Wake up call

With the recent attack on Sony, followed by an attack on Xbox networks, clearly indicates that security is still not taken seriously by even organisation expected to be leader in their respective industries. It is indeed a wake-up-call for all enterprises who feel that their security is adequate enough. The question that needs to be asked is not who is accessing data but what are they doing with this data. Authentication, though important, is not adequate enough to protect an enterprise. Identity can not longer ensure that data is safe. Real time visibility on how is being used for sent out of the network has become far more important. Context aware security can provide the required visibility and help organisation to protect their data.



More on IOT Security

Intel shows of its own IOT platform and it looks promisingly secure. Will need to wait and see the actual devices hit the market and whether they are able to leverage the security provided by this platform. One thing for sure, Intel wants to compete headon with Qualcomm, and do not want to be left behind as in the mobile space. This competition will definitely help consumers, whether secure, wait and watch.

Intel staked out a claim in the freewheeling Internet of Things (IoT) market today at an event in San Francisco, where, the chip giant laid out a sweeping plan to ensure its place as a key player shaping the IoT ecosystem.



Is C Still Relevant?

Having started my career with 'C' programming language, I always felt I was biased towards it. Having looked at many other programming languages, including higher languages like Perl, Python, PHP, C++, always felt I missed the joy of 'Segmentation faults' while running my 'C' programs. The memory corruptions, overflows always had a romantic appeal. Current day programming languages have become too mechanical and do not have the emotional touch that 'C' provided. No reason, I used to talk to it while coding. Our code were well commented and looked beautiful. Our thoughts and feelings were expressed through it.

Even in this 21st Century, 'C' is still relevant. It is becoming younger with days. For performance, we always use 'C'. It performs well with limited memory availability of memory in embedded devices. You can argue that because of bad memory allocation and pointers are culprit to many vulnerabilities found in many applications. I would say, that it all boils down to how important you feel security is, which will reflect in your code.

I respect programmers who are able to code well in 'C'. Not only would they understand the concepts of programming, but understand systems better. I always found good programmers of Perl or PHP, weak in system programming. I may be wrong or probably my bias towards 'C' makes me feel so. Newer languages will ome and go, but my love for 'C' will always remain.

Why the Future of Security will be Context-Based ?

Rise in adoption of mobile, social and cloud technologies has created the need for a more proactive and context-based approach to managing security


For years, business organizations followed a rather reactive approach to managing IT security. Every time there was a new type of attack, security vendors would come up with a new solution to combat that threat. This approach worked very well till users accessed computers in controlled work environments. The company could easily monitor incoming and outgoing network traffic. But in today’s multi-channel environment, where users stay connected through a plethora of mobile devices and web-based apps, the security threats and vulnerabilities have only increased. According to PWC’s Global Information Security Survey 2015, the number of security incidents detected in 2014 was 48% higher than the previous year.

Multiple access devices and touch points have given hackers more options for entering corporate networks, without being easily detected. Therefore, the traditional models of security management are proving insufficient.  There is a need to adopt a new approach to managing security - one that is more proactive, sensitive and context-based. A recent Gartner report points out that increasing adoption of a more mobile, social, data-driven and consumer-like workplace is causing the breakdown of traditional security models and strategies. Going forward, enterprise security solutions will have to become context aware and adaptive. Security organizations and leaders that fail to alter strategies to accommodate a more consumerized workforce will soon be sidelined, predicts the report.

Read more ...

Are we ready to integrate IOT devices ? Security ?

The hack of Sony Pictures have raised many questions about securing our network and devices.

In a single week, hackers have brought a major Hollywood studio to its knees.

Sony Pictures is dealing with more than downed computers and frozen email. Movies have been leaked, and internal documents have exposed private company memos, along with employees' salaries, Social Security numbers and health information.


 We need to first work towards securing our existing infrastructure and data. If we are unable to do so, imagine what happens when we connect these embedded devices are connected to internet. IOT may be rapidly flourishing into our everyday life, whether in cars, power utility, farm etc, but if we do not build these devices with security in mind, it may cause far larger disaster. not only in monetary terms, but in human lives too.