SN blogs: The next generation of cyber security

SN blogs: This week analysts highlight the next generation of cyber security, which includes identity management tools as well as strengthening people skills.

Cyber security: The next generation

In part two of his two-part blog post, Enterprise Strategy Group Senior Analyst John Oltsik says that the next generation of cyber security will need to include both data and identity intelligence. Identity intelligence will be anchored by identity management systems and protocols. Authentication using the Fast IDentiy Online (FIDO) protocol, he writes, could help commoditize multifactor authentication. Oltsik suggests the development of an identity ecosystem in which a trusted party acts as an ID clearing house. While finding the right entity to do this is difficult, Oltsik says, it could be beneficial. An elemental part of any identity intelligence will be big data analytics, because of the broad oversight it would provide.

Read the other suggestions Oltsik makes to anchor the next generation of cyber security.

Microsoft to bring advanced data analytics to small companies

Current Analysis blogger Brad Shimmin says that the democratization of data is on its way, this time in the form of Microsoft's recently announced advanced data analytics service, Azure Machine Learning (AML). The key ingredient to note about this announcement, says Shimmin, is that AML will allow small companies with fewer resources to have access to the same data analytics as large enterprises armed with dozens of data scientists and big budgets. Yet Shimmin warns that while AML will allow smaller companies to respond to market opportunities more quickly, it's still important to have an expert data scientist available who can exploit the benefits of using the service. Read why Shimmin says it isn't ideal for just anybody to use Azure Machine Learning.

How do you know if the hybrid cloud is right for you?

Enterprise Management Associates blogger Steve Brasen says that while companies might be under the impression that private cloud has unlimited compute, storage and network resources, it does not. In order to maximize resources and cut costs, Brasen suggests that enterprises assess the merits of a hybrid cloud. Brasen lists five questions to ask to determine if the hybrid cloud is right for you. Constantly hitting budget limits, no longer being able to expand the data center and losing reliability and high performance are all signs that it might be time to connect your private cloud to a public cloud.

Read the other signs that Brasen lists that could mean it's time for the hybrid cloud.

NSA leaks still affecting business; security pros fall short in people skills

Current Analysis analyst Paula Musich shares two valuable ideas that she took away from the CISO Forum in London. Although it's been a year since details about the National Security Agency's PRISM program first surfaced, foreign companies are still refusing to work with U.S.-headquartered organizations. That concern has opened the door for European-based cloud providers to pick up new business, she said, with Switzerland-based providers in particular being particularly aggressive. Musich also said that while the shortage of cyber security skills has received a lot of attention in the past year, there has been much less focus on the lack of social and political skills within the cyber security industry. In response, Musich said some vendors are taking steps to train people with customer-service skills to become familiar with the ins and outs of technology. Musich quoted a panelist, " We forget at the end of the day it is human interaction that makes us a success."

Read more about what Musich took away from the CISO Forum.


This was last published in June 2014

Dig Deeper on Network Security Best Practices and Products

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Would you consider hiring someone with a background in customer service for a security position?
I'd be inclined to do so IF the person was also qualified from an IT and security standpoint. In many cases, considering candidates who aren't dyed in the wool security pros can lend a different perspective to procedures that might not be as efficient as teams think they are...but these steps stay in place because 'it's the way we've always done it.'

Ultimately, find the best qualified candidate and don't get hung up on what they did before. The traits that make a customer service pro good include empathy, communication and responsiveness. These also work well in the security dungeon.
Good points, Jeff - thinking outside the box when hiring is important, otherwise you might end up doing the same things you always have. But given the crucial importance of security, it may not be the area to get too creative, lest you leave your company open to risks. 
In my opinion if they have the skills for IT security and they are not the sloe person responsible for your company I might consider it. I would not trust them to have final word in security decisions until they have proven them selves.