psilva's prophecies

Tuesday, July 22, 2014

Fear and Loathing ID Theft

Do you avoid stores that have had a credit card breach?

You are not alone. About 52% of people avoid merchants who have had a data breach according to a recent Lowcards survey. They surveyed over 400 random consumers to better understand the impact of identity theft on consumer behavior. 17% said they or a family member was a victim of identity theft over the last year with half the cases being credit card theft. 94% said they are more concerned or equally concerned about ID theft. They estimate that there were 13.5 million cases of credit card identity theft in the United States over the last 12 months.

These concerns are also changing the way some people shop.

Over half (56%) are taking extra measures to protect themselves from identity theft. Some of these behaviors include using a debit card less (28%), using cash more (25%), ordering online less (26%) and checking their credit report more (38%). These are all reasonable responses to the ever challenging game of protecting your identity and is important since 89% of security breaches and data loss incidents could have been prevented last year, according to the Online Trust Alliance's 2014 Data and Breach Protection Readiness Guide.

The game is changing however, and mobile is the new stadium. Let's check that scoreboard.

Most of the security reports released thus far in 2014, like the Cisco 2014 Annual Security Report and the Kaspersky Security Bulletin 2013 show that threats to mobile devices are increasing. We are using them more and using them for sensitive activities like shopping, banking and storing personally identifiable information. It is no wonder that the thieves are targeting mobile and getting very good at it. Kaspersky's report talks about the rise of mobile botnets and the effectiveness since we never shut off our phones. They are always ready to accept new tasks either from us or, a foreign remotely controlled server with SMS trojans leading the pack. Mobile trojans can even check on the victim's bank balance to ensure the heist is profitable and some will even infect your PC when you USB the phone to it.

Distribution of exploits in cyber-attacks by type of attacked application

I guess the good news is that people are becoming much more aware of the overall risks surrounding identity theft and breaches but will the convenience and availability of mobile put us right back in that dark alley? Mobile threats are starting to reach PC proportions with online banking being a major target and many of the potential infections are delivered via SMS messages. Sound familiar?

Maybe we can simply cut and replace 'PC' with 'Mobile' on all those decade old warnings of:

Watch what you click!

Technorati Tags: mobile,shopping,breach,malware,idtheft,behavior,silva,trojan,security

Connect with Peter:	Connect with F5:

Monday, July 14, 2014

Apps Driving Attention

The mobile platform, meaning tablets and smartphones, now account for 60% of total digital media time spent according to comScore. This is a 10 point jump from 50% just a year ago. On top of that, mobile apps accounted for 51% of all digital media time spent in May 2014. Many of the content categories like radio, photos and maps are becoming almost exclusively mobile. Digital radio and photos both generate 96% of their engagement from mobile while maps and instant messaging get 90% of interaction from mobile devices.

You might be wondering, like I did, where do social networks come in since it seem like almost everyone updates their social feeds through mobile. Social is actually the #1 category for overall digital engagement taking about 20% of overall digital time spent and gets 71% of it's activity from mobile. It, social media engagement on mobile, has grown 55% over the last year and has accounted for 31% of all growth of internet engagements.

So who is driving the mobile app explosion? Teenagers. About 60% of 12 to 17 year olds had a smartphone in 2013, topping even the 45+ crowd for smartphone ownership, according to Arbitron and Edison Research. The app money makers are not the initial charge for the program but all the in-app purchases along with the ads attached to the app.

Mobile is clearly the new way we consume digital content and continues to grow. We are also interacting with specific apps rather than browsing and those apps are growing at an amazing pace. Today's infrastructure needs to be even more flexible, intelligent and resilient to handle the surge. And ultimately, the apps and the content/experience they provide need to be highly available and delivered quickly and securely to the person...just like any other typical application.

Technorati Tags: mobile,apps,tablet,smartphone,social media,humans,society,silva,security

Connect with Peter:	Connect with F5:

Tuesday, July 1, 2014

Will the Cloud Soak Your Fireworks?

This week in the States, the Nation celebrates it's Independence and many people will be attending or setting off their own fireworks show. In Hawaii, fireworks are shot off more during New Year's Eve than on July 4th and there is even Daytime Fireworks now.

Cloud computing is exploding like fireworks with all the Oooooooo's and Ahhhhhhh's of what it offers but the same groan, like the traffic jam home, might be coming to an office near you.

Recently, Ponemon Institute and cloud firm Netskope released a study Data Breach: The Cloud Multiplier Effect, indicating that 613 IT and security professionals felt that deploying resources in the cloud triples the probability of a major breach. Specifically, a data breach with 100,000+ customer records compromised, the cost would be just over $20 million, based on Ponemon Institute’s May 2014 'Cost of a Data Breach'. With a breach of that scale, using cloud services may triple the risk of a data breach. It's called the 'cloud multiplier effect' and it translates to a 3% higher risk of a data breach for every 1% increase in the use of cloud services. So if you had 100 cloud services, you would only need to add 25 more to increase the possibility of a data breach by 75%, according to the study.

69% of the respondents felt that their organizations are not proactive in assessing what data is too sensitive to be stored in the cloud and 62% said that the cloud services their companies are using are not fully tested to make sure they are secure. Most, almost three-quarters, believed they would not even be notified of a breach that involved lost or stolen intellectual property/business confidential or even customer data. Not a lot of confidence there. The security respondents felt around 45% of all software applications used by the company were cloud based yet half of those had no IT visibility.

This comes at a time when many organizations are looking to the cloud to solve a bunch of challenges. At the same time, this sounds a lot like the cloud concerns of year's past - security and risk - plus this is the perception of...not necessarily the reality of what's actually occurring. It very well could be the case - with all the parts, loss of control, out in the wild, etc - that the risk is greater.

And I think that's the point. The risk.

While cloud does offer organizations amazing opportunities, what these people are saying is that companies need to do a better job at the onset, in the beginning and during the evaluations, to understand the risk of the type(s) of data getting sent to the cloud along with the specific cloud service that holds it. It has only been a few years that the cloud has been taken seriously and from the beginning there have been grumblings about the security risks and loss of control. Some cloud providers have addressed many of those concerns and organizations are subscribing to services or building their own cloud infrastructure. It is where IT is going.

But still,as with any new technology bursting with light, color and noise, take good care where and when you light the fuse.

Technorati Tags: f5,cloud,security,risk,silva,survey,breach,fireworks,july 4

Connect with Peter:	Connect with F5:

Thursday, June 26, 2014

Velocity 2014 – That’s a Wrap!

I wrap it up from Velocity Conference 2014. Special thanks to Dawn Parzych, Robert Haynes, Cyrus Rafii and John Giacomoni for joining us on camera along with Robert, Courtney, and Natasha behind the lens. Also learn what the top questions were this week at F5 booth 800. Reporting from the Santa Clara Convention Center, thanks for watching!

Technorati Tags: f5,big-ip,velocity,optimization,performance,video,silva,trade show

Connect with Peter:	Connect with F5:

Velocity 2014 – BIG-IP Image Optimization (feat Parzych)

Dawn Parzych, F5 Sr. Product Manager, returns to demo BIG-IP’s Image Optimization solution. Web images can consume up to 60% of a site load and BIG-IP can significantly reduce the image file size and deliver those pictures much faster to the viewer.

Technorati Tags: f5,big-ip,images,optimization,compression,aam,velocity,silva,video

Connect with Peter:	Connect with F5:

Velocity 2014 – TMOS & LineRate: A Tale of Two Proxies (feat Giacomoni)

John Giacomoni, LineRate Founder and Sr Architect, joins us to give the lowdown on F5’s TMOS proxy and LineRate proxy. John does a great job explaining the nuances of each, how they function within architecture and the associated deployments within an organization. Each can be deployed individually or work together in concert. If you wondered also, watch this video.

Technorati Tags: f5,big-ip,linerate,velocity,proxy,enterprise,devops,silva,video,giacomoni

Connect with Peter:	Connect with F5:

Wednesday, June 25, 2014

Velocity 2014 – HTTP 2.0 Gateway

Dawn Parzych, F5 Sr. Product Manager, talks about the benefits of HTTP 2.0 and shows us a demo of 170+ pictures appearing instantly while using the BIG-IP HTTP 2.0 profile. Interesting conversation about web pages loads, the chattiness of the HTTP protocol and the notion of HTTP 2.0 moving forward. Learn more at: www.f5.com/products/modules/application-acceleration-manager

Technorati Tags: f5,velocity,performance,optimization,big-ip,application_delivery,video,silva,acceleration,http 2.0,aam,spdy,#velocityconf

Connect with Peter:	Connect with F5: