EMA Research Blog: Navigating IT and Security Horizons

In my last blog, I talked about “IT Cultural Transformation and the Elimination of Technology Silos.” That blog keyed on four key areas of advice, which also provide a useful foundation for the topic of “Governance and Optimization.” These key areas include: Standing in the middle of the storm –This means looking at the interdependencies [...]

There seems to be a direct correlation between how successful business professionals are and their level of impatience. While I am not familiar with any studies on this particular subject, it is simple logic that the most productive employees are those who most frequently demand rapid response to service requests. From my past experience managing and providing IT administrative support, I can attest that these individuals are usually the most irritating—constantly requesting access to new applications, data, and other business resources with expectations of an immediate response. Begrudgingly, I must acknowledge that these are the folks who are also most likely to close deals, beat deadlines, increase revenues, and win awards. In the modern world of highly competitive markets and increased organizational requirements, impatience may actually be a virtue.

In a perfect world, all business processes would be automated and all work tasks would be accomplished with the click of a button. This idyllic work experience seems to be the realization of Plato’s utopia…or, if you prefer, the world of the Jetsons. Regrettably, however, we clearly do not live in a perfect world. Put simply, while any repeatable process can be automated, not every process is repeatable, so automation is not a practical solution in all cases. This is particularly a problem for enterprises since business productivity is almost entirely dependent on the rapid and accurate performance of business processes.

Though cyber attacks have been around for years, in 2014 there was an explosion in the volume of attacks and a marked increase in the losses and damages they inflicted. In 2015, this does not seem to be lightening up.

IT operations managers are cringing all around the world – desperately trying to avoid those inevitable words from their executive management: “You need to support enterprise mobility.” Their concerns are understandable. After all, IT administrators are already overtaxed with supporting desktop, server, application, and infrastructure management requirements. Asking them to layer a whole new management discipline on top of that can be a daunting prospect. IT managers who find themselves in this predicament often recognize it as an opportunity to practice the fine art of procrastination. Particularly skilled procrastinators will employ one or more of the following excuses:

Cultural transformation and eliminating IT silos may sound like an impossible dream—and indeed, perhaps “eliminating” is too strong a word. But the reality is that IT organizations must change toward a more responsive, business-aligned culture, as well as toward a more service-aware (versus siloed) way of working. So how do you begin? A lot depends, [...]

Enterprise Management Associates (EMA) has recognized that big data implementers and consumers rely on a variety of platforms to meet their big data requirements. These platforms include new data management technologies such as Hadoop, MongoDB, and Cassandra, but the collection also includes traditional SQL-based data management technologies supporting data warehouses and data marts; operational support systems such as customer relationship management (CRM) and enterprise resource planning (ERP); and cloud-based platforms. EMA refers to this collection of platforms as the Hybrid Data Ecosystem (HDE):

Historically, many organizations and personnel have been concerned about user activity monitoring (UAM). Certain business cultures feel that these activities are an invasion of privacy or are distrustful. However, in today’s Internet connected, data driven world, having specific information or data means the difference in being a market leader and being out of business.

Docker Inc. acquired networking startup SocketPlane today, indicating that Docker wants to accelerate the development of networking APIs and software that will help network managers operationalize production Linux containers. Docker is a suite of open source software that helps developers and admins manage and scale their use of Linux containers. Containers offer the same resource [...]

A few weeks ago, I briefed with a new company called PFP Cybersecurity, also known as Power Fingerprinting, Inc., and was so intrigued by the concept alone that I wrote a Vendor to Watch about them. They officially launched on January 26, , and currently their claim to fame is their physics-based scanning technology which monitors the electromagnetic frequency (EMF) emanations of a microchip while operating. It then compares those readings to either a previous reading or to an established manufacturer’s baseline to determine the state of the chip. There are numerous uses for the technology from supply chain chip counterfeit detection, to operational failure prediction, and most unique of all, malware detection. The scanners are useful in many environments, but especially those that are change and failure/fault intolerant like space vehicles, nuclear and other critical infrastructure environments, and multiple military and natural resource acquisitions environments because they are touchless. There is nothing to install on the system using the microchip, so no change control requests or outage windows are needed. The other interesting thing about their technology is it is disruptive to the current scanner market, costing significantly less than competing products. Their platform is that each model of chip has a different EMF/power signature. These also vary by manufacturer because of variances in raw materials sourcing and manufacturing processes. It is well known that under use conditions, especially when heat dissipation is not well implemented, the chips degrade over time until failure. (That’s the point when the ‘magic smoke’ comes out and it stops working.) The cool part for me was the concept of malware detection. Aside from the physical properties of the chip, the software running on the chip will change the output pattern because of register changes and associated changes in code execution. This means that if a probe is scanning a chip and malware installs itself, the scanner can detect it at the time of installation and alert an operator that it has happened, potentially avoiding larger impact failures and data exfiltration. This technique reminds me of classic side channel attacks on CPUs that perform encryption to attempt a key extraction based on how the various chip leads changed over time. (The key difference being those attacks required contact with the open leads.) In a sense, this technology is highly disruptive, in a positive way, to both the current scanning system suppliers because of the lower cost, and to the infrastructure and supply chains because of not only the cost, but also because of the reported accuracy. It will significantly improve supply chain verification, system reliability, and security. I am looking forward to see how they progress in the marketplace over the next few years. About PFP Cybersecurity Headquartered in Washington, D.C., PFP Cybersecurity provides a unique, anomaly-based cyber security threat detection technology that can instantly identify software and hardware intrusion including active and dormant attacks. With its innovative technology, PFP shortens the compromise detection gap to milliseconds by monitoring changes in electromagnetic frequencies and power usage. This physics-based technology can be applied to detect advanced malware and sophisticated threats in critical cyber systems. It can also detect hardware Trojans and counterfeits in the supply chain. For more information, please visit: www.pfpcyber.com