Connect with us


Perimeter Security Focus Leaves Strategic Business Assets Vulnerable To Cyberattack



That nagging feeling of discomfort awakening you in the middle of the night won’t be resolved by fluffing your pillow. Not if your angst stems from the suspicion that the big bucks your organization has been spending on security may not be securing the right stuff.

However, that’s precisely the shocking conclusion of a 110-company survey, conducted by IDG Research’s CSO Custom Solutions Group and sponsored by Oracle ORCL -1.91%. “Most IT security resources in today’s enterprise are allocated to protecting network assets, even though the majority of enterprises believe a database security breach would be the greatest risk to their business,” according to the report.

What grabbed my attention isn’t any sort of charge that IT organizations are neglecting security. Far from it. The valuable service this report is providing is that it’s telling us to step back from our relentless efforts to enhance security, stop for a minute, and think about just what it is that we’re doing.

That pause for reflection spotlights the fact that the majority of everyone’s efforts for the past several years—or, at minimum, the public discussion—have centered on endpoint security. That’s completely understandable in light of the opening of BYOD floodgates.  Tablets, smartphones, sensors, and the Internet of Things (IoT) have created a kind of low-level panic about the need to secure corporate networks against those 50 billion devices that’ll be connected to the internet in a few years’ time.  As Oracle chief communications officer Bob Evans put it (I’m paraphrasing from this post): Will the explosion of devices transform your company, or kill it?

Flipping the Focus

Implementing “An Inside-Out Approach to Enterprise Security,” as the report is titled, is the way to embrace that transformation. Of course perimeter security is necessary. But, as it warns, in our zeal to plug virtual holes in the network dike, we sometimes lose focus on the importance of securing our business’s crown jewels. As in, securing the database. That’s where you keep your business’s most vital information—the information on your customers.

“The results of the survey show that the gap between the threat of severe damage to a database attack versus the resources allocated to protecting the database layer is significant, highlighting the disconnect in how organizations are securing their IT infrastructures,” Tom Schmidt, managing editor at CSO Custom Solutions Group, said in the press release spotlighting the report.

Schmidt’s quote illuminates whence the report’s focus—and title—arose. Inside-out security means protecting data at its source.  As the report puts it: “Security teams are leaving the enterprise vulnerable to attacks from inside and attack vectors that bypass the perimeter. As such, there’s a growing imperative…to rebalance security resources to protect corporate information from the inside out.

The stats within the report show that, while there’s cause for concern, there’s also some good news. For example, nearly 66 percent of those surveyed already apply an “inside-out” security strategy. And 75 percent have either a good or excellent understanding of what data needs to be protected and why.

On the down side, the report argues that security spending doesn’t align with the database-protection imperative. “Two-thirds of IT security resources—including budget and staff time—remain allocated to protecting the network layer, with the remaining third split among applications (15%), databases (15%), and middleware (3%),” the report notes.

Internal Bad Guys

More bad news: “More than 4 in 10 respondents believe database and application data are inherently safe because they lie deep within the perimeter and therefore are more difficult to reach.” This is a dangerous assumption, the report says, pointing out all the internal users, sysadmins, and developers who have access to such apps. (This point/counterpoint begs the socially salient question as to what kind of person steals from the very employer that’s helping to put food on his or her family’s table.)

So where does this leave us? “IT security has to focus attention on the most strategic assets,” Mary Ann Davidson, Oracle chief security officer, said in the press release. “Organizations have to get the fundamentals right—which are database security, application security and identity management.”

What’s the most effective way to do that? From the perspective of Oracle and its customers, protection is available via database security products (here), identity management middleware (here), and access management (here).

Philosophically and operationally, the report prescribes a three-step approach to inside-out security:

  • Align business strategy with security strategy.
  • Revamp processes and privileges.
  • Design for scale. (Inconsistency is the enemy of a comprehensive security policy.)


Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Tech News


SAMSUNG WATCH ACTIVE 2 SPECS IS ONLINE, While Samsung is gearing up to launch the Galaxy Note 10 series on August 7,




While Samsung is gearing up to launch the Galaxy Note 10 series on August 7, there are reports about the arrival of a Galaxy Watch Active 2. It’s unclear if whether the company will launch the wearable with the new smartphone series, or if its launch will be moved forward. Despite this, more and more leaks are surfacing and revealing details about the Watch Active 2.

A couple of pictures were revealed today by the popular leakster, Evan Blass, from evleaks. According to another report from SamMobile, the Galaxy Watch Active 2 will come in two sizes, 40mm and 44mm. The former has a 1.2-inch screen, while the latter will be equipped with a 1.4-inch display. Both displays will boast AMOLED technology plus Gorilla Glass DX+. Last but not least they’ll sport 360×360 pixels of resolution. Join GizChina on Telegram

Galaxy Watch Active 2

The smaller model will weigh 31g, while the bigger one scales at 36g. They will arrive in either aluminum or stainless steel case, both are built to comply with MIL-STD 810G durability standards. According to reports, Samsung will equip the newer models with a touch-sensitive bezel. Therefore it will allow users to interact with functions without having to touch on the screen. That’s an interesting feature, after all, smartwatches displays are usually too small so it’s hard to interact with a touch-sensitive display without covering the content.

The Watch Active 2 will carry Samsung Exynos 9110 SoC underhood. The smartwatch boasts 768 MB of RAM on the Bluetooth-only model and 1.5GB on the LTE-capable variant. Both versions will boast 4GB of Internal Storage. Reportedly, the 40mm unit will have a  247 mAh battery. The 44mm model will fit a larger 340 mAh cell. As previously rumored, ECG and fall detection are both on board. However, the former can take some time to arrive at the shelves.

Last details include Bluetooth 5.0 connectivity and a plethora of colors for the aluminum variants:  Silver, Black and Pink Gold, while the stainless steel color will arrive in Silver, Black and Gold. Worth noting that the LTE variant will only be available with a stainless steel finish.


Continue Reading


MacBook Pro 2019 will be a 16-inch LCD laptop

MacBook Pro 2019 will be a 16-inch LCD laptop, New report affirms rumors and points to $3,000 starting price




New report affirms rumors and points to $3,000 starting price

We may have already seen new MacBook Pro models refreshed for 2019, but the true MacBook Pro 2019 is expected to land this October as a 16-inch LCD laptop, according to Taiwan’s United Daily News (UDN).

Given that this would be Apple’s largest MacBook Pro laptop since 2012’s final run of the 17-inch MacBook Pro, the company reportedly plans to slap a gargantuan baseline price tag onto this year’s model – which could rise above $3,000 (about £2,450, AU$4,350).

This laptop will likely be pushed heavily toward content creators and developers as a demonstration of Apple’s sincerity in serving those audiences. Here’s to hoping it will somehow satisfy the cross-section of folks that also like to game on their workhorse machines.

MacBook Pro 2019 backs down from OLED

This report corroborates one published by London-based market analysts IHS Markit, adding the pricing element to the mix. More importantly, this is the second report to state that the 16-inch MacBook Pro 2019 display will not be an OLED product.

Instead, it will be an LCD to the tune of a 3,072 x 1,920 pixel resolution, which would give the display a rather competitive 226 pixels per inch (ppi) rating and a total of 5.9 million pixels. LCD or not, this is going to be a sharp 3K display.

Will that alone be enough to justify such an exorbitant starting price? Hardly. There are surely other features that Apple has cooking for this device.

We know that Apple is planning to allow this MacBook Pro up to 32GB of memory (RAM), which is already possible on the 15-inch MacBook Pro. 

And, of course, every report mentions an entirely new design likely focused on smaller screen bezels.

Exactly what kind of processor technology will be inside these laptops is also up in the air. Is Apple’s supposed ARM laptop processor to be finished in time for these new laptops? Or, will Apple go all in with AMD considering Intel’s faltering pole position in the laptop computing space?

We’ll almost certainly see more about these missing MacBook Pro 2019 details as we get closer to October 2019.


Continue Reading

Tech News

Google pays users to help build its FaceID

Google pays users to help build its FaceID, Google’s Pixel 4’s moderately sized bezel has been rumoured to be hiding




Google’s Pixel 4’s moderately sized bezel has been rumoured to be hiding a powerful secret — its own take on FaceID. Much like how Pixel Imprint is Google’s version of TouchID, Google is expected to add an additional form of biometric authentication to the Pixel 4 and 4 XL with this year.

As per a report from ZDNet, men on the street have been approached by Google employees and asked to capture different angles of their face in exchange for a $5 Amazon or Starbucks Giftcard. The images were taken with a phone in a case which obscured its design likely the Pixel 4 or 4 XL (or a prototype of one or the other.)
The firm is said to be doing this for multiple sites across the US to gather a large number of pictures with which to train its Pixel’s authentication system before launch.

Google previously offered facial recognition for its Android devices in the past. This method is likely to be more secure and 3D based than before.

Source: Google is paying users $5 to help build its FaceID competitor

Continue Reading


Copyright © 2020 Inventrium Magazine

%d bloggers like this: