Wednesday, March 26, 2014

Malware costs $491 Billion in Perspective

A recent joint study from IDC and the National University of Singapore (NUS) predicts that companies around the globe will spend around $491 billion in 2014 for fixes and recovery from data breaches and malware. The sponsor, Microsoft, also noted that pirated software tweaked with intent is a common method of getting inside. Consumers will likely spend $25 billion as a result of those security threats. $491 billion is a lot of change and in the spirit of Mobile Threats Rise 261% in Perspective, I wanted to know what else costs $491 billion.

Apparently, quite a few things!

U.S. motorists may spend a record $491 billion for gasoline this year. Expensive oil and increased exports have kept our fuel prices high this year. We are still under the 2008 average gas price record but we will still spend more due to gas going up sooner in the year and staying high longer. I know I've seen $4.11 here in California where the average is $3.94. While the winter blend production does bring some relief, don't expect major drops due to higher global demand along with the various feuds in the world.

Back in 2005, the US House of Representatives passed a $491 billion defense bill. This was when we were still in Iraq and the only reason I find this interesting is that the cyber-war can now cost as much as real wars. Not really apple to apples admittedly, but I often talk about how our digital worlds are colliding integrating with our physical lives. Either way, the costs can be very real.

Now at the 3 year mark of the Fukushima meltdown, property damage so far has been assessed at approximately US$200 billion but some estimates show that the total burden will be $491 billion. While one could never put a price on the 19,000 people lost from the earthquake and tsunami, it is kinda spooky that breaches and malware are on par with nuclear disasters.

According to the Global Business Travel Association (GBTA) Foundation business travel was responsible for about 3% of U.S. GDP in 2012 or $491 billion. Essentially, every dollar of business travel spending generated about $1.28 in GDP. Of the $491 billion total, $208 billion accrued directly to businesses that served travelers or meeting attendees.

In 2011 the European chemical industry contributed to 20.9% of the world’s chemical sales valued at €2353 billion, generating € 491 billion of revenues and employing 1.16 million people.

In 2012-13, India's total imports was $491 billion according to their Finance Minister.

And finally, the Earth is 491 billion feet from sun, give or take.

The malware market is on par with the likes of defense budgets, nuclear disasters, overall energy consumption and an entire country's import bill. It is often hard to quantify such large dollar amounts but when compared to the other $491 billion items, you can get a real sense of the magnitude.

ps

 

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]

Wednesday, March 19, 2014

Infrastructure as a Journey

I see and read a lot of IT articles almost demanding that organizations must do certain things to ensure that some piece of their infrastructure is secure, highly available, fault tolerant, agile, flexible, scalable, recoverable, cloud'able, whatever the silo needs or face the dire circumstances. I'm guilty of it too over the years. Organizations must have a WAF for PCI compliance or Remote employees need to have an encrypted tunnels to the corporate network or any other command pertaining to the health of your infrastructure.

Life is a Journey, Faith is a Journey and by golly, Business is a Journey. IT is tasked with supporting the business objectives, so why not Infrastructure as a Journey? We've seen part of this journey play out over the last 5 years as organizations first tried to understand the cloud, it's various definitions/deployment models and the true business benefits. The cloud journey continues as more organizations test the waters, so to speak, and distribute their content over a hybrid infrastructure.

Workplace mobility is and continues to be a journey for many organizations. This started over 10 years ago with the first bricks, Palms and Blackberry's making their way into employees hands. iPhones and Androids later, VDI, MDM, MAM and a host of other infrastructure solutions have come along to help with the mobile BYOx journey.

Security has always been a journey. Assessing, managing and mitigating the risk to the business. Security is probably an area that gets the most insistence to do something. For years the ever popular Fear, Uncertainty and Doubt has been used to urge companies to protect something in a certain way. With all the media coverage of data breaches and the reported mistakes (intentional or not) made along the way, it is easy to jump on the 'you must do' bandwagon. But all companies are different.

Also, organizations might not be able to obey all the mandates and accomplish everything they must. They might have tight budgets, limited staff, different priorities, varying risk or other variables that could prevent complete infrastructure  bliss. And over the next 5 years, there will probably be even more change that adds even greater hills and valleys to navigate. Just like life. I can also guarantee that your infrastructure will probably look nothing like it does today.

Your body's infrastructure is what keeps us humans going day to day and your IT infrastructure is what keeps the business going. The infrastructure journey to a high performance, flexible, agile, application focused fabric with the ability to apply services across that fabric and the tools to manage it, is just beginning.

I realize there is incredible pressure to do more with less and have it done yesterday on top of dealing with the daily fires. Much easier said than done, but if you can think of your infrastructure as a journey, it might help prioritize the needs of your business and see what forks in the road are approaching rather than scrambling when the big one hits.

Journeys can take you to some interesting places as you progress from one stage to another. You try stuff, make mistakes, learn and make adjustments to address those and hopefully come out better on the other side. Just always remember to exhale and smile when you get there.

ps

 

 

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]

Wednesday, March 12, 2014

The Applications of Our Lives

The Internet of Things will soon become The Internet of Nouns

There are a few 'The ______ of Our Lives' out there: Days. Time. Moments. Love. They define who we are, where we've been and where we are going. And today, many of those days, times, moments and loves interact with applications. Both the apps we tap and the back end applications used to chronicle these events have become as much a part of our lives as the happenings themselves.

The app, Life.

As reported on umpteen outlets yesterday, Twitter went down for about an hour. As news broke, there were also some fun headlines like, Twitter goes down, chaos and productivity ensue, Twitter is down. NFL free agency should be postponed, Twitter is down, let the freak-out commence and Twitter goes down, helps man take note it’s his wife’s birthday. It is amazing how much society has come to rely on social media to communicate. Another article, Why Twitter Can’t Keep Crashing, goes right into the fact that it is globally distributed, real-time information delivery system and how the world has come to depend on it, not just to share links and silly jokes but how it affects lives in real ways.

Whenever Facebook crashes for any amount of time people also go crazy. Headlines for that usually read something like, 'Facebook down, birthdays/anniversaries/parties cease to exist!' Apparently since people can't tell, post, like, share or otherwise bullhorn their important events, it doesn't actually occur. 'OMG! How am I gonna invite people to my bash in two weeks without social media?!? My life is over!' Um, paper, envelopes, stamps anyone?

We have connected wrist bracelets keeping track of our body movements, connected glasses recording every move, connected thermostats measuring home environments and pretty much any other 'thing' that you want to monitor, keep track of or measure. From banking to buying, to educating to learning, to connecting to sharing and everything in between, our lives now rely on applications so much so, that when an application is unavailable, our lives get jolted. Or, we pause our lives for the moment until we can access that application. As if we couldn't go on without it. My, how application availability has become critical to our daily lives.

I think The Internet of Things will soon become The Internet of Nouns since every person, place or thing will be connected. I like that. I call 'The Internet of Nouns' as our next frontier!

Sorry adverbs, love ya but you're not connected.

ps

Related


Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]

Wednesday, March 5, 2014

So Where Do We Go From Here?

If you are who you say you are.

I've been travelling the last few weeks shooting some videos for VMware PEX and RSA. When that happens, my browser tabs get crowded with the various stories I'm interested in but will read later. This time they all seemed to hover around Identity Theft. When I got home, in my awaiting physical mail was a letter from Target. I also returned something to a national hardware store and the cashier tried to crumple my credit-card-info-having receipt into a trash can. Kismet.

Let's take a look...

The FTC recently announced that Identity Theft is the #1 complaint in 2013, for the 14th consecutive year. Is that a record? While down slightly from 2012, it still accounted for 14% of the 2 million overall complaints. This is down from 18% in 2012. Florida, followed by Georgia and California were the worst hit states for ID theft. The IRS has also named Identity Theft as their #1 Dirty Dozen Tax scam for 2014.

Speaking of California, 7.5 million of the over 110 million breached Target accounts were Californians. California is one of the few states that require disclosure when more than 500 accounts are compromised. The first year California required reports, 2012, there were 131 breaches reported...in 2013 that rose to 170. The other interesting thing about California breaches is that many target smaller companies. In 2012, half of the reported breaches came from companies with fewer than 2500 employees and almost a third were businesses with less than 250 employees. Being small and relatively unknown is no shield.

Also in Southern California, the Feds busted a couple guys running a Tijuana-based identity theft ring. These dudes broke into a U.S. based mortgage broker's servers and siphoned off mortgage applications which included most of the borrower's personal info: name, birthday, SSN, DL number, tax info, the works. They then used that info to open credit lines and, with the info they had, were able to change access to the people's brokerage accounts. From there, transferring money to other accounts was a snap. From Dec 2012 thru June 2013 they stole personal data on 4200 individuals.

Javelin Strategy and Research released their annual 2014 Identity Fraud Study stating that in 2013, a new instance of identity fraud occurred every 2 seconds. 1 Mississippi, 2 Mississippi. Another. There was 13.1 million identity fraud victims on 2013. While the people number is going up, the actual money stolen, according to Javelin, in going down. They estimated that the total cost of identity fraud in 2013 to be around $18 billion, more than $3 billion less than 2012. 2004 holds the record at $48 billion. Attackers are now focusing on opening new accounts rather than piggy backing existing credit cards. Account take-over's, particularly for utilities and mobile phones are the new free-bees. Most of the stolen info appears to be from corporate breaches and about 1/3 of those who receive a breach letter actually becomes a theft victim. Your debit card also seems more valuable than your social security number. 46% of consumers with breached debit cards became victims verses only 16% of breached SSNs.

And in an interesting twist, the top complaint against debt collectors is mistaken identity. Trying to collect a debt from the wrong person was by far, the most common complaint to the Consumer Financial Protection Bureau (CFPB). I know this all too well since over the last 3+ years, we've been getting debt collection calls looking for a certain person. We tell them that we've had our phone number for years and stop calling. Few months go by, the debt gets sold to another collector and we get calls again. It got so bad that this person's own mother called to tell her son that the dad was in the hospital and probably wouldn't make it. About 2 weeks later we got a call from another family member looking to talk about the father's death. This guy was running from debt so much so, that his own mother couldn't get a hold of him when dad was on his death bed. Now that's bad.

So where do we go from here? Will we all need that personal chip installed on our left earlobe to verify identity? The payment terminal says, 'Please listen for verification.' Riff-raff will then be all like, 'Oh, listen to this cool song,' as they plug the bud into your ear only to suck the data off your PID chip. You didn't hear? That's our IPv6 Personal Identity Chip inserted into every newborn starting in 2025.

Oh, it will happen.

ps

Related:

 

 

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]