Welcome!

Microservices Expo Authors: Elizabeth White, Liz McMillan, Pat Romanski, Yeshim Deniz, Zakia Bouachraoui

Related Topics: @CloudExpo, Microservices Expo, Open Source Cloud, Containers Expo Blog, Cloud Security, Government Cloud, @DXWorldExpo

@CloudExpo: Blog Post

Open Source Cloud Offers Another Route to Better Security

Fearmongers miss the point on mobile security and more

By

Here are top cyber news and stories of the day.

  • Open source cloud offers another route to better security – “IBM’s move to OpenStack is another indication that open cloud offers many advantages when it comes to security.” There are currently over 5,000 IBM private consumers who will be switching to OpenStack in the near future. This will create a huge surge in the open-source cloud market at that time. Via Cloud Pro, more here.
  • Raytheon, Lockheed get U.S. secrets as cybersecurity go-betweens – Raytheon and Lockheed Martin signed on to the DHS Enhanced Cybersecurity Services program, which will provide them with threat signatures obtained by USG sources, free of charge. This will increase the ability of these firms to compete not only in the federal and defense space, but also on the corporate side, as they will have better threat intelligence than many of their competitors. Via Herald Net, more here.
  • In cyberwarfare, rules of engagement still hard to define – As we increase the offensive capabilities of our cyber warriors, we must step back and think, when will we use them, and how. Traditionally, our armed forces follow the “Law of Armed Conflict,” a set of international rules created to govern armed warfare while protecting non-combatants and enemy prisoners of war. But the cyber domain is different, attacks which may affect a key military objective might have incredibly unintended (and devastating) effects on civilian infrastructure. As the consequences of such attacks are unknown (and cannot be completely forecast) we have to take great care in defining our rules of engagement in the cyber domain. Via The Washington Post, more here.
  • White paper: NIST conducts proof of concept on trusted geolocation in the cloud – A group of NIST scientists working with Intel, VMWare and RSA Archer have created of proof of concept for trusted geolocation in the cloud. This allows managers to locate the exact hardware that is running their cloud services. This is possible using the Intel Trusted Execution Technology. Via FedScoop, more here.
  • Hackers target grocery store card readers – Hackers in Arizona are targeting a grocery chain’s card readers to steal identities. Over 100 victims have been identified in Arizona as targets of identity thieves who stole credit card numbers and made purchases on the east coast, as well as Indonesia and Spain. Via KVOA, more here.
  • DSB task force urges security mandates for DoD cloud computing – “Cloud computing adoption within the Defense Department will require establishment of clear security mandates, says a report from a Defense Science Board task force.” This report points to the DoD CIO and DISA chief using hypervisor attestation, hardware attestation for encryption keys and more. This report also recommends a standardized cloud SLA, and a central repository that documents the cloud transition. Via FierceGovernmentIT, more here.
  • DOD furloughs to begin April 26 – Furloughs for DoD civilians will begin April 26th, barring any major legislative changes. Via FedScoop, more here.
  • Fearmongers miss the point on mobile security – “everyone likes to trumpet the claim that mobile is insecure. Now that people are using their smartphones for work, enterprises are in trouble. The apps that people are using are going to let out all of the confidential data that everyone has been storing for decades…the dirty secret is that mobile has nothing to do with it.” This is an excellent post which investigates how manufacturers are using FUD to sell you on securing your mobile infrastructure, when the real problem is your conventional IT (and its implementation). The author, Brian Katz, makes the point that the real issue is not technology, but our culture of insecurity (and skirting security mandates for ease of use). Via CITE World, more here.

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley writes on enterprise IT. He is a founder of Crucial Point and publisher of CTOvision.com

Microservices Articles
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
Modern software design has fundamentally changed how we manage applications, causing many to turn to containers as the new virtual machine for resource management. As container adoption grows beyond stateless applications to stateful workloads, the need for persistent storage is foundational - something customers routinely cite as a top pain point. In his session at @DevOpsSummit at 21st Cloud Expo, Bill Borsari, Head of Systems Engineering at Datera, explored how organizations can reap the bene...
In his session at 20th Cloud Expo, Scott Davis, CTO of Embotics, discussed how automation can provide the dynamic management required to cost-effectively deliver microservices and container solutions at scale. He also discussed how flexible automation is the key to effectively bridging and seamlessly coordinating both IT and developer needs for component orchestration across disparate clouds – an increasingly important requirement at today’s multi-cloud enterprise.
DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City. Digital Transformation (DX) is a major focus with the introduction of DXWorldEXPO within the program. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term.
CloudEXPO New York 2018, colocated with DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
Most DevOps journeys involve several phases of maturity. Research shows that the inflection point where organizations begin to see maximum value is when they implement tight integration deploying their code to their infrastructure. Success at this level is the last barrier to at-will deployment. Storage, for instance, is more capable than where we read and write data. In his session at @DevOpsSummit at 20th Cloud Expo, Josh Atwell, a Developer Advocate for NetApp, will discuss the role and value...
SYS-CON Events announced today that DatacenterDynamics has been named “Media Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY. DatacenterDynamics is a brand of DCD Group, a global B2B media and publishing company that develops products to help senior professionals in the world's most ICT dependent organizations make risk-based infrastructure and capacity decisions.
"We do one of the best file systems in the world. We learned how to deal with Big Data many years ago and we implemented this knowledge into our software," explained Jakub Ratajczak, Business Development Manager at MooseFS, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Enterprise architects are increasingly adopting multi-cloud strategies as they seek to utilize existing data center assets, leverage the advantages of cloud computing and avoid cloud vendor lock-in. This requires a globally aware traffic management strategy that can monitor infrastructure health across data centers and end-user experience globally, while responding to control changes and system specification at the speed of today’s DevOps teams. In his session at 20th Cloud Expo, Josh Gray, Chie...
Containers and Kubernetes allow for code portability across on-premise VMs, bare metal, or multiple cloud provider environments. Yet, despite this portability promise, developers may include configuration and application definitions that constrain or even eliminate application portability. In this session we'll describe best practices for "configuration as code" in a Kubernetes environment. We will demonstrate how a properly constructed containerized app can be deployed to both Amazon and Azure ...