SlideShare a Scribd company logo

Cybersecurity and the Role of Converged Infrastructure June 2016

David Rubal, CISSP
David Rubal, CISSP
1 of 3
Download to read offline
hese are interesting times when it comes to technology. Outside of security, both industry and government have come to realize that traditional infrastruc- tures can no longer cope with the data traffic, which rapidly continues to grow. Market analyst IDC believes worldwide that it could reach 180 zettabytes—or 180 billion terabytes— in 2025, up from just 4.4 zettabytes in 2013. How to cost-effectively upgrade and scale their IT infrastructures to handle this explosion of data is a pri- mary focus for government agencies. This in turn increases the attack vectors for cybersecurity threats. As agencies look to improve their infrastructure to handle larger volumes of data, they are also looking to better safeguard that data—and more importantly, which technology partnerships to engage. “Where that data resides, how it’s used, and what happens to it has become extremely important,” says David Rubal, Vice President of Oracle’s North America Public Sector Cloud and Infrastructure Solutions Engineering organiza- tion. “It’s important that the infrastructure can help support processing data in a secure fashion, and to be able to support a defense-in-depth cyber- security strategy.” The types of attacks and the people behind them, both external and internal, are not new to the govern- ment realm. They’ve been around for years. Traditionally, the security put in place to defend against those attacks focused on protecting the weakest links in those technology swim lanes. Current infrastructure and processes can be challenged to protect different varieties of data moving much faster throughout the entire technology stack. Several highly public breaches at a number of large government agencies have recently driven that lesson home. This includes the breach at the US Office of Personnel Management (OPM) made public in 2015. This breach compromised millions of government employ- ee records and helped focus the government’s attention on the intrin- sic value of all data. “It’s obvious that data protection is now one of the top priorities,” says Rubal. ARISE OF CONVERGENCE The next generation architectures will be defined by converged infrastructure, a tight integration of hardware and software end-to- end across the entire IT stack. This environment encompasses all infra- structure elements—compute, virtual machines, operating systems, data- base, applications, cloud, security, networking and storage. These have all traditionally been built component by component, using different pieces from different vendors. While the concept of a converged infrastructure strategy has a long history, dating back to the minicom- puter days of the 1980s, its devel- opment has been hampered by that “swim lane” approach. In govern- ment, this has sometimes resulted in different IT silos within agencies going their own way with systems The New Look of Cyberdefense: Converged Infrastructure Data protection and cybersecurity intersect within converged infrastructure. David Rubal, CISSP— Vice President, Public Sector North America Cloud and Infrastructure Oracle Corporation Sponsored Content CYBERSECURITY THE ROLE OF THE CONVERGED INFRASTRUCTURE
and software. Integrating these disparate technologies into a coherent agency-wide infrastructure has proven difficult, to say the least. While Oracle is renowned for its database solutions that are ubiquitous in government and industry, over the past few years, the company has been successfully extending that influence into the hardware space through its version of converged infrastructure. Oracle believes that its solution—comprised of co-engineered hardware and soft- ware with a single source of support—can help agencies address their cybersecurity operational needs. “Security doesn’t stop at the network,” says Rubal. “From our view, security needs to be considered everywhere data resides—from the network, storage and compute levels to the operating system, middleware and applications. This is consistent on-premises, or in a public or private cloud.” Oracle’s approach facilitates that extension, he says. The benefits to government agencies come from wrapping a cloud services approach around the company’s converged infrastructure. “In that type of infra- structure, Oracle offers important security features for data processing, compute, and data storage; support- ing the security of data at all levels.” Oracle operating as a hardware and infrastructure company may come as a surprise, but it’s no accident—the company has invested some $10 billion in R&D over the past five years, following its purchase of Sun Microsystems in 2010. The goal has been to build a converged infrastructure framework designed to help derive the maximum possible value from any organization’s use of Oracle’s database software. Oracle Cloud Infrastructure includes hardware-based “Silicon- Secured Memory,” which is intended to protect against such things as malware and other cyberthreats. It also provides onboard and accelerated encryption at the chip level. The available end-to-end securi- ty features that Oracle offers is what the company calls the “table stakes,” which everyone should now expect from a true converged infrastructure solution. And this is essential for any agency looking to protect its data. OPTIMIZED INFRASTRUCTURE The company argues “nothing runs Oracle software better than Oracle infrastructure.” Oracle can go into an Defense in Depth under NIST The intersection of converged infrastructure with cybersecurity fits well with the National Institute of Standards and Technology (NIST) Cybersecurity Framework, which the Obama Administration first proposed in 2013 as a way to reduce cyber risks on US critical infrastructure. That framework recommends a defense-in-depth strategy to protect data through five core security functions: identify, protect, detect, respond and recover. “We believe that this framework is the best approach for agencies to take to be able to provide data protection at all levels,” says Oracle’s David Rubal. “While it specifically addresses risk, we feel that Oracle’s focus on data protection at the infrastructure level supports the objectives of the framework.” When an agency implements the NIST framework throughout all stages of the data lifecycle and aligns that with a converged infrastructure, he says, it will be able to inspect and analyze data as it’s processing that data and check for unnecessary risk. The framework calls for a range of near real-time, interactive services from an agency’s IT infrastructure to implement its core functions. And the converged infrastructure is well-positioned to provide those services. Naturally, says Rubal, agencies could accomplish that with Oracle. They would waste no time in having to build the infrastructure themselves. Cybersecurity 66% Cloud Computing 65% Infrastructure / Data Center 64% Mobile / Communications 63% Big Data Mgmt. & Analytics 59% Public Safety 57% Virtualization 54% Health IT 38% $884,666 $877,541 $810,261 $607,598 $963,691 $746,161 $929,654 $1,646,008 Government IT Buying: Technology Solutions Plan to buy over the next 12 months (personal involvement) Planned spending (mean per respondent) 14-21. Which technology solutions or services will you personally be involved in purchasing over the next 12 months? (Please select all that apply.) (N=623) and 29. How much do you plan to spend on each of these IT solutions? (N=involved in purchasing solution for category) Government spending on cybersecurity continues to rank highly, indicating this is clearly a top priority. Sponsored Content CYBERSECURITY THE ROLE OF THE CONVERGED INFRASTRUCTURE
agency with its Cloud Infrastructure and upgrade its IT environment to make Oracle’s database and middle- ware run at optimized levels, which the agency won’t get on any other hard- ware platform, not to mention a signifi- cant decrease in deployment time. The services approach to converged infrastructure can be likened to how IT delivered services to users before the cloud, such as separate network services, connectivity and mobility services, storage services and the like. This was mostly a manual effort. The various services were configured and delivered directly from the organiza- tion’s datacenter. Converged infrastructure services are focused on what’s needed to effectively modernize an IT environment, such as compute capacity, storage, data processing and analytics. “You don’t rely on purpose- built aspects of an environment anymore,” says Rubal. “Now you have to build enterprise environments that are able to serve up a wide set of services and capabilities.” DEALING WITH DATA The data analytics component is increasingly important when dealing with cybersecurity. Oracle’s converged infrastructure approach provides the types of services needed to handle both structured and un- structured data. That is important for any Big Data examination of security events, along with stream- ing data, and other different types of data services needed for comprehen- sive and holistic cybersecurity. It’s more important now than ever before to catch something like a mal- ware event or security breach when the event actually happens. Oracle’s goals is to create an IT environment where event data is served up as close to real-time as possible. That’s something where converged infra- structure—which operates across the full width of that IT environment— has the advantage. “It’s where converged infra- structure provides a set of high performance, optimized capabilities that you can’t get elsewhere, and intersects with the cybersecurity operations,” says Rubal. “We see this as something that a converged infrastruc- ture solution can work together with cybersecurity operations in an agency to meet its security objectives.” Government agencies produce and collect massive amounts of data. Now the goal is to generate as much value and learn from that data as much as possible. Those data repositories represent significant value, which changes the requirements of databas- es themselves. Now they need to link into business intelligence and other analytical systems to help agencies solve problems more efficiently and enhance their mission outcomes. And all that data needs to be secured; otherwise they’ll continue to be at risk from cyberattacks reminiscent of the OPM breach. In that sense, cybersecurity and data protection represent another workload for converged infrastructure. However, given the increasing priority and requirements for data protection, they are also the most important. An Understanding of Infrastructure’s Impact on Cybersecurity How long will it take for government to effectively use converged infrastructure to help with their data security? The first part is an understanding of the importance of infrastructure overall to data security. “I don’t think agencies fully do,” says Oracle’s David Rubal. “At least not to the point where they understand the data management aspects of security, and how that relates to the kind of defense-in-depth that NIST advocates.” According to the recently released “The State of Cybersecurity from the Federal Cyber Executive Perspective” report by KPMG and the International Information Systems Security Certification Consortium, 59 percent of federal workers say their agencies struggle to understand how cyberattackers could potentially breach their systems, while 40 percent even revealed they were unaware where their key assets were located. Surprisingly, about 65 percent said the federal government as a whole can’t detect ongoing cyberattacks. Clearly, further education is required. “Deploying the NIST Cybersecurity Framework creates on a heavy dependency around data security within the IT infrastructure”, he says. That means there is also a much higher level of reliance on the services an infrastructure can provide to achieve cybersecurity operational objectives. That won’t necessarily be intuitive for most agency IT and security executives, he feels. “I don’t think they understand all of the dependencies involved,” he says. “A cyber event as it is happening is both a data-driven and an analytical services event.” There may be a lack of recognition on the need to keep building the infrastructure to attain better reach and visibility into what’s happening. The data-driven converged infrastructure will provide that information on a real-time basis. “Agencies may have a grasp that an approach like this is needed, but I don’t think they understand what the key components fully entail,” he says. For more information, please visit www.oracle.com Sponsored Content CYBERSECURITY THE ROLE OF THE CONVERGED INFRASTRUCTURE

Recommended

(ISC)² CyberSecureGov Presentation May 11 2017
(ISC)² CyberSecureGov Presentation May 11 2017(ISC)² CyberSecureGov Presentation May 11 2017
(ISC)² CyberSecureGov Presentation May 11 2017David Rubal, CISSP
 
Xanadu Based Big Data Deep Learning for Medical Data Analysis
Xanadu Based Big Data Deep Learning for Medical Data AnalysisXanadu Based Big Data Deep Learning for Medical Data Analysis
Xanadu Based Big Data Deep Learning for Medical Data AnalysisAlex G. Lee, Ph.D. Esq. CLP
 
Hakfest2015-Tunisia
Hakfest2015-TunisiaHakfest2015-Tunisia
Hakfest2015-Tunisiasoufiene chraigui
 
Inventory of my IoT slide sets
Inventory of my IoT slide setsInventory of my IoT slide sets
Inventory of my IoT slide setsBob Marcus
 
Sqrrl Enterprise: Integrate, Explore, Analyze
Sqrrl Enterprise: Integrate, Explore, AnalyzeSqrrl Enterprise: Integrate, Explore, Analyze
Sqrrl Enterprise: Integrate, Explore, AnalyzeSqrrl
 
Xanadu for Big Data + Deep Learning + Cloud + IoT Integration Strategy
Xanadu for Big Data + Deep Learning + Cloud + IoT Integration StrategyXanadu for Big Data + Deep Learning + Cloud + IoT Integration Strategy
Xanadu for Big Data + Deep Learning + Cloud + IoT Integration StrategyAlex G. Lee, Ph.D. Esq. CLP
 
Braveheart Cloud Storage 2014 Student Showcase
Braveheart Cloud Storage 2014 Student ShowcaseBraveheart Cloud Storage 2014 Student Showcase
Braveheart Cloud Storage 2014 Student ShowcaseTravis McAdams
 
#19sverificado : How Data Analytics helped put order in chaos in Mexico's ...
#19sverificado : How Data Analytics helped put order in chaos in Mexico's ...#19sverificado : How Data Analytics helped put order in chaos in Mexico's ...
#19sverificado : How Data Analytics helped put order in chaos in Mexico's ...Gustavo Rene Antunez
 

Recommended

(ISC)² CyberSecureGov Presentation May 11 2017
(ISC)² CyberSecureGov Presentation May 11 2017(ISC)² CyberSecureGov Presentation May 11 2017
(ISC)² CyberSecureGov Presentation May 11 2017David Rubal, CISSP
 
Xanadu Based Big Data Deep Learning for Medical Data Analysis
Xanadu Based Big Data Deep Learning for Medical Data AnalysisXanadu Based Big Data Deep Learning for Medical Data Analysis
Xanadu Based Big Data Deep Learning for Medical Data AnalysisAlex G. Lee, Ph.D. Esq. CLP
 
Hakfest2015-Tunisia
Hakfest2015-TunisiaHakfest2015-Tunisia
Hakfest2015-Tunisiasoufiene chraigui
 
Inventory of my IoT slide sets
Inventory of my IoT slide setsInventory of my IoT slide sets
Inventory of my IoT slide setsBob Marcus
 
Sqrrl Enterprise: Integrate, Explore, Analyze
Sqrrl Enterprise: Integrate, Explore, AnalyzeSqrrl Enterprise: Integrate, Explore, Analyze
Sqrrl Enterprise: Integrate, Explore, AnalyzeSqrrl
 
Xanadu for Big Data + Deep Learning + Cloud + IoT Integration Strategy
Xanadu for Big Data + Deep Learning + Cloud + IoT Integration StrategyXanadu for Big Data + Deep Learning + Cloud + IoT Integration Strategy
Xanadu for Big Data + Deep Learning + Cloud + IoT Integration StrategyAlex G. Lee, Ph.D. Esq. CLP
 
Braveheart Cloud Storage 2014 Student Showcase
Braveheart Cloud Storage 2014 Student ShowcaseBraveheart Cloud Storage 2014 Student Showcase
Braveheart Cloud Storage 2014 Student ShowcaseTravis McAdams
 
#19sverificado : How Data Analytics helped put order in chaos in Mexico's ...
#19sverificado : How Data Analytics helped put order in chaos in Mexico's ...#19sverificado : How Data Analytics helped put order in chaos in Mexico's ...
#19sverificado : How Data Analytics helped put order in chaos in Mexico's ...Gustavo Rene Antunez
 
Cloud Computing, SDN, Big Data and Internet of Everything - Lew Tucker
Cloud Computing, SDN, Big Data and Internet of Everything - Lew TuckerCloud Computing, SDN, Big Data and Internet of Everything - Lew Tucker
Cloud Computing, SDN, Big Data and Internet of Everything - Lew TuckerLew Tucker
 
Sqrrl Enterprise: Big Data Security Analytics Use Case
Sqrrl Enterprise: Big Data Security Analytics Use CaseSqrrl Enterprise: Big Data Security Analytics Use Case
Sqrrl Enterprise: Big Data Security Analytics Use CaseSqrrl
 
Fog computing
Fog computingFog computing
Fog computingAnkit_ap
 
Inventory of IoT slide sets
Inventory of IoT slide setsInventory of IoT slide sets
Inventory of IoT slide setsBob Marcus
 
IEEE 2014 JAVA DATA MINING PROJECTS Data mining with big data
IEEE 2014 JAVA DATA MINING PROJECTS Data mining with big dataIEEE 2014 JAVA DATA MINING PROJECTS Data mining with big data
IEEE 2014 JAVA DATA MINING PROJECTS Data mining with big dataIEEEFINALYEARSTUDENTPROJECTS
 
Why IoT needs Fog Computing ?
Why IoT needs Fog Computing ?Why IoT needs Fog Computing ?
Why IoT needs Fog Computing ?Ahmed Banafa
 
Edge intelligence slide share
Edge intelligence slide shareEdge intelligence slide share
Edge intelligence slide shareBit Stew Systems
 
Real callenges in big data security
Real callenges in big data securityReal callenges in big data security
Real callenges in big data securitybalasahebcomp
 
IoT Edge Intelligence - The need for new software development approaches
IoT Edge Intelligence - The need for new software development approachesIoT Edge Intelligence - The need for new software development approaches
IoT Edge Intelligence - The need for new software development approachesBart Jonkers
 
Gradiant - Technology Offer in Cloud Computing
Gradiant - Technology Offer in Cloud ComputingGradiant - Technology Offer in Cloud Computing
Gradiant - Technology Offer in Cloud ComputingMarcos Álvarez-Díaz
 
How To Drive Value with Security Data
How To Drive Value with Security DataHow To Drive Value with Security Data
How To Drive Value with Security DataRaffael Marty
 
Solving Industrial Data Integration with Machine Intelligence
Solving Industrial Data Integration with Machine IntelligenceSolving Industrial Data Integration with Machine Intelligence
Solving Industrial Data Integration with Machine IntelligenceBit Stew Systems
 
Xanadu for Big Data + IoT + Deep Learning + Cloud Integration Strategy (YouTu...
Xanadu for Big Data + IoT + Deep Learning + Cloud Integration Strategy (YouTu...Xanadu for Big Data + IoT + Deep Learning + Cloud Integration Strategy (YouTu...
Xanadu for Big Data + IoT + Deep Learning + Cloud Integration Strategy (YouTu...Alex G. Lee, Ph.D. Esq. CLP
 
Toward a global data infrastructure
Toward a global data infrastructureToward a global data infrastructure
Toward a global data infrastructureieeechennai
 
S metering
S meteringS metering
S meteringabbesunto
 
MDM-2013, Milan, Italy, 6 June, 2013
MDM-2013, Milan, Italy, 6 June, 2013MDM-2013, Milan, Italy, 6 June, 2013
MDM-2013, Milan, Italy, 6 June, 2013Charith Perera
 
Big Data Day LA 2016/ NoSQL track - Privacy vs. Security in a Big Data World,...
Big Data Day LA 2016/ NoSQL track - Privacy vs. Security in a Big Data World,...Big Data Day LA 2016/ NoSQL track - Privacy vs. Security in a Big Data World,...
Big Data Day LA 2016/ NoSQL track - Privacy vs. Security in a Big Data World,...Data Con LA
 
Introduction to cloud security
Introduction to cloud securityIntroduction to cloud security
Introduction to cloud securityIAEME Publication
 
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...ijccsa
 
Assessing the Business Value of SDN Datacenter Security Solutions
Assessing the Business Value of SDN Datacenter Security SolutionsAssessing the Business Value of SDN Datacenter Security Solutions
Assessing the Business Value of SDN Datacenter Security Solutionsxband
 
Cloud Security POV_Final (by KM)
Cloud Security POV_Final (by KM)Cloud Security POV_Final (by KM)
Cloud Security POV_Final (by KM)Khiro Mishra
 
The data center impact of cloud, analytics, mobile, social and security rlw03...
The data center impact of cloud, analytics, mobile, social and security rlw03...The data center impact of cloud, analytics, mobile, social and security rlw03...
The data center impact of cloud, analytics, mobile, social and security rlw03...Diego Alberto Tamayo
 

More Related Content

What's hot

Cloud Computing, SDN, Big Data and Internet of Everything - Lew Tucker
Cloud Computing, SDN, Big Data and Internet of Everything - Lew TuckerCloud Computing, SDN, Big Data and Internet of Everything - Lew Tucker
Cloud Computing, SDN, Big Data and Internet of Everything - Lew TuckerLew Tucker
 
Sqrrl Enterprise: Big Data Security Analytics Use Case
Sqrrl Enterprise: Big Data Security Analytics Use CaseSqrrl Enterprise: Big Data Security Analytics Use Case
Sqrrl Enterprise: Big Data Security Analytics Use CaseSqrrl
 
Fog computing
Fog computingFog computing
Fog computingAnkit_ap
 
Inventory of IoT slide sets
Inventory of IoT slide setsInventory of IoT slide sets
Inventory of IoT slide setsBob Marcus
 
IEEE 2014 JAVA DATA MINING PROJECTS Data mining with big data
IEEE 2014 JAVA DATA MINING PROJECTS Data mining with big dataIEEE 2014 JAVA DATA MINING PROJECTS Data mining with big data
IEEE 2014 JAVA DATA MINING PROJECTS Data mining with big dataIEEEFINALYEARSTUDENTPROJECTS
 
Why IoT needs Fog Computing ?
Why IoT needs Fog Computing ?Why IoT needs Fog Computing ?
Why IoT needs Fog Computing ?Ahmed Banafa
 
Edge intelligence slide share
Edge intelligence slide shareEdge intelligence slide share
Edge intelligence slide shareBit Stew Systems
 
Real callenges in big data security
Real callenges in big data securityReal callenges in big data security
Real callenges in big data securitybalasahebcomp
 
IoT Edge Intelligence - The need for new software development approaches
IoT Edge Intelligence - The need for new software development approachesIoT Edge Intelligence - The need for new software development approaches
IoT Edge Intelligence - The need for new software development approachesBart Jonkers
 
Gradiant - Technology Offer in Cloud Computing
Gradiant - Technology Offer in Cloud ComputingGradiant - Technology Offer in Cloud Computing
Gradiant - Technology Offer in Cloud ComputingMarcos Álvarez-Díaz
 
How To Drive Value with Security Data
How To Drive Value with Security DataHow To Drive Value with Security Data
How To Drive Value with Security DataRaffael Marty
 
Solving Industrial Data Integration with Machine Intelligence
Solving Industrial Data Integration with Machine IntelligenceSolving Industrial Data Integration with Machine Intelligence
Solving Industrial Data Integration with Machine IntelligenceBit Stew Systems
 
Xanadu for Big Data + IoT + Deep Learning + Cloud Integration Strategy (YouTu...
Xanadu for Big Data + IoT + Deep Learning + Cloud Integration Strategy (YouTu...Xanadu for Big Data + IoT + Deep Learning + Cloud Integration Strategy (YouTu...
Xanadu for Big Data + IoT + Deep Learning + Cloud Integration Strategy (YouTu...Alex G. Lee, Ph.D. Esq. CLP
 
Toward a global data infrastructure
Toward a global data infrastructureToward a global data infrastructure
Toward a global data infrastructureieeechennai
 
MDM-2013, Milan, Italy, 6 June, 2013
MDM-2013, Milan, Italy, 6 June, 2013MDM-2013, Milan, Italy, 6 June, 2013
MDM-2013, Milan, Italy, 6 June, 2013Charith Perera
 
Big Data Day LA 2016/ NoSQL track - Privacy vs. Security in a Big Data World,...
Big Data Day LA 2016/ NoSQL track - Privacy vs. Security in a Big Data World,...Big Data Day LA 2016/ NoSQL track - Privacy vs. Security in a Big Data World,...
Big Data Day LA 2016/ NoSQL track - Privacy vs. Security in a Big Data World,...Data Con LA
 

What's hot (17)

Cloud Computing, SDN, Big Data and Internet of Everything - Lew Tucker
Cloud Computing, SDN, Big Data and Internet of Everything - Lew TuckerCloud Computing, SDN, Big Data and Internet of Everything - Lew Tucker
Cloud Computing, SDN, Big Data and Internet of Everything - Lew Tucker
 
Sqrrl Enterprise: Big Data Security Analytics Use Case
Sqrrl Enterprise: Big Data Security Analytics Use CaseSqrrl Enterprise: Big Data Security Analytics Use Case
Sqrrl Enterprise: Big Data Security Analytics Use Case
 
Fog computing
Fog computingFog computing
Fog computing
 
Inventory of IoT slide sets
Inventory of IoT slide setsInventory of IoT slide sets
Inventory of IoT slide sets
 
IEEE 2014 JAVA DATA MINING PROJECTS Data mining with big data
IEEE 2014 JAVA DATA MINING PROJECTS Data mining with big dataIEEE 2014 JAVA DATA MINING PROJECTS Data mining with big data
IEEE 2014 JAVA DATA MINING PROJECTS Data mining with big data
 
Why IoT needs Fog Computing ?
Why IoT needs Fog Computing ?Why IoT needs Fog Computing ?
Why IoT needs Fog Computing ?
 
Edge intelligence slide share
Edge intelligence slide shareEdge intelligence slide share
Edge intelligence slide share
 
Real callenges in big data security
Real callenges in big data securityReal callenges in big data security
Real callenges in big data security
 
IoT Edge Intelligence - The need for new software development approaches
IoT Edge Intelligence - The need for new software development approachesIoT Edge Intelligence - The need for new software development approaches
IoT Edge Intelligence - The need for new software development approaches
 
Gradiant - Technology Offer in Cloud Computing
Gradiant - Technology Offer in Cloud ComputingGradiant - Technology Offer in Cloud Computing
Gradiant - Technology Offer in Cloud Computing
 
How To Drive Value with Security Data
How To Drive Value with Security DataHow To Drive Value with Security Data
How To Drive Value with Security Data
 
Solving Industrial Data Integration with Machine Intelligence
Solving Industrial Data Integration with Machine IntelligenceSolving Industrial Data Integration with Machine Intelligence
Solving Industrial Data Integration with Machine Intelligence
 
Xanadu for Big Data + IoT + Deep Learning + Cloud Integration Strategy (YouTu...
Xanadu for Big Data + IoT + Deep Learning + Cloud Integration Strategy (YouTu...Xanadu for Big Data + IoT + Deep Learning + Cloud Integration Strategy (YouTu...
Xanadu for Big Data + IoT + Deep Learning + Cloud Integration Strategy (YouTu...
 
Toward a global data infrastructure
Toward a global data infrastructureToward a global data infrastructure
Toward a global data infrastructure
 
S metering
S meteringS metering
S metering
 
MDM-2013, Milan, Italy, 6 June, 2013
MDM-2013, Milan, Italy, 6 June, 2013MDM-2013, Milan, Italy, 6 June, 2013
MDM-2013, Milan, Italy, 6 June, 2013
 
Big Data Day LA 2016/ NoSQL track - Privacy vs. Security in a Big Data World,...
Big Data Day LA 2016/ NoSQL track - Privacy vs. Security in a Big Data World,...Big Data Day LA 2016/ NoSQL track - Privacy vs. Security in a Big Data World,...
Big Data Day LA 2016/ NoSQL track - Privacy vs. Security in a Big Data World,...
 

Similar to Cybersecurity and the Role of Converged Infrastructure June 2016

Introduction to cloud security
Introduction to cloud securityIntroduction to cloud security
Introduction to cloud securityIAEME Publication
 
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...ijccsa
 
Assessing the Business Value of SDN Datacenter Security Solutions
Assessing the Business Value of SDN Datacenter Security SolutionsAssessing the Business Value of SDN Datacenter Security Solutions
Assessing the Business Value of SDN Datacenter Security Solutionsxband
 
Cloud Security POV_Final (by KM)
Cloud Security POV_Final (by KM)Cloud Security POV_Final (by KM)
Cloud Security POV_Final (by KM)Khiro Mishra
 
The data center impact of cloud, analytics, mobile, social and security rlw03...
The data center impact of cloud, analytics, mobile, social and security rlw03...The data center impact of cloud, analytics, mobile, social and security rlw03...
The data center impact of cloud, analytics, mobile, social and security rlw03...Diego Alberto Tamayo
 
Security aspects-of-mobile-cloud-computing
Security aspects-of-mobile-cloud-computingSecurity aspects-of-mobile-cloud-computing
Security aspects-of-mobile-cloud-computingSHREYASSRINATH94
 
Cisco 2013 Annual Security Report
Cisco 2013 Annual Security ReportCisco 2013 Annual Security Report
Cisco 2013 Annual Security ReportKim Jensen
 
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 
Cloud Expo 2010 Cloud Computing in DoD
Cloud Expo 2010 Cloud Computing in DoDCloud Expo 2010 Cloud Computing in DoD
Cloud Expo 2010 Cloud Computing in DoDGovCloud Network
 
IoT and the implications on business IT architecture and security
IoT and the implications on business IT architecture and securityIoT and the implications on business IT architecture and security
IoT and the implications on business IT architecture and securityDeniseFerniza
 
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGBIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGIJNSA Journal
 
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGBIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGIJNSA Journal
 
PulseSecure_Report_HybridIT_120715
PulseSecure_Report_HybridIT_120715PulseSecure_Report_HybridIT_120715
PulseSecure_Report_HybridIT_120715Jim Romeo
 
PulseSecure_Report_HybridIT_120715
PulseSecure_Report_HybridIT_120715PulseSecure_Report_HybridIT_120715
PulseSecure_Report_HybridIT_120715Jim Romeo
 
Why Integrating Network Technology & Security Makes Sense Now
Why Integrating Network Technology & Security Makes Sense NowWhy Integrating Network Technology & Security Makes Sense Now
Why Integrating Network Technology & Security Makes Sense NowAbaram Network Solutions
 
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah SheikhISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah SheikhShah Sheikh
 
Challenges and Proposed Solutions for Cloud Forensic
Challenges and Proposed Solutions for Cloud ForensicChallenges and Proposed Solutions for Cloud Forensic
Challenges and Proposed Solutions for Cloud ForensicIJERA Editor
 
What Is Openstack And Its Importance
What Is Openstack And Its ImportanceWhat Is Openstack And Its Importance
What Is Openstack And Its ImportanceLorie Harris
 
Deep Learning and Big Data technologies for IoT Security
Deep Learning and Big Data technologies for IoT SecurityDeep Learning and Big Data technologies for IoT Security
Deep Learning and Big Data technologies for IoT SecurityIRJET Journal
 

Similar to Cybersecurity and the Role of Converged Infrastructure June 2016 (20)

Introduction to cloud security
Introduction to cloud securityIntroduction to cloud security
Introduction to cloud security
 
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...
 
Assessing the Business Value of SDN Datacenter Security Solutions
Assessing the Business Value of SDN Datacenter Security SolutionsAssessing the Business Value of SDN Datacenter Security Solutions
Assessing the Business Value of SDN Datacenter Security Solutions
 
Cloud Security POV_Final (by KM)
Cloud Security POV_Final (by KM)Cloud Security POV_Final (by KM)
Cloud Security POV_Final (by KM)
 
The data center impact of cloud, analytics, mobile, social and security rlw03...
The data center impact of cloud, analytics, mobile, social and security rlw03...The data center impact of cloud, analytics, mobile, social and security rlw03...
The data center impact of cloud, analytics, mobile, social and security rlw03...
 
Security aspects-of-mobile-cloud-computing
Security aspects-of-mobile-cloud-computingSecurity aspects-of-mobile-cloud-computing
Security aspects-of-mobile-cloud-computing
 
Cisco 2013 Annual Security Report
Cisco 2013 Annual Security ReportCisco 2013 Annual Security Report
Cisco 2013 Annual Security Report
 
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
 
Cloud Expo 2010 Cloud Computing in DoD
Cloud Expo 2010 Cloud Computing in DoDCloud Expo 2010 Cloud Computing in DoD
Cloud Expo 2010 Cloud Computing in DoD
 
Redington Value Journal - June 2018
Redington Value Journal - June 2018Redington Value Journal - June 2018
Redington Value Journal - June 2018
 
IoT and the implications on business IT architecture and security
IoT and the implications on business IT architecture and securityIoT and the implications on business IT architecture and security
IoT and the implications on business IT architecture and security
 
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGBIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
 
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGBIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
 
PulseSecure_Report_HybridIT_120715
PulseSecure_Report_HybridIT_120715PulseSecure_Report_HybridIT_120715
PulseSecure_Report_HybridIT_120715
 
PulseSecure_Report_HybridIT_120715
PulseSecure_Report_HybridIT_120715PulseSecure_Report_HybridIT_120715
PulseSecure_Report_HybridIT_120715
 
Why Integrating Network Technology & Security Makes Sense Now
Why Integrating Network Technology & Security Makes Sense NowWhy Integrating Network Technology & Security Makes Sense Now
Why Integrating Network Technology & Security Makes Sense Now
 
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah SheikhISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
 
Challenges and Proposed Solutions for Cloud Forensic
Challenges and Proposed Solutions for Cloud ForensicChallenges and Proposed Solutions for Cloud Forensic
Challenges and Proposed Solutions for Cloud Forensic
 
What Is Openstack And Its Importance
What Is Openstack And Its ImportanceWhat Is Openstack And Its Importance
What Is Openstack And Its Importance
 
Deep Learning and Big Data technologies for IoT Security
Deep Learning and Big Data technologies for IoT SecurityDeep Learning and Big Data technologies for IoT Security
Deep Learning and Big Data technologies for IoT Security
 

Cybersecurity and the Role of Converged Infrastructure June 2016

  • 1. hese are interesting times when it comes to technology. Outside of security, both industry and government have come to realize that traditional infrastruc- tures can no longer cope with the data traffic, which rapidly continues to grow. Market analyst IDC believes worldwide that it could reach 180 zettabytes—or 180 billion terabytes— in 2025, up from just 4.4 zettabytes in 2013. How to cost-effectively upgrade and scale their IT infrastructures to handle this explosion of data is a pri- mary focus for government agencies. This in turn increases the attack vectors for cybersecurity threats. As agencies look to improve their infrastructure to handle larger volumes of data, they are also looking to better safeguard that data—and more importantly, which technology partnerships to engage. “Where that data resides, how it’s used, and what happens to it has become extremely important,” says David Rubal, Vice President of Oracle’s North America Public Sector Cloud and Infrastructure Solutions Engineering organiza- tion. “It’s important that the infrastructure can help support processing data in a secure fashion, and to be able to support a defense-in-depth cyber- security strategy.” The types of attacks and the people behind them, both external and internal, are not new to the govern- ment realm. They’ve been around for years. Traditionally, the security put in place to defend against those attacks focused on protecting the weakest links in those technology swim lanes. Current infrastructure and processes can be challenged to protect different varieties of data moving much faster throughout the entire technology stack. Several highly public breaches at a number of large government agencies have recently driven that lesson home. This includes the breach at the US Office of Personnel Management (OPM) made public in 2015. This breach compromised millions of government employ- ee records and helped focus the government’s attention on the intrin- sic value of all data. “It’s obvious that data protection is now one of the top priorities,” says Rubal. ARISE OF CONVERGENCE The next generation architectures will be defined by converged infrastructure, a tight integration of hardware and software end-to- end across the entire IT stack. This environment encompasses all infra- structure elements—compute, virtual machines, operating systems, data- base, applications, cloud, security, networking and storage. These have all traditionally been built component by component, using different pieces from different vendors. While the concept of a converged infrastructure strategy has a long history, dating back to the minicom- puter days of the 1980s, its devel- opment has been hampered by that “swim lane” approach. In govern- ment, this has sometimes resulted in different IT silos within agencies going their own way with systems The New Look of Cyberdefense: Converged Infrastructure Data protection and cybersecurity intersect within converged infrastructure. David Rubal, CISSP— Vice President, Public Sector North America Cloud and Infrastructure Oracle Corporation Sponsored Content CYBERSECURITY THE ROLE OF THE CONVERGED INFRASTRUCTURE
  • 2. and software. Integrating these disparate technologies into a coherent agency-wide infrastructure has proven difficult, to say the least. While Oracle is renowned for its database solutions that are ubiquitous in government and industry, over the past few years, the company has been successfully extending that influence into the hardware space through its version of converged infrastructure. Oracle believes that its solution—comprised of co-engineered hardware and soft- ware with a single source of support—can help agencies address their cybersecurity operational needs. “Security doesn’t stop at the network,” says Rubal. “From our view, security needs to be considered everywhere data resides—from the network, storage and compute levels to the operating system, middleware and applications. This is consistent on-premises, or in a public or private cloud.” Oracle’s approach facilitates that extension, he says. The benefits to government agencies come from wrapping a cloud services approach around the company’s converged infrastructure. “In that type of infra- structure, Oracle offers important security features for data processing, compute, and data storage; support- ing the security of data at all levels.” Oracle operating as a hardware and infrastructure company may come as a surprise, but it’s no accident—the company has invested some $10 billion in R&D over the past five years, following its purchase of Sun Microsystems in 2010. The goal has been to build a converged infrastructure framework designed to help derive the maximum possible value from any organization’s use of Oracle’s database software. Oracle Cloud Infrastructure includes hardware-based “Silicon- Secured Memory,” which is intended to protect against such things as malware and other cyberthreats. It also provides onboard and accelerated encryption at the chip level. The available end-to-end securi- ty features that Oracle offers is what the company calls the “table stakes,” which everyone should now expect from a true converged infrastructure solution. And this is essential for any agency looking to protect its data. OPTIMIZED INFRASTRUCTURE The company argues “nothing runs Oracle software better than Oracle infrastructure.” Oracle can go into an Defense in Depth under NIST The intersection of converged infrastructure with cybersecurity fits well with the National Institute of Standards and Technology (NIST) Cybersecurity Framework, which the Obama Administration first proposed in 2013 as a way to reduce cyber risks on US critical infrastructure. That framework recommends a defense-in-depth strategy to protect data through five core security functions: identify, protect, detect, respond and recover. “We believe that this framework is the best approach for agencies to take to be able to provide data protection at all levels,” says Oracle’s David Rubal. “While it specifically addresses risk, we feel that Oracle’s focus on data protection at the infrastructure level supports the objectives of the framework.” When an agency implements the NIST framework throughout all stages of the data lifecycle and aligns that with a converged infrastructure, he says, it will be able to inspect and analyze data as it’s processing that data and check for unnecessary risk. The framework calls for a range of near real-time, interactive services from an agency’s IT infrastructure to implement its core functions. And the converged infrastructure is well-positioned to provide those services. Naturally, says Rubal, agencies could accomplish that with Oracle. They would waste no time in having to build the infrastructure themselves. Cybersecurity 66% Cloud Computing 65% Infrastructure / Data Center 64% Mobile / Communications 63% Big Data Mgmt. & Analytics 59% Public Safety 57% Virtualization 54% Health IT 38% $884,666 $877,541 $810,261 $607,598 $963,691 $746,161 $929,654 $1,646,008 Government IT Buying: Technology Solutions Plan to buy over the next 12 months (personal involvement) Planned spending (mean per respondent) 14-21. Which technology solutions or services will you personally be involved in purchasing over the next 12 months? (Please select all that apply.) (N=623) and 29. How much do you plan to spend on each of these IT solutions? (N=involved in purchasing solution for category) Government spending on cybersecurity continues to rank highly, indicating this is clearly a top priority. Sponsored Content CYBERSECURITY THE ROLE OF THE CONVERGED INFRASTRUCTURE
  • 3. agency with its Cloud Infrastructure and upgrade its IT environment to make Oracle’s database and middle- ware run at optimized levels, which the agency won’t get on any other hard- ware platform, not to mention a signifi- cant decrease in deployment time. The services approach to converged infrastructure can be likened to how IT delivered services to users before the cloud, such as separate network services, connectivity and mobility services, storage services and the like. This was mostly a manual effort. The various services were configured and delivered directly from the organiza- tion’s datacenter. Converged infrastructure services are focused on what’s needed to effectively modernize an IT environment, such as compute capacity, storage, data processing and analytics. “You don’t rely on purpose- built aspects of an environment anymore,” says Rubal. “Now you have to build enterprise environments that are able to serve up a wide set of services and capabilities.” DEALING WITH DATA The data analytics component is increasingly important when dealing with cybersecurity. Oracle’s converged infrastructure approach provides the types of services needed to handle both structured and un- structured data. That is important for any Big Data examination of security events, along with stream- ing data, and other different types of data services needed for comprehen- sive and holistic cybersecurity. It’s more important now than ever before to catch something like a mal- ware event or security breach when the event actually happens. Oracle’s goals is to create an IT environment where event data is served up as close to real-time as possible. That’s something where converged infra- structure—which operates across the full width of that IT environment— has the advantage. “It’s where converged infra- structure provides a set of high performance, optimized capabilities that you can’t get elsewhere, and intersects with the cybersecurity operations,” says Rubal. “We see this as something that a converged infrastruc- ture solution can work together with cybersecurity operations in an agency to meet its security objectives.” Government agencies produce and collect massive amounts of data. Now the goal is to generate as much value and learn from that data as much as possible. Those data repositories represent significant value, which changes the requirements of databas- es themselves. Now they need to link into business intelligence and other analytical systems to help agencies solve problems more efficiently and enhance their mission outcomes. And all that data needs to be secured; otherwise they’ll continue to be at risk from cyberattacks reminiscent of the OPM breach. In that sense, cybersecurity and data protection represent another workload for converged infrastructure. However, given the increasing priority and requirements for data protection, they are also the most important. An Understanding of Infrastructure’s Impact on Cybersecurity How long will it take for government to effectively use converged infrastructure to help with their data security? The first part is an understanding of the importance of infrastructure overall to data security. “I don’t think agencies fully do,” says Oracle’s David Rubal. “At least not to the point where they understand the data management aspects of security, and how that relates to the kind of defense-in-depth that NIST advocates.” According to the recently released “The State of Cybersecurity from the Federal Cyber Executive Perspective” report by KPMG and the International Information Systems Security Certification Consortium, 59 percent of federal workers say their agencies struggle to understand how cyberattackers could potentially breach their systems, while 40 percent even revealed they were unaware where their key assets were located. Surprisingly, about 65 percent said the federal government as a whole can’t detect ongoing cyberattacks. Clearly, further education is required. “Deploying the NIST Cybersecurity Framework creates on a heavy dependency around data security within the IT infrastructure”, he says. That means there is also a much higher level of reliance on the services an infrastructure can provide to achieve cybersecurity operational objectives. That won’t necessarily be intuitive for most agency IT and security executives, he feels. “I don’t think they understand all of the dependencies involved,” he says. “A cyber event as it is happening is both a data-driven and an analytical services event.” There may be a lack of recognition on the need to keep building the infrastructure to attain better reach and visibility into what’s happening. The data-driven converged infrastructure will provide that information on a real-time basis. “Agencies may have a grasp that an approach like this is needed, but I don’t think they understand what the key components fully entail,” he says. For more information, please visit www.oracle.com Sponsored Content CYBERSECURITY THE ROLE OF THE CONVERGED INFRASTRUCTURE