Monday, October 31, 2016

For Top Cyber Threats, Look in the Mirror


A recent report by Praetorian, a cybersecurity company headquartered in Austin, TX, focused on threats that resulted in data compromise or access to sensitive information. Based on a review of 100 separate internal penetration test engagements the study identified the five most prevalent threats to corporate data.  The amazing thing about these weaknesses  is that the top four are all based on utilizing stolen credentials and the last one helps an attacker be more effective in using those stolen credentials.  In other words, the enemy is right there in the mirror!  The study spanned 75 unique organizations and only focused on security weaknesses that were used to obtain a full network compromise.
Where are your pain points?

The most prevalent threat is something we’ve all heard of before – Weak Domain User Passwords.  Since most corporate environments use Microsoft’s Active Directory to manage employee accounts and access, it needs some improvements in order to fully address complex passwords. Since Active Directory only requires passwords to be a specific length and contain specific character sets so addressing this weakness will require the use of third-party software.

The next most common corporate threat is Broadcast Name Resolution Poisoning.  Using this vector, an attacker responds to broadcast requests (i.e. LLMNR, NetBIOS, MDNS, etc) by providing its own IP.  When this is done, the credentials of a user accessing network resources can be instead transmitted to the attacker’s system.

The next big no-no is when system administrators all use the same Local Admin password. If an attacker is able to compromise the LM/NT hash representation of the password, then the attacker can use the hash to authenticate and execute commands on other systems that have the same password.  Using the hash, an attacker doesn’t need the actual password at all!

Microsoft Windows operating systems have another embedded password weakness.  Believe it or not, the operating system stores domain credentials in cleartext within memory of the Local Security Authority Subsystem Service (LSASS) process.  Although this weakness requires an attacker to have Local Admin or SYSTEM-level access, it ranks high on the threat list.

This last threat enhances all of the other - Insufficient Network Access Controls. Many organizations don’t restrict network access based on business requirements.  This will enable unfettered attacker mobility after only a single system on the internal network has been compromised.
These threat vectors, last updated by Praetorian in June 2016, were evaluated as part of a complete corporate network compromise kill chain.  They also highlight the importance of understanding the cybersecurity threat.  Although the mirror is a good place to start improving on network security, you must also work to identify all your organization’s security pain points.  With that knowledge you can more effectively enhance your team’s defenses and eventually evolve towards a better understanding of your security threat environment.

If you are serious about protecting your data, download the full report and read about the effective strategies your company can use to protect itself.  If you are a CISO or corporate executives, IBM also provides some excellent information on how to secure the C-suite.  They also provide an interactive tool that can help better analyze your threats, protect your users and save your data from these and many other security challenges.




This post was brought to you by IBM Global Technology Services. For more content like this, visit Point B and Beyond.



Cloud Musings
( Thank you. If you enjoyed this article, get free updates by email or RSS - © Copyright Kevin L. Jackson 2016)



Friday, October 28, 2016

Your Choice: Cloud Technician or Digital Transformer

The CompTIA Cloud+ certification validates the skills and expertise of IT practitioners in implementing and maintaining cloud technologies.  This is exactly what it takes to become a good cloud technician.  In the past few years, however, the National Cloud Technologists Association (NCTA) has recognized that evolving market demands have changed cloud computing technology  in at least 13 ways:
  1.  Variable pricing Cloud service providers charge different prices at different times based on  demand
  2. Pre-emptable machines – Providers are offering a lower price for machines that could be shut down and restarted at a later time without aborting the assigned task
  3. Shift from hardware to algorithms where the hardware is bundled into the software price
  4. Use of reserve instances where the user buys compute power in advance
  5. Buying in bulk where pricing is based on aggregated use even if it is sporadic in nature
  6. Cloud providers offer shared data sources along with commodity hardware
  7. Autoscaling where newer software layers offered by cloud vendors handle infrastructure scaling automatically and billing is done by service request instead of by the machine
  8. Graphic processor units have become available for jobs requiring heavy-duty parallel computation
  9. Much improved analytics that monitoring the performance of your systems.
  10. Significant increase in the number of options available for various business requirements and loads
  11. “Bare metal” servers that aren’t virtual.
  12. Containers, like Docker, that makes deploying software much easier and faster.  The cloud will therefore spin up a new instance with a container-ready version of the OS at the bottom.
  13. A growing proliferation of exotic and specialized options, all offering anything you need with the extra phrase “as a service

This means cloud computing isn’t just about technology.  It is about leading organizations through the Digital Transformation era.  This is why the NCTACloudMASTER® certification was created.
Digital transformation is the profound and accelerating transformation of business activities, processes, competencies and models to fully leverage the changes and opportunities of digital technologies and their impact across society in a strategic and prioritized way. Executives in all industries are using digital advances such as analytics, mobility, social media and smart embedded devices as well as improving their use of traditional technologies such as ERP to change customer relationships, internal processes and value propositions.

Serving as “Digital Transformers”, a NCTA CloudMASTER®:
  • Help the organization transforms customer experiences through
    • Customer understanding;
    • Top-line growth; and
    • Customer touch points.
  • Optimizes internal processes through
    • Process digitization;
    • Worker enablement; and
    • Performance management.
  • Transforms a company’s core functions and activities through
    • Digital modifications to the business;
    • Creation of new digital businesses; and
    • Digital Globalization.

This means that if you want to have an IT career in five years, you must strive to be a Digital Transformer, not just a cloud technician.  Our society is experiencing a fundamental shift in information technology’s overarching mission, with the support-and-maintain mind-set giving way to a more strategic, software-centric vision for IT.  IT staff of the future need the skills of a businessperson to stay current, as their company's software requirements and the options for satisfying them will be deep, varied, and changing quickly.  The IT department five years from now will also need to keep pace with nearly constant change. CloudMASTER® training and certification is comprised of three courses with exams:
  • NCTA Cloud Technologies that provide an overview of cloud computing that will help you develop a deep understanding of the models and understand the landscape of technologies used in the cloud and those employed by users of cloud services. You will receive multiple points of view, firsthand experience and a foundation in managing industry leading cloud services like Amazon Web Services, Drupal, Wordpress, Google Docs and Digital Ocean.
  • NCTA Cloud Operations that helps you study the management of cloud operations and addresses the application need for compute power, managing CPU scaling, and meeting both structured and unstructured storage requirements. You will learn how to painlessly deploy fairly complex applications that scale across multiple instances in cloud technologies including Windows Azure Chef, Chef Solo, Linux and Windows Tools.
  • NCTA Cloud Architecture that includes hands-on experience with OpenShift, OpenStack, VMware, Amazon Web Services, Azure and Rackspace, and provides a framework to assess application performance needs while addressing business requirements of Return on Investment (ROI), Total Cost of Ownership (TCO) and Key Performance Indicators (KPIs). Groups will complete a cloud assessment of Fortune 100 firms using public information and make presentations to the client.

The more complex and interconnected cloud environments become, the more a general understanding and knowledge of how it all works together will be valued.  IT staff will no longer be the ones responsible for “managing the plumbing”, they'll be the people who are thinking of new ways to monetize, share, and use corporate data for organizational success.


So which future do you want for you and your family?



( This content is being syndicated through multiple channels. The opinions expressed are solely those of the author and do not represent the views of GovCloud Network, GovCloud Network Partners or any other corporation or organization.)



Cloud Musings
( Thank you. If you enjoyed this article, get free updates by email or RSS - © Copyright Kevin L. Jackson 2016)



Thursday, October 20, 2016

Watson Crowdsources Cloud Computing


Recently I've been doing quite a bit of analysis work using the IBM Watson cognitive business platform. The really exciting thing about this opportunity is the way data can seem to have a conversation with you.  This got me wondering if social media data could carry on a conversation as well.  Given my almost unhealthy interest in cloud computing, we ran a one week experiment to "crowdsource the internet" in order to see if it held any interesting cloud computing insights . To narrow the volume of documents down to a reasonable number, I limited providers to those on the most recent Gartner IaaS Magic Quadrant:
  • Microsoft
  • Amazon Web Services
  • Google
  • VMware
  • IBM
  • Rackspace
  • Verizon
  • CSC
  • Interoute
  • CenturyLink
  • Dimension Data
  • Fujitsu
  • Joyent
  • NTT Communications
  • Virtustream


Leveraging Watson, I gathered cloud computing related social media documents. According to Watson, in one 24-hr period, there were 46,869 documents that mentioned these Cloud Service Providers (CSP) a total of 57,997 times. Google was totally dominating the online conversation with 73% of all mentions. Microsoft was a poor second at 17%.

Figure 1- Social media cloud computing "Share of Voice"


At this this point I took a look at overall industry sentiment. From this vantage point, Interoute outshines all rivals for positive sentiment.  Of particular note, however, was that Dimension Data simultaneously held the crown for largest percentage of negative and lowest percentage of positive sentiment (which seems to be centered mostly around the dropout of a rider from its Tour de France team and a recent internal restructuring). The Dell/EMC cloud provider Virtustream doesn’t even seem to be present in social media conversations. 



Figure 2- Customer Sentiment Regarding Cloud Service Providers
Figure 3 - Cloud Service Model "Share of Voice"
Microsoft dominated that segment of the conversation that specifically addressed the three standard cloud computing service models (Infrastructure-as-a-Service [IaaS], Platform-as-a-Service [PaaS], Software-as-a-Service [SaaS]). Over 53% of the working set referenced Microsoft with second place AWS coming in at 13.5%. Software-as-a-service is the unsurprising overall service model leader but Microsoft seems to be edging out AWS for Infrastructure-as-a-Service mentions.  Platform-as-a-Service is a distant laggard with only three providers (Microsoft, AWS and VMware) represented in social media exchanges.



Figure 4- Industry Vertical Cloud Computing "Share of Voice



In order to glean some business value, the documents were binned across thirteen industry verticals and analyzed for share of voice and author sentiment. The initial industry bins were:

  • Construction
  • Manufacturing
  • Wholesale trade
  • Information technology
  • Retail trade
  • Utilities
  • Financial services
  • Educational services
  • Transportation and warehousing
  • Entertainment, accommodation, and food services
  • Healthcare and social services
  • Public administration


Across this set, entertainment, government, education and healthcare industries seem to be most interested in the cloud. Surprising to me is that the construction industry interest surpasses that of financial services. Google seems to be driving industry related social media conversations with Microsoft and IBM rounding out the top three.

Although I wouldn’t use this non-scientific experiment to make any big bets, it does demonstrate how actionable data can be gleaned from the social media stream.  It may also shed a little light on the power of cognitive computing in the business world.

One especially intriguing capability that I didn’t use in this experiment is the use of Watson Explorer technologies with Semantic Analytics.  This solution is currently being used by IBM GTS to deliver “built to purpose” cognitive systems for the information technology industry vertical.
Figure 5- Cloud Service Provider Industry "Share of Voice



A key differentiator of this approach is its ability to extract meaning from the fragmented sentences normally found in unstructured IT service ticket description fields. Due to the global nature of GTS Services, this unstructured text is typically in multiple languages. Additionally, due to the different language skill levels of the globally sourced pool of agents, the grammar quality varies. This solution is used by GTS to uncover patterns and trends in the identification of contributing incident causes in order to prescribe appropriate preventative actions.



The digital transformation couple with cognitive computing is accelerating almost every industry. In the IT world, at least, cognitive computing promises to deliver the ability to bridge the gap between unstructured language data and effective maintenance action by correlating social media chatter and customer sentiments with the root causes of operational IT issues.

This post was brought to you by IBM Global Technology Services. For more content like this, visit Point B and Beyond.




Cloud Musings
( Thank you. If you enjoyed this article, get free updates by email or RSS - © Copyright Kevin L. Jackson 2015)



Sunday, October 16, 2016

New Horizons® Delivers CloudMASTER®


For over 30 years, New Horizons has provided more than 30 million students with industry-leading technical training that delivers the most relevant and intuitive computer courses and certifications. They are the world’s largest independent IT training company, with over 300 computer training centers in 70 countries (and counting). In a move to expand that lead, New Horizons is now proud to offer the complete suite of CloudMASTER programs, providing vendor-agnostic cloud training as the spearhead of their cloud curriculum.

We are now living in a technology world governed by the advent of Digital Transformation – the inclusion of digital technology in all aspects of our lives and the ways in which businesses need to adjust to meet this reality. This is the messaging IT Professionals are hearing from all major technology vendors. No matter the details each vendor may use to spin this message, Digital Transformation cannot exist without the cloud at its core. Our customers are going to need to be cloud-proficient in order to achieve professional growth or to obtain employment. The NCTA CloudMASTER® program is the perfect starting point to achieve this proficiency.

CloudMASTER® certification program is comprised of three courses with exams:

  • Cloud Technologies: An overview of cloud computing will help you develop a deep understanding of the models and understand the landscape of technologies used in the cloud and those employed by users of cloud services. You will receive multiple points of view, firsthand experience and a foundation in managing industry leading cloud services like Amazon Web Services, Drupal, Wordpress, Google Docs and Digital Ocean.
  • Cloud Operations: This module helps you study the management of cloud operations and addresses the application need for compute power, managing CPU scaling, and meeting both structured and unstructured storage requirements. You will learn how to painlessly deploy fairly complex applications that scale across multiple instances in cloud technologies including Windows Azure Chef, Chef Solo, Linux and Windows Tools.
  • Cloud Architecture: This module includes OpenShift, OpenStack, VMware, Amazon Web Services, Azure and Rackspace, and provides a framework to assess application performance needs while addressing business requirements of Return on Investment (ROI), Total Cost of Ownership (TCO) and Key Performance Indicators (KPIs). Groups will complete a cloud assessment of Fortune 100 firms using public information and make presentations to the client.

Those seeking CloudMASTER® status must pass each of these exams or take one cumulative CloudMASTER examination.


Both the cloud and New Horizons are global by design. With that as a foundational strategy, they are targeting this new offering across the globe beginning with their US-based centers and expanding throughout EMEA and the Middle East.  New Horizon also has the largest “Guaranteed-to-Run” course schedule in the world.  Ranked in the top 5% of the industry for training quality and customer satisfaction they also serve as official training partners for multiple technology leaders including Microsoft, Cisco, VMware, and CompTIA.

For more information and additional details on how to become a NCTA CloudMASTER, please:




( This content is being syndicated through multiple channels. The opinions expressed are solely those of the author and do not represent the views of GovCloud Network, GovCloud Network Partners or any other corporation or organization.)



Cloud Musings
( Thank you. If you enjoyed this article, get free updates by email or RSS - © Copyright Kevin L. Jackson 2016)



Tuesday, October 11, 2016

See You At RSA Conference 2017!


JUST ANNOUNCED!!

I am personally excited to be delivering the (ISC)² CCSP Two-Day Crash Course at RSA Conference 2017!

"The current state of cybersecurity means there are many opportunities for the industry as a whole to collaborate on new innovations. Discovering the next great opportunity will require everyone to embrace new and unique perspectives from a broadly diverse base of people and sources.

RSA Conference 2017 provides the opportunity for all attendees at all levels to grow their knowledge, exchange ideas with peers and further their careers. With opportunity comes great responsibility for the future. Our actions today will have a lasting impact on the strength of the industry—and the safety of the world—tomorrow."



This course will cover the six domains of the Certified Cloud Security Professional (CCSP) CBK and deepen your knowledge of cloud computing and information security. These six domains are:

  • Architectural Concepts & Design Requirements
  • Cloud Data Security
  • Cloud Platform & Infrastructure Security
  • Cloud Application Security
  • Operations
  • Legal & Compliance

In the course you will receive the official (ISC)² CCSP student handbook to use during the course and throughout your studies to prepare for the exam.

Save you seat now by registering today for the 2017 RSA Conference, February 13 – 17, at the Moscone Center in San Francisco, CA.




( This content is being syndicated through multiple channels. The opinions expressed are solely those of the author and do not represent the views of GovCloud Network, GovCloud Network Partners or any other corporation or organization.)
Cloud Musings
( Thank you. If you enjoyed this article, get free updates by email or RSS - © Copyright Kevin L. Jackson 2016)



Friday, October 7, 2016

#KnowYourData: The Key to Business



Last week’s Strata-Hadoop conference in New York, NY was showcase of how big data is redefining business. Every company, every demonstration and every conversation highlighted how data is driving the exciting new business models unveiled at last week’s event.

I also learned quite a bit about the Trusted Analytics Platform (TAP). TAP is an open source project that Intel developed to make it easier for developers and data scientists to deploy custom big data analytics solutions in the cloud as well as reduce development costs and time to market. A few examples of how businesses are using TAP and data analytics to blaze new trails include:

  • Assistance Publique-HĆ“pitaux de Paris (AP-HP), the largest university hospital in Europe, worked together to build a cloud-based solution for predicting the expected number of patient visits and hospital admissions;
  • Levi Strauss & Co. explored the possibilities through a proof of concept that helped salespeople quickly find misplaced items in a store so they can ensure those items are on the shelves, in the right spots, and ready for customers,
  • The National Rural Electric Cooperative Association (NRECA) used advanced analytics to enhanced the visualization capabilities of the Open Modeling Framework (OMF), an electrical power grid modeling and simulation solution
  • Icahn School of Medicine at Mount Sinai (ISMMS) leveraged data science, graph analytics, and machine learning to enable faster discovery of new drug therapies. 
  • Doctors at Penn Medicine's heart failure and transplant program used big data to improve heart health by identifying patients who require proactive treatment. 


For me, one of the most fascinating briefing was from NASDAQ which evaluated TAP’s capability to serve as the core of an analytics-as-a-service platform. The financial juggernaut was able to demonstrate this open source platform’s ability to ingest 7 million 300 byte messages per second within their rather strict latency requirements. TAP essentially proved its ability to be the data and data-analytics hub of a financial transaction eco-system!

TAP’s real value lies in its ability to give application developers immediate access to several application language platforms. The associated runtimes, combine with dynamically bindable services and expressive APIs, to enable greatly reduced development timeframes.  This capability also simplifies integration with data analytical capabilities developed by the team’s data scientists.


At the Intel booth I also learned that TAP was being incubated by INTEL as an open source tool that makes it easier for organizations to create big data applications. TAP pulls together all the different required software and tools. The platform approach is designed to broaden the field of users who can develop these business changing applications. Intel is also partnering with systems integrators like Accenture and Infosys. They are also working with second tier cloud service providers Rackspace and OVH.com.

( This content is being syndicated through multiple channels. The opinions expressed are solely those of the author and do not represent the views of GovCloud Network, GovCloud Network Partners or any other corporation or organization.)




Cloud Musings
( Thank you. If you enjoyed this article, get free updates by email or RSS - © Copyright Kevin L. Jackson 2016)



Wednesday, October 5, 2016

A New Chapter: “Cloud Musings en espaƱol”


Since May 2010, “Cloud Musings” has demonstrated, educated and celebrated the use of advanced technology in business. Specific subjects are sometimes varied, but cloud computing and cybersecurity seem to have become our sweet-spot. Over this period, information technology has transformed from a business support arm to being the core of just about every business model. Business transformation is also accelerating as social media and big data analytics take their place in the mix. We are also very proud to have had the opportunity to partner with industry leading companies like Dell, IBM, NASDAQ and Intel. A shortcoming, however, has been our failure to directly address non-native English speakers. Today we will start to address that issue by launching “Cloud Musings en espaƱol”.

So out of all the languages we could have picked why Spanish? The simple answer is that many of our Spanish native speakers have asked us to. We actually have a significant following in Spain, Mexico and across South America so this channel is a natural for us. Also, please don’t forget the large Spanish speaking population in the United States! We strive to continue enhancing our value so delivering advance information technology insight and marketplace observations in the native tongue of a large segment of our readers is more than appropriate and long overdue.

Since this launch is both professionally and personally important, I’ve asked my good friend Arturo DurĆ”n to supervise and guide the GovCloud Network Team in this effort. Arturo not only “walks the walk and talks the talk” (natively in Spanish), but he shares my passion around employing advanced information technology in accomplishing business and mission objectives.

At the start, “Cloud Musings en espaƱol” will publish translated versions of “Cloud Musings” content. We will also look to publish IT in business stories that originate in the Hispanic business world.  Cloud computing, cybersecurity and big data analytics for government and business will continue to be at our core but the application of our vision will broaden. 

Please come visit use at:


We look forward to partnering with you on this exciting journey!

( This content is being syndicated through multiple channels. The opinions expressed are solely those of the author and do not represent the views of GovCloud Network, GovCloud Network Partners or any other corporation or organization.)




Cloud Musings
( Thank you. If you enjoyed this article, get free updates by email or RSS - © Copyright Kevin L. Jackson 2015)