Barracuda, a trusted partner and leading provider of cloud-enabled security solutions, today released key findings from a report titled “The state of network security in 2021.” Commissioned by Barracuda, the research surveyed 750 IT decision makers responsible for their organization’s networking, public cloud, and security to get their perspectives on cloud adoption, working from home, security concerns, and a variety of issues and challenges related to cybersecurity risks.

Overall, the research shows that network breaches, ransomware attacks, and remote-work challenges underscore the need for cloud-native Secure Access Service Edge (SASE) deployments. Highlights from the report include:

• 81% of respondents said their organization has been the victim of a security breach once in the last year.
• Companies with staff working predominantly from home had a significantly higher network security breach rate (85%), compared to companies with staff working predominantly in the office (65%).  
• A full 74% of those surveyed said their organization has been the victim of at least one ransomware attack in the last year.
• On average, only 14% of employees at the businesses surveyed currently work in the office all the time.
• A full 97% of respondents with company-issued devices share their home internet connection with other members of their household, so the risk of breach remains.
• 73% of companies with all apps in the public cloud have already deployed SD-WAN, twice as many as companies with only a few apps in the public cloud (37%).
• 68% of companies with all apps in the public cloud have deployed Zero Trust Network Access (ZTNA), while just 38% of companies with only a few apps in the public cloud have deployed it.
• On average, organizations have 31 Software-as-a-Service (SaaS) apps deployed.
• On average, respondents said 64% of their traffic is directed to public cloud providers.

“Organizations are experiencing a high level of network breaches and facing ongoing connectivity and security challenges as they adapt to hybrid work environments,” said Tim Jefferson, SVP, Engineering for Data, Networks and Application Security, Barracuda. “But, they are realizing that moving to SaaS applications and the public cloud improves both the user experience and security, so they’re starting to embrace new SASE technologies.”

Resources: 

Download the full report: http://www.barracuda.com/netsec-report-2021

Safe Security, backed by British Telecom & John Chambers invests in international markets to drive next phase of growth

Safe Security, a pioneer in Cybersecurity & Digital Business Risk Quantification today announced its entry into the Europe, Middle East & Africa (EMEA) region, to build on its success in North America. Headquartered in Palo Alto, California, Safe Security helps organisations manage, measure and mitigate cyber risks with its breach likelihood prediction platform SAFE. Backed by marquee investors such as British Telecom Group, John Chambers and other prominent industry leaders, the company appointed Cherif Sleiman, a veteran industry leader to head the business for international markets.

Sleiman is a visionary technologist and ‘turnaround specialist’ who will focus on building Safe Security’s regional presence, go-to-market and channel strategy in the region. Over his illustrious career which spans over 26 years, he has held leadership positions at giants of the tech industry including Cisco, Nortel, Brocade and most recently Infoblox. As part of its business expansion strategy, Safe Security will significantly ramp up its investments in Europe, Middle East & Africa – regions that the company believes are key to its growth. It plans to hire more than 100 employees in the next 18 months in the region.

Reflecting on his appointment, Cherif said, “Cybersecurity is a global concern. For all of the time, money, and energy spent telling us how to protect ourselves including what to buy to do so, there’s little sense of actual progress when it comes to security. And that’s key, because safety is not about how much money we spend on products, analysts or investments, it is simply about Knowing. Safe Security is uniquely positioned to provide organisations with the knowledge necessary to better secure their organisations. The SAFE platform delivers 360 degree continuous, dynamic & intelligent quantitative cyber risk management and breach likelihood prediction by assessing People, IT Infrastructure, Cloud Presence, Saas Deployments and Third Party Partnerships. It streamlines the knowledge and language needed by all stakeholders, from the boardroom to the frontline security professionals, so accurate decisions and actions can be taken in a timely fashion. I am excited to join Safe Security and honoured by the trust they have in me. I am confident that we will grow exponentially in the next 2-3 years across international markets.”

Over the course of the last year, cyber security incidents have seen a dramatic increase globally. With the growing sophistication of cyber attacks, cybersecurity through generic red-amber-green heat maps is not enough. Safe Security is at the epicentre of this paradigm shift; they provide an enterprise-wide, objective, unified and real-time cyber risk quantification platform called SAFE. It aggregates automated signals across people, process technology and even third party entities that an organisation works with, to dynamically predict the breach likelihood (SAFE Score) & the financial risk of the breach, to an organisation. 

Saket Modi, Co-founder & CEO, Safe Security said, “With SAFE, we have created a brand new category of products within cybersecurity, and we are pioneering the shift from a project led, reactive risk management approach to one that is proactive, and enables the Board to truly understand cybersecurity in a de-jargonized manner. Our vision is to make the SAFE score the global de-facto standard for measuring and mitigating cyber risks and our expansion to international markets is central to this vision.  International markets are extremely strategic for us and I am ecstatic to have Cherif join us to lead our business in the EMEA region. Cherif is a proven business leader and I am confident that he will replicate our global success and make Safe Security the preferred partner for addressing customer’s needs in the region.” 

By: Adrian Taylor, Vice President, A10 Networks

The COVID-19 pandemic underscored the importance of digital resiliency in the modern era. With employees working from home, and a shift online for consumer activities from banking and retail and media, to entertainment and healthcare, ensuring application performance and application availability became a matter of survival for most companies. Whether people are working or going about their personal lives, they expect a high-quality user experience for the applications they use—every time, with no excuses—with cybersecurity they can count on to protect customer data and privacy. These demands have made the application delivery controller (ADC) one of the most important components of modern digital infrastructure.

At the same time, maintaining application performance and application availability for existing resources isn’t enough to guarantee survival. In today’s digital business environment, you have to stay agile and innovative to compete, grow, and thrive. In fact, even facing an uncertain economic outlook over the past year, businesses plan to invest in digital transformation spending during the pandemic. That puts DevOps front-and-centre in digital business strategy as companies seek simple, streamlined ways to develop, deploy, change, and manage applications. The results speak for themselves: companies that use DevOps achieve 46x more software deployments and 440x faster lead time for changes. Here again, the ADC has a critical role to play in enabling the full speed and agility DevOps makes possible.

Of course, simply deploying ADCs isn’t a solution in and of itself; meeting these requirements depends on having the right application delivery controller capabilities and deploying them in the right way. Here are a few things to consider, to ensure that your application delivery infrastructure is meeting the digital transformation needs of your business and customers.

Using ADCs to Ensure Application Performance, Application Availability, and Cybersecurity

Whether it’s customers or employees who are using your applications, the experience you provide has a direct effect on digital business performance. If customers become frustrated or are unable to use your applications or services effectively, they can take their cash—and their loyalty—to a competitor. Without reliable application performance and application availability, your workforce can grind to a halt, sending waves of disruption throughout your business. Gartner estimates the average cost of downtime is $5,600 per minute which equates to more than $300,000 an hour.

Your application delivery controller solution can help you maintain a high-quality user experience by enabling a unified approach to managing performance, troubleshooting problems, and optimising traffic across complex environments with holistic visibility into devices, applications, policies, users, and more across data centres and clouds. By gathering and analysing data from across your hybrid infrastructure, you can work proactively to detect anomalies sooner, diagnose problems more accurately, and resolve issues more quickly. Global server load balancing functionality can intelligently guide application traffic to the best available site for each user to ensure the best possible service.

Ensuring high availability, disaster recovery, and rapid failover across cloud providers is essential to keeping employees productive and customers satisfied. As part of its global web traffic management capability, your ADCs can assess the health and response time of each site in your environment, then make intelligent adjustments to application traffic to prevent a failed server from affecting users. Similarly, an ADC solution can help you use a public cloud as a backup for your on-premises data centre using global server load balancing to determine when and how to tap into that capacity, then reroute traffic accordingly.

While application performance and application availability are the foundation of user satisfaction and loyalty, a cybersecurity breach can destroy that trust in a flash. As ransomware attacks, DDoS, and other threats grow in sophistication, and enterprise environments become more distributed and dynamic, cybersecurity and compliance become critical challenges. Your ADC solution can provide a unified policy infrastructure across every platform you use, making it easier to provide the same, consistent protection for applications and services wherever they are deployed. By managing authentication consistently across cloud and on-premises platforms, you can support a Zero Trust security model while providing employees with the right level of access for their needs. Protective measures such as security analytics, DDoS protection, web application firewalls (WAF), authentication, modern SSL/TLS encryption standards, and threat intelligence enable a multi-layered approach to cybersecurity for defence in-depth.

Supporting DevOps—While Simplifying Management at Digital Speed

DevOps isn’t just a core methodology for digital transformation—it’s also a set of technical requirements. To enable development and operations teams to collaborate effectively across the software development lifecycle, you need to provide simple, streamlined ways to develop, deploy, change, and manage applications. A standard set of automation tools across platforms can help teams work efficiently, bring new staff up to speed more quickly, and ensure consistent best practices. Real-time continuous integration and delivery (CI/CD) visualisation can help teams catch costly errors before applications enter production.

The rapid pace of digital transformation can increase both cost and management complexity. By providing a single point of management across your hybrid cloud and multi-cloud environment, with comprehensive visibility and analytics for actionable intelligence, your ADC solution can help your staff use resources more efficiently, make better decisions, avoid errors, and simplify operations.

Coursera, Inc. (NYSE: COUR), one of the largest online learning platforms in the world, today released a new study that examines the pandemic’s impact on skills and learning trends among women. The Women and Skills Report compares pre-pandemic enrollment and performance data with trends observed on the Coursera platform since the onset of the pandemic through June 2021. The new study found that women in the UAE are learning online at higher rates compared to pre-pandemic, with the share of STEM course enrollments from women increasing from 32% in 2019 to 37% in 2021. 

One of the key objectives of the Dubai Plan 2021 is to create an ‘inclusive and cohesive society’. The country as a whole has closed 71.6% of its gender gaps to date according to the 2021 WEF Global Gender Gap report, advancing 48 ranks in the gender gap index in just one year, from #120 rank to #72 globally. The UAE is also identified as the most-improved country in the world for women in parliament.

This aligns with Coursera’s findings in the report. The overall share of Coursera for Government learners in the country is nearing parity with 45% of government learners in the UAE being women. The Abu Dhabi School of Government (ADSG), which partners with Coursera to upskill its entire government workforce, for example, is championing online learning among women. In 2020, women accounted for 43% of overall course enrollments in ADSG’s learning initiative, up from 39% in 2019.

“It’s promising to see how the gender gap in online learning has narrowed since the pandemic”, said Anthony Tattersall, Coursera VP of EMEA. “We are particularly encouraged by how women in the UAE are embracing online learning in the field of STEM. This can help accelerate their return to work, bolster economic growth, and foster gender pay parity.”

Key UAE insights from the Women and Skills Report include:

• Women are turning to online education at higher rates than pre-pandemic. The UAE has 220,000 registered women learners on Coursera. In 2020, a peak of 47% new registered UAE learners were women. While this share is at 44% in 2021, it still represents an increase from 42% in 2019. Forty-five percent of female learners in the country also use mobile to learn.

• More women in the UAE are enrolling in STEM courses and entry-level Professional Certificates. The share of overall course enrollments from women increased from 38% in 2019 to 42% in 2021. For STEM courses, the gender gap narrowed from a share of 32% of enrollments from women in 2019 to 37% in 2021. Women’s enrollments in entry-level Professional Certificates have also gone up in the country from 26% in 2019 to 32% in 2021. These certificates, from industry leaders such as Google, IBM, and Facebook, are designed to prepare learners without a college degree or technology experience for a wide range of high-demand digital jobs.

• Top skills among UAE women show a strong inclination towards business leadership. Top skills UAE women have developed over the past year include communication (110,000 enrollments from UAE women), leadership and management (100,000), and entrepreneurship (80,000). Women are also investing in STEM skills, like probability and statistics (70,000), data analysis (60,000), and machine learning (50,000). The most popular courses among women in the UAE teach job-relevant and personal development skills, including The Science of Wellbeing from Yale University and English for Career Development from the University of Pennsylvania.

• Businesses, governments, and campuses can play a key role in reducing gender gaps in learning. In 2021, programmes where Coursera is used by various governments and campuses in the UAE saw the share of women registered learners was nearing parity, standing at 45% and 48% respectively. Better gender share is likely to contribute to more diverse talent pipelines for employers. Among businesses, women now constitute 36% of UAE learners.

Key global insights from the Women and Skills Report include:

• Women learners enroll more than men in courses taught by women instructors. Instructor representation is one of the most important factors contributing to increases in women’s enrollments. Forty-nine percent of enrollments from women learners are in courses with women instructors, compared to 38% for men learners. The most popular women instructors on Coursera include Laurie Santos (The Science of Wellbeing, Yale University), Seung Hae Kang (First Step Korean, Yonsei University), and Dr. Rosa I. Arriaga (Introduction to User Experience, Georgia Institute of Technology).

• Product innovations help grow women’s participation in online learning. Factors contributing to enrollment increases from women include adding practice quizzes before challenging assessments (+12% increase in share of lifetime enrollments from women), listing most common mistakes for peer-reviewed assignments (+16%), and distributing assessments throughout a course (+8%).

“I earned my computer science degree with only a handful of women alongside me, and while a great deal has changed since then, we still have important work to do to increase women’s representation in technology and leadership,” said Betty Vandenbosch, Chief Content Officer at Coursera. “Access to flexible, job-relevant education can help women learn the new skills they need to enter high-demand roles and achieve better gender balance in the workforce.”

With over 87 million learners and 5,000 courses on the platform, Coursera has one of the largest data sets for identifying and measuring skill trends. The Women and Skills Report includes data from 40 million new learners who registered during the pandemic between January 1, 2020 and June 30, 2021.

By Jonathan Nguyen-Duy, Vice President, Global Field CISO at Fortinet

Industry Perspectives

Of all the changes brought on by the pandemic, remote working as a standard business model is probably the most transformative. The result for some was improved work-life balance, as 90-minute commutes were replaced by more exercise and breakfast with the kids. But this massive shift, including the shift from trusted computing to untrusted networks, also introduced new cybersecurity threats. With many employees no longer protected by company firewalls and security protocols, new risks were introduced, especially around cloud migration and endpoint proliferation. 

Protection encompasses the entire cyber-physical environment of your data, data centers, carriers, users, critical infrastructure, and ecosystem, including partners, manufacturing plants, research and development centers, offices, and, most recently, remote workers. The pharmaceutical industry is not immune to these new challenges, with both large and small pharmaceutical companies being targeted by threat actors. Pharma also faces significant cybersecurity challenges brought on by the increased enablement of remote and distributed work within the pharmaceutical industry.

What’s Valuable is a Target within the Pharmaceutical Industry

Cybercriminals are capitalizing on the expanded attack surface and “reversed” networks, caused, in part, by the increased number of remote workers within the pharmaceutical industry. With everyone distracted by remote work, cybercriminals see opportunities to attack and steal valuable research and intellectual property. One of their most well-known tactics involves distributing ransomware designed to freeze organizations and interrupt or steal research and developments. 

The Pharmaceutical Industry Faces the Challenges of Maintaining Security for Remote Working

Recent data breaches within the pharmaceutical industry have resulted in hundreds of millions of dollars in lost proprietary information and pharmaceutical research. The increasing array of endpoints that come with remote working opens doors to potential security breaches especially with increased cloud migration and device proliferation. Additionally, expanding partnerships, including R&D partners, represent a potential critical point of entry to malicious actors as they target bigger pharmaceutical businesses through weaker access points within their wider ecosystem. Without a holistic, end-to-end security solution, it is likely only a matter of time before becoming a target. 

Despite the reality of this risk-filled environment, there are many challenges for pharmaceuticals looking to implement advanced security measures. Perhaps the greatest challenge and threat is the enablement of distributed remote working, globally and at speed, as it adds risk and makes huge demands on security systems. Mass remote working may have become obligatory for many pharmaceutical workforces, but the need to integrate vulnerable legacy operational technology and the rising value of pharmaceutical intellectual property has seen the industry identified as a vulnerable and lucrative target. 

Last, but not least, of the operational challenges are the inconsistent attitudes and perceptions of risk and how those two factors can influence leadership’s appetite to protect vulnerable legacy operational technology. An increasingly digital pharmaceutical value chain demands a broader security framework to protect valuable data as it moves between a complex network of remote workforces and partners using disparate network, cloud, application, and mobile environments.

“Workforce mobilization has expanded the threat landscape dramatically, requiring organizations to evaluate and implement Zero Trust to protect all users and devices across the entire healthcare life science cyber edge.”  Troy Ament, Fortinet Field CISO Healthcare Life Science

Solutions for Remote Security in the Pharmaceutical Industry

Digital transformation and the rise of software-defined enterprises has created a persistent and growing cyber risk across a widening cyber-physical landscape. Pharmaceutical companies are focused on maintaining integrity across increasingly remote-based working environments. The key to integrity for remote workers is securing endpoints and access to distributed computing resources. Protecting this increasingly virtual and collaborative ecosystem, regardless of device or network, through the visibility of data and control of credentials is critical. Multi-Factor Authentication alongside actionable intelligence is a necessity for remote work security. Next-generation endpoint security provides real-time automated endpoint protection, detection, and response, while platform and firewall capacity enable safe throughput and processing of IP publicly identifiable information.

Beyond offering encryption of data in transit, via a VPN, a number of other features can help pharmaceuticals secure their cloud migrated remote workforce. Utilizing Data Loss Prevention (DLP) is essential for teleworking executives with frequent access to important and sensitive customer and operational data.¹ Additional advanced threat protection involves analyzing malware and other suspicious content within a sandboxed environment before it reaches its destination to help prevent breaches.² It’s critical for pharmaceuticals to provide secure wireless connectivity and access at remote work locations with full integration and configuration management.³

Convergence

“The pandemic has created higher demand for additional internet-based connectivity into the sensitive supply chain, R&D, and OT networks, creating a need for IT and OT infrastructures to collaborate. OT cybersecurity has started to depend on more traditional IT facilities like patching, cloud-based threat intelligence, protection mechanisms, VPN and remote access; a clear sign that organizations need to start integrating OT cybersecurity into everyday cybersecurity considerations.” Zhanwei Chan, Global Head of OT/IoT Practice, NTT Ltd.

Looking Back and Ahead in Pharmaceuticals

Pharmaceutical industries can only succeed and grow through the secure flow of data across connected IT and OT environments within complex, evolving ecosystems. Cybercriminals are targeting pharmaceuticals due to the increased focus on cloud migration and a recent increase in remote workers. These knowledge workers are indeed lucrative targets, often handling intellectual property worth billions of dollars. With global brand reputations and groundbreaking R&D on the line, speed and the pressures of non-disruption cannot come at the expense of security. These are challenges that should not sit solely on the shoulders of IT. 

By: Chris Martin, Channel Leader for EMEA and APAC, A10 Networks

2020 was an extraordinary year and, if nothing else, the last 18 months have certainly accentuated the importance of digital resiliency. Now, as we move into a recovery phase post pandemic, our own research, undertaken earlier this year, highlighted that the workforce won’t return to pre-COVID working practices, and that we should expect a hybrid approach to the office environment. The research analysed how senior IT professionals in communication service provider organisations will adapt to a post-COVID-19 world, and the challenges they face with a more distributed workplace. It found that 67% believe their customers will continue to operate with employees working from home even post-pandemic.

Certainly, the consumer shift online is here to stay, whether that be for public services, retail, entertainment, or healthcare. Again, while some will return to shopping on the high street or going into the civic centre to pay their council tax, others will continue to enjoy the convenience that online delivers.

Technology Trends Fuelling Demand

Despite the disruption of the last year and a half, business has continued to evolve, and our channel has continued to grow as a result of five key trends.

The first is the acceleration and proliferation of IoT. In 2020, there was a noticeable shift in the types of businesses adopting IoT, which is now becoming mainstream as enterprises move from experimentation to deployment across global operations.

The second and probably most notable trend is the shift to the cloud as organisations continue their digital transformation journeys. In fact, cloud services spend was already growing much faster than on-premises IT spend at the beginning of 2020, and this momentum has only increased during the pandemic.

Thirdly, 5G deployment and the associated security issues is very much front-of-mind, which was also reflected in our research. When it comes to 5G, just under one-third of respondents (31%) we surveyed stated that maintaining a quality service and avoiding service outages were top security challenges. While 21% said unpredictable subscriber usage with changing patterns on the network was a top challenge. And certainly, we see channel partners helping customers with cloud migration and the adoption of 5G as they address concerns around network security and the current lack of agility and visibility throughout the IT infrastructure.

Overcoming Operational Complexity

 This brings me to the fourth trend which is around operational complexity. As organisations, regions and countries go in and out of lockdown and need to scale up or scale back certain initiatives, it has created significant IT challenges. In today’s digital business environment, you’ve got to stay agile and innovative to compete, grow, and thrive. In fact, even facing an uncertain economic outlook over the past year, 70% of businesses planned to maintain or increase digital transformation spending during the pandemic. As a result, we have seen high demand for solutions like A10 Thunder ADC and Harmony Controller, which empowers businesses to deliver secure application services across traditional data centres, and private, public and hybrid cloud environments. This solution underpins our vision to help businesses become more secure, responsive and agile as they bridge traditional and cloud-based application environments.

Finally, as ransomware attacks, DDoS, and other threats grow in sophistication, and enterprise environments become more distributed and dynamic, cyber security and compliance become critical challenges. Again, our research showed how important it is for organisations to protect against such threats. Forty-three percent stated that DDoS protection service for enterprise customers was a top security priority in 2021, while 39% of respondents said ransomware protection services for enterprise customers was their highest priority.

Focused Programmes that Support the Channel

All these trends have created demand for our products and services and have remained focus areas for both A10 Networks and our channel partners. To address these trends, we introduced five key channel initiatives at the start of 2021 in order to focus support and resources in these key areas:

• Deal registration is paramount; we have had deal registration incentives running since the beginning of the year to ensure partners register leads in line with our areas of focus and business growth.
• Distribution underpins our channel strategy and we have continued to recruit new partners across the region to ensure that we are well represented in all territories.
• Building our ecosystem and partner network is key to our ongoing success. Our focus here is on partnering with players who are strong in key verticals and can bring talent and expertise to our customers.
• Partner enablement: we launched a new technical ambassador programme, through which our technical team are mentoring our partner’s technical teams.
• Finally, the Lead the Way initiative, which utilises our partner network to develop leads and marketing initiatives via our partner portal.

With channel front and centre to all our programme activities, we renamed our partner tiering model to: Member, Advanced and Elite, and we launched our Elevate to Elite programme designed to help accelerate our partners’ growth and enable them to fast track through the various partner levels.

Building a Bigger Footprint

Our channel strategy encompasses APAC, EMEA and South Asia and provides us a unique perspective across a large segment. This allows us to consolidate and coordinate our channel strategy to an ever-greater degree while also allowing for flexibility to manage customer and channel needs across individual countries and regions. But, above all, we appreciate that some countries will be emerging at a different pace to others, as lockdowns and restrictions are enforced and relaxed. Therefore, our overriding priority is the security and safety of our partners and customers around the world; we’re committed to working with them to achieve this.

By: Jacob Chacko, Regional Director – Middle East, Saudi & South Africa at Aruba, a Hewlett Packard Enterprise company

The pandemic’s acceleration of cloud migration within enterprises has, at this point, been well documented. Last year’s Flexera 2020 State of the Cloud Report suggested that more than 90 per cent of enterprises now have a multi-cloud strategy.

Even in times of great urgency as we have experienced over the last 18 months, enterprise-wide cloud transformations don’t simply happen overnight. In the rush to get their multi-cloud environments off the ground and enable remote connectivity for their workforces, many enterprises will not have suitably adapted their IT and network infrastructure to support applications in a multi-cloud connected environment. Because of this, they will likely now be facing numerous challenges around the performance of mission-critical SaaS applications, automation of cloud security services, and integration of WAN applications in public cloud, to name just a few.

When it comes to meeting and addressing these challenges, enterprises could consider the benefits of an SD-WAN platform which, through a mixture of optimization, orchestration centralization and automation can provide a firm foundation for enabling a successful, performant and secure multi-cloud environment.

Ensuring user experience through SaaS optimization

In a time when applications were hosted in corporate data centres, routing all application traffic from the branch to the data centre made total sense. Today, however, with most applications in modern enterprises delivered through SaaS, backhauling cloud-destined traffic to the data centre only serves to increase latency and impact application performance.

Recognizing this, enterprises could reduce said latency by looking towards a modern, best-of-breed Edge-based SD-WAN platform, which should offer SaaS optimization features to seamlessly and securely connect users from branch sites to SaaS applications, while simultaneously monitoring the SaaS Quality of Experience (QoE).

Key functionalities that any SD-WAN purchaser should look out for include first-packet identification, wherein applications are identified and classified on the first packet, which enables traffic to be routed dynamically to its intended destination (be that the data centre, cloud provider or cloud security). This, in turn, reduces latency and ensures security policies are adhered to. Similarly, Microsoft Office 365 API integration enables secure internet breakout to the closest Office 365 entry point, thus ensuring the best Office 365 performance available.  

Intelligent local internet breakout

Different classes of application require different kinds of treatment to adhere to security policies and controls. As mentioned above, first-packet identification has a part to play here, but there are other functionalities within leading SD-WAN platforms that can bolster security without impacting application performance.

Different applications can be mapped to virtual WAN overlays, each supporting various QoS, transport and failover characteristics. For instance, trusted business SaaS such as Office 365 can be mapped to an overlay that traffics straight to the closest SaaS instance over the internet, whilst untrusted or unknown traffic is sent to the headquarters-based firewall for closer inspection.  

Speaking of firewalls, having a unified zone-based stateful firewall at the WAN Edge is essential to ensure complete, secure local internet breakout. A WAN Edge firewall can connect directly to trusted SaaS applications and IaaS from branch offices, whilst also blocking any unauthorized traffic attempting to enter the branch network from the enterprise LAN.

Network simplification through SD-WAN integration and automation with public cloud

Complexity is the enemy when it comes to network management, and this is most true for particularly large, global networks with many AWS Virtual Private Clouds or Microsoft Virtual Networks (VNets). However, an Edge-based SD-WAN platform can greatly simplify management of such large networks.

By connecting directly to public cloud providers’ global backbone networks, reducing the number of point-to-point connections, and connecting branch locations directly to regional points of presence (POPs) the complexity of the SD-WAN overlay is reduced. An SD-WAN overlay should also support branch-to-branch communication without virtual gateways at each Virtual Private Cloud.

The emergence of SASE

The emergence of SASE has had a profound impact on SD-WAN. Just as SD-WAN is transforming the network infrastructure with uninterrupted connectivity and simplified workflows, SASE takes the logical next step by placing cloud-native security controls closer to the end users where the data is being generated (at the network Edge) and is therefore most at risk.

Although SASE is not a technology on its own, as an architectural framework it offers organizations the capability to bring together security and networking functions into a single, cloud-based service model. In 2021, SD-WAN should form the foundation of a SASE solution: a cloud-programmable networking platform for orchestrating and centrally managing network, security and SASE components.

As part of this, any quality Edge-based SD-WAN must integrate with third-party cloud security services from best-of-breed cloud security firms. Advanced API integration within the SD-WAN platform can enable network managers to fully realize enterprise-wide automation of consistent, network-wide security policies. In this way, they can combine the advantages of an advanced Zero Trust WAN Edge on-premises, whilst also enjoying the flexibility and freedom of choice to enjoy the benefits of cloud-delivered security services from their preferred security vendor.

Final word

Multi-cloud environments can be incredibly complex, and managing their connectivity across an enterprise’s WAN can quickly become an unruly, laborious affair. Not only are IT teams tasked with deployment and management of these environments, but simultaneously they must ensure the highest performance levels and security are achieved for their businesses’ end users, alongside delivering the full transformational promise of the cloud through lifecycle management and orchestration.  

IT teams rely on automation and orchestration to manage the complexity of multi-cloud, and businesses must look to further simplify these processes for their teams, particularly as network complexity grows. An important first step is selecting the right SD-WAN platform to simplify the integration of private cloud, SaaS and IaaS hosted applications.

The pandemic has shifted how, when and where employees work, and it is still unclear as to whether these changes will become permanent fixtures after the pandemic has ended. Even if they do not, much of the investment and groundwork has already been laid. The impetus is now on businesses to follow through on their cloud transformation journeys and create a network infrastructure that is resilient and manageable to deliver consistent and secure application performance over any WAN infrastructure to all users, anywhere, and from any device.

With digital threats on the rise, Mindware, one of the leading Value-Added Distributors (VADs) in the Middle East and Africa, announced that it had signed a partnership with the International Council of E-Commerce Consultants (EC-Council). EC-Council is the owner and developer of the world-renowned Certified Ethical Hacker (CEH) program as well as multiple other cybersecurity programs. The institution has trained and certified over 200,000 information security professionals globally, that have influenced the cyber security mindset of countless organizations worldwide.

As per the agreement, Mindware will leverage the presence of EC-Council to offer cybersecurity certification, education, training, and services in various cybersecurity skills to partners and customers across the Middle East and North Africa (MENA) region. The courses are intended to prepare employees, contractors, temporary workers, and any additional representatives who perform authorized functions online, by offering the necessary information to defend themselves and secure their organization’s assets from damage or loss.

“The post-pandemic world has seen the adoption of new technologies for businesses. Adoption of technologies like Cloud, Artificial Intelligence, and Machine Learning is ever-growing. Businesses today need cybersecurity leaders that can make decisions and set industry benchmarks,” says Jay Bavisi, CEO and President of EC-Council Group. “We are delighted to partner with Mindware to encourage innovation and implement robust cybersecurity training strategies. With this partnership, EC-Council would share its cyber security training expertise and help cater to the growing demand for a skilled workforce.”

Speaking about the partnership, Philippe Jarre, CEO at Mindware says, “Most organizations today are embracing digital transformation and leveraging new-age technologies. With every new technology comes new and sophisticated cyber threats. Organizations are finding it difficult to combat these risks, especially with the shortage of security analysts and professionals in the market. The ongoing pandemic has further exacerbated the problem with the ‘work from home’ trend. A home working environment does not have enterprise cyber security prevention and detection technologies and policies in place. Additionally, home Wi-Fi networks are much easier to attack. Cyber criminals see the pandemic as an opportunity to step up their criminal activities.”

“As part of Mindware’s growing security practice, we decided to join hands with EC-Council to help partners and customers overcome cyber security challenges through high-quality training and certification. We believe that this initiative will go a long way in developing overall skills in the region and reducing the number of cyber breaches and incidents,” he continues.

The latest partnership further strengthens Mindware’s security portfolio and enables the VAD to position itself as a one-stop-shop for security solutions and services. With the specific needs for the region in mind, Mindware and EC-Council will focus on the following training courses:

• Certified Ethical Hacker (CEH)
• Certified Network Defender (CND)
• Computer Hacking Forensic Investigator (CHFI)
• EC-Council’s Certified Incident Handler (ECIH)
• Certified SOC Analyst (CSA)

By Joe Robertson , Director of Information Security and EMEA CISO at Fortinet

The digital automotive experience is revving up for some big changes, from online vehicle shopping, to configuring auto systems, to maintenance, manufacturing, and shipping. The advent and availability of 5G can help assure the required high-speed digital links for autonomous and semi-autonomous vehicles. But that’s not all. 5G is also creating a revolution in industrial automotive systems, as today’s vehicles can be manufactured and shipped faster and more easily than ever. However, the growing number of sensors, actuators, probes, machine connectivity, and the high density of connections (including robots)—all connected through 5G—opens new attack surfaces that need to be addressed. 

These new attack vectors are partially a result of the complex ecosystem of vendors and partners that supply the software and systems that build connected smart cars. At the same time, the real-time nature of driving also means that the computing required to manage on-board systems and interoperate with GPS, smart transportation systems, or other cars on the road, will happen both at the edge (meaning, in the car itself) and in the cloud. This simply widens the scope of the risk of interference and intrusion that needs to be accounted for.

Autonomous and connected vehicles are the perfect example of the compute edge in action. And given the safety issues for passengers in the connected vehicle as well as in the vehicles around it, the need for connected car security at the edge—that can function at 5G speeds—should be the first and foremost consideration. Securing the smart car and all its data, while also providing reliable and secure connectivity from the car to the cloud, is critical. Without security and connectivity working together as an integrated system, automotive companies are open to significant brand reputational risk. And worse, customers could even be putting their lives on the line.

First Gear: Connectivity with an Autonomous Vehicle

To start, the production and manufacturing of vehicles needs to be protected, especially as operational technology (OT) and information technology (IT) convergence becomes the norm. The challenge is that many legacy OT systems cannot afford any downtime and are highly sensitive to any sort of disruption; many systems are irregularly and infrequently patched. As a result, OT systems often lack consistent protection or single-lens visibility. Inconsistent corporate security policy implementation and governance only adds to the problem. In this environment, being able to protect every integration point across IT and OT to boost connected car security, even as interconnectedness increases, is a challenge.

Fortunately, the way auto manufacturers deal with their original equipment manufacturers (OEMs) is evolving. Traditionally, the manufacturer would turn to suppliers to design whole systems: brakes by one, the transmission by another, satellite nav systems by yet another. All these systems were farmed out to subcontractors, and the manufacturer took responsibility for assembling the pieces. However, with this piecemeal approach, the systems that operate the vehicle, engine, transmission, system gauges, fuel and safety systems, cameras, radar and more, might all run on different operating systems. This resulted in disparate and disconnected systems that were not able to efficiently collaborate or communicate with one another and are more challenging to secure. 

Over the last decade we have seen a change. Auto manufacturers see value for the customer when all of these solutions work together, creating a truly integrated experience. Software is the critical component and requires building connectivity and security directly into the system from the start, in the development, testing, and production phases, rather than a bolt-on solution applied at the end of the process. 

Second Gear: Data with an Autonomous Vehicle

Once these connected and autonomous vehicles are on the road, manufacturers need to continuously gather information from these “rolling data centers.” Vehicle data is collected and poured into a giant data lake, which the manufacturer uses to identify issues before they become critical. Since these autonomous vehicles run on compute power, they bring with them all the challenges of enterprise data systems— such as bandwidth, reliability, visibility, and, of course, cyberthreats, whether from malicious criminals or industrial espionage. Today, given current security trends, holding a vehicle for ransom is not out of the question.

Reliable, secure connectivity back to the cloud is critical to protecting customers, delivering the best user experiences, and protecting revenue streams. These cloud connections are crucial. This data is the only way to truly understand how vehicles are used, which leads to new insights and the development of premium customer experiences. Automotive manufacturers need to establish their own cloud platforms for data collection, processing, and provisioning. By keeping the in-car experience within their control, while protecting connected cars and their data, they can leverage car telemetry data to monetize and provide a differentiated, premium in-car experience.

But none of this will work without security. So, what is the best approach to ensure effective connected car security? The first step is integrating systems and software. This requires steering disparate vendors and solutions into a unified and broadly deployed platform that weaves security, connectivity, and networking into a single solution. 

Third Gear: Unification with an Autonomous Vehicle

In the connected-car industry, as elsewhere, software systems are now core to the business. Reliable connectivity and security of vehicles is important. It is possible to achieve powerful connectivity and integration between the vehicles that create the data, the cloud that processes it, and the applications that leverage it, resulting in continuous improvement and optimum user experience. In this scenario, automation, visibility, and an open integration platform are essential for providing the required agility and flexibility across all major public and private cloud providers and technologies. Without vendor lock-in, auto manufacturers can get what they need from proprietary technology while leveraging third-party tools, allowing their technology strategy to continually evolve as their business needs change. 

To unlock the true potential of the connected car, automotive manufacturers need to not only own the in-car experience but all the software and systems as well – from the backend to the front bumper. And because nearly every component of these autonomous vehicles will be connected to an in-car network as well as the cloud, the entire system is at risk if a vehicle is compromised. Thus, securing the car and its data while providing secure connections from the car to the cloud is critical to drive the connected car experience. 

By: Tonya Chin, SVP Corporate Marketing and IR, and Chief Communications Officer at Nutanix

The hyperconverged infrastructure (HCI) market has been on a fast journey over the past few years. Starting as a hardware-centric market focused on the simplicity of procuring datacenter hardware and software in one fell swoop, it quickly shifted as software-centric technology vendors and customers alike realized the biggest value一and innovation一was in the software. This is probably not surprising to those closely following the HCI market now but then it was a big change in the IT industry, as it evolved to embrace software-defined offerings.

This shift also came with challenges, particularly that of evaluating market share. At the beginning of 2020, I shared my thoughts on the effectiveness of IDC’s Converged Infrastructure Tracker, calling for a reevaluation of their methodology to separately focus on software sales, without accounting for hardware. We knew these numbers would tell a very different story, and were eager to share this with the market at large.

I’m ecstatic to share that IDC just released their Software-Defined Storage Controller Software Market Share, which encompasses the HCI software market along with software for block, file, and object offerings. Here, as I have long asserted, Nutanix is clearly the market leader with 25% of the market, well ahead of the nearest competitor at 15%.

This has been the result of extensive work from IDC to completely reevaluate a quickly evolving market. One that required rethinking the status quo to keep up with the pace of technology innovation and sales. We’re deeply grateful to IDC for realizing that there was a gaping hole in the market when it came to HCI software, and bringing this project to completion while giving Nutanix the credit that we long knew it was due.

What is Software-Defined Storage Controller Software?

According to IDC, the Software-Defined Storage Controller Software market is part of a new market share report by IDC focused on Software-Defined Infrastructure (SDI). From IDC:

“SDI refers to logically pooled resources of compute, memory, storage, and networking, which are managed by software with minimal human intervention. SDI systems are independent of the underlying hardware, as long as the hardware meets certain technical specifications. The underlying hardware in SDI systems are industry-standard, commercial off-the-shelf (COTS) products that have enterprise-grade certifications.”

IDC divides the SDI market in three areas: software-defined compute software, software-defined networking software, and software-defined storage controller software (SDSCS). The last one, SDSCS, includes and combines block, file, object, and hyperconverged software offerings that enable the creation of a storage system.

Here, IDC shares:

“SDS-CS is the core software that virtualizes and pools the storage resources across different servers that comprise the SDS. SDS-CS provides for data persistence, a set of data services (snapshots, replication, etc.), and a method of data organization (block, file, and/or object) along with one or more defined access methods (block, file, and/or object). Another way to describe an SDS system is that it has modular building blocks, uses industry-standard hardware platforms, and typically employs distributed, scale-out architecture.”

While this is a broader view than just HCI, HCI software represents the vast majority of the market included in this new view. This is also the cleanest view of the HCI software market. The only public one that allows the industry to compare the largest HCI software vendors without estimated hardware sales impacting, and in fact determining, market leadership calculations. Additionally, while IDC will continue to publish the Converted Tracker, they will no longer actively promote it within a formal press release, and shift their focus to this view instead. One that we believe is a more meaningful view into the HCI market as it continues to evolve.

For now, I want to thank IDC for all their work, and share a heartfelt congratulations to the Nutanix team, our customers and partners for all the hard work that led to this significant recognition!

Note: IDC 2H2020 Semiannual Software-Defined Infrastructure Tracker, June 2021. Market referenced is the calendar year 2020 software-defined controller software (SDS-CS) functional market. SDS-CS market includes all discrete file, block and object-based SDS-CS solutions as well as all hyperconverged SDS-CS solutions. Market is software only and excludes the value of hardware.