product Management leader I’ve spoken with mention the race they are in to deliver mobile-first products and services early in 2020 that redefine their business. With every identity being a new security perimeter, Financial Services firms are relying on Unified Endpoint Management (UEM), multi-factor authentication (MFA), and additional zero trust-enabling technologies as an integral part of their Enterprise Mobility Management (EMM) strategy. Their goal is to create a Zero Trust Security framework that protects every mobile device endpoint. Leaders in this field include MobileIron, who also provides zero sign-on (ZSO), and mobile threat defense (MTD) in addition to UEM and EMM solutions today. The following are the key features every BYOD program needs to offer to stay secure, scale and succeed in 2020:

Separation of business and personal data is a must-have in any BYOD security strategy. FinTechs who have the greatest success with BYOD as part of their digital initiatives are relying on Enterprise Mobility Management (EMM) to selectively wipe only the business data from a device in the event it is compromised.
An interactive, intuitive user experience that can be quickly customized at scale by role, department, and workflow requirements without impacting user productivity. Too often BYOD users have had to trade off having stronger security on their own devices versus using a company-provided smartphone to get remote work done. The best EMM and UEM solutions in the market today enable Zero Trust by treating every identity as a new security perimeter.
Define the success of a BYOD security strategy by how well it immediately shuts down access to confidential data and systems first. Being able to immediately block access to confidential systems and data is the most important aspect of securing any BYOD across a network.
Limit access to internal system resources based on the employee’s department, role, and function to eliminate the risk of confidential data ending up in a personal app. EMM solutions have progressed quickly, especially on the dimension of providing Zero Trust Security across BYOD networks. Look for an EMM solution that gives the administrator the flexibility of limiting mobile device access to a specific series of services and access points based on an employees’ role in a specific department and the scope of data they need access to.
Proven multi-operating system expertise and support for legacy internally created mobile applications and services. One of the main reasons BYOD is succeeding today as an enablement strategy is the freedom it gives users to select the device they prefer to work with. Supporting Android and IOS is a given. Look for advanced EMM and UEM solutions that also support legacy mobility applications. The best BYOD security solutions deliver device and application compatibility with no degradation in security or performance.

Conclusion – Why BYOD Strategies Need Zero Trust Now

Trust-but-verify isn’t working today. Attackers are capitalizing on it by stealing or buying privileged access credentials, accessing any system or database they choose. Financial Services firms fully expect their new products and services launching in 2020 to face an onslaught of breach and hacking attempts. Trust-but-verify approaches that are propagated across an enterprises’ BYOD base of devices using Virtual Private Networks and demilitarized zones (DMZ) impede employee’s productivity, often force login authentication. Trust-but verify doesn’t scale well into BYOD scenarios, leaving large gaps attackers can gain access to valuable internal data and systems. For BYOD users, trust-but-verify reduces productivity, delivers poor user experiences, and for new business models, slower customer response times.

By going to a Zero Trust Framework, Financial Services firms will be able to treat every identity and the mobile device they are using as their new security perimeter. Basing a BYOD strategy on a Zero Trust Framework enables any organization to find the correlation between the user, device, applications, and networks in milliseconds, thwarting potential threats before granting secure access to the device. Leaders delivering Zero Trust for BYOD include MobileIron, who provides endpoint management (UEM) capabilities with enabling technologies of zero sign-on (ZSO) user and device authentication, multi-factor authentication (MFA), and mobile threat detection (MTD).

Nov 11

Securing Multi-Cloud Manufacturing Systems In A Zero Trust World

Bottom Line: Private equity firms are snapping up manufacturing companies at a quick pace, setting off a merger and acquisition gold rush, while leaving multi-cloud manufacturing systems unprotected in a Zero Trust world.

Securing the Manufacturing Gold Rush of 2019

The intensity private equity (PE) firms have for acquiring and aggregating manufacturing businesses is creating an abundance of opportunities for cybercriminals to breach the resulting businesses. For example, merging formerly independent infrastructures often leads to manufacturers maintaining — at least initially — multiple identity repositories such as Active Directory (AD), which contain privileged access credentials, usernames, roles, groups, entitlements, and more. Identity repository sprawl ultimately contributes to maintenance headaches but, more importantly, security blind spots that are being exploited by threat actors regularly. A contributing factor is a fact that private equity firms rarely have advanced cybersecurity expertise or skills and therefore don’t account for these details in their business integration plans. As a result, they often rely on an outdated “trust but verify” approach, with trusted versus untrusted domains and legacy approaches to identity access management.

The speed PE firms are driving the manufacturing gold rush is creating a sense of urgency to stand up new businesses fast – leaving cybersecurity as an afterthought, if even a consideration at all. Here are several insights from PwC’s Global Industrial Manufacturing Deals Insights, Q2 2019 and Private Equity Trend Report, 2019, Powering Through Uncertainty:

39% of all PE investors rate the industrial manufacturing sector as the most attractive for acquiring and rolling up companies into new businesses.
The manufacturing industry saw a 31% increase in deal value from Q1 2019 to Q2 2019 with industrial manufacturing megadeals driving deal value to $27.4B in Q2, 2019, on 562 deals.
Year-to-date North American manufacturing has generated 184 deals worth $15.2B in 2019.
Worldwide and North American cross-sector manufacturing deal volumes increased by 32% and 30% in Q2, 2019 alone.

PE firms are also capitalizing on how many family-run manufacturers are in the midst of a generational change in ownership. Company founders are retiring, and their children, nearly all of whom were raised working on the shop floor, are ready to sell. PE firms need to provide more cybersecurity guidance during these transactions to secure companies in transition. Here’s why:

According to the 2019 Verizon Data Breach Investigation Report, manufacturing has been experiencing an increase in financially-motivated breaches in the past couple of years, whereby most incidents involve Phishing and the use of stolen credentials.
Manufacturing’s most commonly compromised data includes credentials (49%), internal operations data (41%), and company secrets (36%) according to the 2019 Verizon Data Breach Investigation Report.
50% of manufacturers report experiencing a data breach or cyber-attack over the last 12 months, 11% of which were severe, according to the Sikich M&D Report 2019.
It’s the smaller suppliers in the supply chain or M&A process that hackers are starting to exploit to bring down many of the world’s largest manufacturing companies. Just ask one of the world’s leading shipping providers, A.P. Møller-Maersk.

How To Secure Multi-Cloud Manufacturing Systems in a Zero Trust World

To stop the cybercriminals’ gold rush, merged manufacturing businesses need to take the first step of adopting an approach to secure each acquired company’s identity repositories, whether on-premises or in the cloud. For example, instead of having to reproduce or continue to manage the defined rights and roles for users in each AD, manufacturing conglomerates can better secure their combined businesses using a Multi-Directory Brokering approach.

Multi-Directory Brokering, such as the solution offered by Privileged Access Management provider Centrify, empowers an organization to use its existing or preferred identity directory as a single source of truth across the organization, brokering access based on a single identity rather than having to manage user identities across multiple directories. For example, if an organization using AD acquires an organization using a different identity repository or has multiple cloud platforms, it can broker access across the environment no matter where the “master” identity for an individual exists. This is particularly important when it comes to privileged access to critical systems and data, as “identity sprawl” can leave gaping holes to be exploited by bad actors.

Multi-Directory Brokering is public cloud-agnostic, making it possible to support Windows and Linux instances in one or multiple Infrastructure-as-a-Service (IaaS) platforms to secure multi-cloud manufacturing systems. The following diagram illustrates how Multi-Directory Brokering scales to support multi-cloud manufacturing systems that often rely on hybrid multi-cloud configurations.

Securing Multi-Cloud Manufacturing Systems In A Zero Trust World

Manufacturers who are the most negatively impacted by the trade wars are redesigning and re-routing their supply chains to eliminate tariffs, so they don‘t have to raise their prices. Multi-cloud manufacturing systems are what they’re relying on to accomplish that. The future of their business will be heavily reliant upon how well they can secure the multi-cloud configurations of their systems. That’s why Multi-Directory Brokering makes so much sense for manufacturers today, especially those looking for an exit strategy with a PE firm.

The PE firms driving the merger and acquisition (M&A) frenzy in specific sectors of manufacturing need to take a closer look at how Identity and Access Management (IAM) is being implemented in the manufacturing conglomerates they are creating. With manufacturing emerging as a hot industry for PE, M&A, and data breaches, it’s time to move beyond replicating Active Directories and legacy approaches to IAM. One of the most important aspects of a successful acquisition is enabling administrators, developers, and operations teams to access systems securely, without massive incremental cost, effort, and complexity.

Conclusion

The manufacturing gold rush for PE firms doesn’t have to be one for cybercriminals as well. PE firms and the manufacturing companies they are snapping up need to pay more attention to cybersecurity during the initial integration phases of combining operations, including how they manage identities and access. Cybercriminals and bad actors both within and outside the merged companies are lying in wait, looking for easy-exploitable gaps to exfiltrate sensitive data for monetary gain, or in an attempt to thwart the new company’s success.

Sources:

Global industrial manufacturing deals insights: Q2 2019, PwC, 2019. A PDF of the study is accessible here (6 pp., no opt-in).

Private Equity Trend Report, 2019, Powering Through Uncertainty, PwC, February 2019, 80 pp., PDF, no opt-in.

Nov 10

Improving Endpoint Security Needs To Be A Top Goal In 2020

Bottom Line: Attacking endpoints with AI, bots, and machine learning is gaining momentum with cybercriminals today with no signs of slowing down into 2020, making endpoint security a must-have cybersecurity goal for next year.

Cyberattacks are growing more complex and difficult to prevent now and will accelerate in the future, making endpoint security a top goal in 2020. Cybercriminals are using structured and unstructured machine learning algorithms to hack organizations’ endpoints with increasing frequency. Endpoint attacks and their levels of complexity will accelerate as cybercriminals gain greater mastery of these techniques.

In response, endpoint protection providers are adopting machine learning-based detection and response technologies, providing more cloud-native solutions that can scale across a broader range of endpoints, and designing in greater persistence and resilience for each endpoint. The recent IDC survey published this month, Do You Think Your Endpoint Security Strategy Is Up to Scratch? completed in collaboration with HP recommends that “companies should seek to build resilience — on the assumption that breaches are inevitable — and look for “security by design” features that facilitate or automate detection and recovery.” IDC surveyed 500 senior security executives globally, finding major differences between leading organizations who realize endpoint security is essential for a unified cybersecurity strategy and followers, who don’t.

What Differentiates The Most Effective Endpoint Strategies?

IDC’s study found that leaders who integrate endpoint security into their cybersecurity plans are more effective at compliance reporting, endpoint hardening, and attack detection and response. Leaders capitalize on the data from their endpoint security strategies, creating contextual intelligence that helps protect their most vulnerable threat surfaces. The following are key insights from the IDC study showing why endpoint security needs to be an integral part of any corporate-wide cybersecurity strategy:

29.6% of all enterprises globally consider endpoint security to be a significant component of their overall cybersecurity strategy, with leaders 2X as likely to consider it a high priority. Close to half of all enterprises (49.4%) believe endpoint security can perform effectively as a secondary component. IDC found that the lesser the priority security leaders place on endpoint security, the more likely endpoints will fail. Instead of taking a strategic approach, organizations treat endpoint security as an isolated strategy, adding an average of 10 security agents per device according to Absolute’s 2019 Endpoint Security Trends Report. You can get a copy of the report here. Cybersecurity leaders realize that having a unified endpoint security strategy designed for persistence and resilience is far more effective than relying on an isolated one. The following findings from the IDC report illustrate how leaders view endpoint as integral to their cybersecurity strategies.

Improving Endpoint Security Needs To Be A Top Goal In 2020

When enterprises are complacent about endpoint security, procurement standards become mediocre over time and leave digital businesses at greater risk. Followers lack security focus for everything other than desktops during procurement, for example. Though most enterprises include security requirements in procurement requests, those requirements are not specified equally for all endpoint device types, resulting in uneven security coverage and compliance risk.

Automated operating system image recoverability, detect and recover firmware integrity breaches, and enabling software monitoring from the hardware level are the three most in-demand endpoint security features for enterprises today. Leader enterprises have relied on persistent connections to every endpoint in a network to achieve greater resilience across their global networks. Absolute is working to change this relationship, allowing remote, disconnected endpoints to remain resilient, which reflects what leaders are looking for in terms of greater control and visibility for every threat surface or endpoint. Senior security leaders, including CISOs, are taking a more integrated approach to endpoint security by designing in persistence to the device level that thwarts breach attempts in real-time. Absolute is working to change this relationship, allowing remote, disconnected endpoints to remain resilient.

Enterprises who are cybersecurity leaders most value a device’s built-in security features when evaluating PCs, laptops, and mobile devices while followers value this feature least. 33% of enterprises who are leaders prioritize devices that have built-in security capabilities that immediately provide persistent connections across the network, enabling greater resiliency. The study also makes the point that endpoint security needs to be tamper-proof at the operating system level, yet be flexible enough to provide IT and cybersecurity teams with device visibility and access to modify protections. One of the leaders in this area, Absolute, has invented endpoint security technology that begins at the BIOS level. There are currently 500M devices that have their endpoint code embedded in them. The Absolute Platform is comprised of three products: Persistence, Intelligence, and Resilience—each building on the capabilities of the other. The following graphic from the IDC study illustrates the stark contrast between enterprises who are cybersecurity leaders versus followers when it comes to adopting build-in security capabilities to harden endpoints across their networks.

Conclusion

When 70% of all breaches originate at endpoints, despite enterprise IT spending more than ever in cybersecurity, it’s a clear sign that endpoint security needs to be an integral part of any cybersecurity strategy. On average, every endpoint has ten security agents installed, often leading to software conflicts and frequent endpoint encryption failures. Absolute’s latest study found that over 42% of endpoints experience encryption failures, leaving entire networks at risk from a breach. They’re most commonly disabled by users, malfunction, or have error conditions or have never been installed correctly in the first place. Absolute also found that endpoints often failed due to the fragile nature of their encryption agents’ configurations. 2% of encryption agents fail every week, and over half of all encryption failures occurred within two weeks, fueling a constant 8% rate of decay every 30 days. 100% of all devices experiencing encryption failures within one year. Multiple endpoint security solutions conflict with each other and create more opportunities for breaches than avert them. These are just a few of the many factors that make improving endpoint security a top goal all enterprises need to achieve in 2020.

Nov 4

5 Strategies Healthcare Providers Are Using To Secure Networks

Healthcare records are bestsellers on the Dark Web, ranging in price from $250 to over $1,000 per record.
The growing, profitable market for Protected Health Information (PHI) is attracting sophisticated cybercriminal syndicates, several of which are state-sponsored.
Medical fraud is slower to detect and notify, unlike financial fraud (ex. stolen credit cards), contributing to its popularity with cybercriminals globally.
Cybercriminals prefer PHI data because it’s easy to sell and contains information that is harder to cancel or secure once stolen. Examples include insurance policy numbers, medical diagnoses, Social Security Numbers (SSNs), credit card, checking and savings account numbers.

These and many other insights into why healthcare provider networks are facing a cybersecurity crisis are from the recently declassified U.S. Department of Health & Human Services HC3 Intelligence Briefing Update Dark Web PHI (Protected Health Information) Marketplace presented April 11^th of this year. You can download a copy of the slides here (PDF, 13 pp, no opt-in). The briefing provides a glimpse into how the dark web values the “freshness’ of healthcare data and the ease of obtaining elderly patient records, skewing stolen identities to children, and elderly patients. Protenus found that the single largest healthcare breach this year involves 20 million patent records stolen from a medical collections agency. The breach was discovered after the records were found for sale on the dark web. Please see their 2019 Mid-Year Breach Barometer Report (opt-in required) for an analysis of 240 of the reported 285 breach incidents affecting 31,611,235 patient records in the first six months of this year. Cybercriminals capitalize on medical records to drive one or more of the following strategies as defined by the HC3 Intelligence Briefing:

5 Strategies Healthcare Providers Are Using To Secure Networks — SOURCE: HEALTH & HUMAN SERVICES HC3 INTELLIGENCE BRIEFING UPDATE DARK WEB PHI (PROTECTED HEALTH INFORMATION) MARKETPLACE

Stopping A Breach Can Avert A HIPAA Meltdown

To stay in business, healthcare providers need to stay in compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). HIPAA provides data privacy and security provisions for safeguarding medical information. Staying in compliance with HIPAA can be a challenge given how mobile healthcare provider workforces are, and the variety of mobile devices they use to complete tasks today. 33% of healthcare employees are working outside of the office at least once a week. And with government incentives for decentralized care expected to expand mobile workforces industry-wide, this figure is expected to increase significantly. Health & Human Services provides a Breach Portal that lists all cases under investigation today. The Portal reflects the severity of healthcare providers’ cybersecurity crisis. Over 39 million medical records have been compromised this year alone, according to HHS’ records from over 340 different healthcare providers. Factoring in the costs of HIPAA fines that can range from $25,000 to $15.M per year, it’s clear that healthcare providers need to have endpoint security on their roadmaps now to avert the high costs of HIPAA non-compliance fines.

Securing endpoints across their healthcare provider networks is one of the most challenging ongoing initiatives any Chief Information Security Officer (CISO) for a healthcare provider has today. 39% of healthcare security incidents are caused by stolen or misplaced endpoints. CISOs are balancing the need their workforces have for greater device agility with the need for stronger endpoint security. CISOs are solving this paradox by taking an adaptive approach to endpoint security that capitalizes on strong asset management. “Keeping machines up to date is an IT management job, but it’s a security outcome. Knowing what devices should be on my network is an IT management problem, but it has a security outcome. And knowing what’s going on and what processes are running and what are consuming network bandwidth is an IT management problem, but it’s a security outcome “, said Nicko van Someren, Ph.D. and Chief Technology Officer at Absolute Software.

5 Strategies for Healthcare Providers Are Using To Secure Networks

Thwarting breaches to protect patients’ valuable personal health information starts with an adaptive, strong endpoint strategy. The following are five proven strategies for protecting endpoints, assuring HIPAA compliance in the process:

Implementing an adaptive IT asset management program delivers endpoint security at scale. Healthcare providers prioritizing IT asset management control and visibility can better protect every endpoint on their network. Advanced features including real-time asset management to locate and secure devices, geolocation fencing so devices can only be used in a specific area and device freeze options are very effective for securing endpoints. Healthcare providers are relying more and more on remote data delete as well. The purpose of this feature is to wipe lost or stolen devices within seconds.
Improve security and IT operations with faster discovery and remediation across all endpoints. Implement strategies that enable greater remediation and resilience of every endpoint. Healthcare providers are having success with this strategy, relying on IT asset management to scale remediation and resilience to every endpoint device. Absolute’s Persistence technology is a leader in this area by providing scalable, secure endpoint resiliency. Absolute also has a proven track record of providing self-healing endpoints extending their patented firmware-embedded Persistence technology that can self-heal applications on compatible endpoint devices.
Design in HIPAA & HITECH compliance and reporting to each endpoint from the first pilot. Any endpoint security strategy needs to build in ongoing compliance checks and automated reports that are audit-ready. It also needs to be able to probe for violations across all endpoints. Advanced endpoint security platforms are capable of validating patient data integrity with self-healing endpoint security. All of these factors add up to reduce time to prepare audits with ongoing compliance checks across your endpoint population.
A layered security strategy that includes real-time endpoint orchestration needs to anchor any healthcare network merger or acquisition, ensuring patient data continues to be protected. Private Equity (PE) firms continue acquiring providers to create healthcare networks that open up new markets. The best breach prevention, especially in merged or acquired healthcare networks, is a comprehensive layered defense strategy that spans endpoints and networks. If one of the layers fails, there are other layers in place to ensure your organization remains protected. Healthcare providers’ success with layered security models is predicated on how successful they are achieving endpoint resiliency. Absolute’s technology is embedded in the core of laptops and other devices at the factory. Once activated, it provides healthcare providers with a reliable two-way connection so they can manage mobility, investigate potential threats, and take action if a security incident occurs.
Endpoint security needs to be tamper-proof at the operating system level on the device yet still provides IT and cybersecurity teams with device visibility and access to modify protections. Healthcare providers need an endpoint visibility and control platform that provides a persistent, self-healing connection between IT, security teams, and every device, whether it is active on the network or not. Every identity is a new security perimeter. Healthcare providers’ endpoint platforms need to be able to secure all devices across different platforms, automate endpoint hygiene, speed incident detection, remediation, and reduce IT asset loss by being able to self-diagnose and repair endpoint devices on real-time.