In The Boardroom Press Room About Us Research Reports Contact Us

HP Banner


 

In The Boardroom With...

security stock solutions 

Mr. Ken Mills

General Manager

Dell EMC 

Surveillance and Security

SecuritySolutionsWatch.com:  Thank you for joining us again today Ken at this momentous time in the history of Dell EMC. Before drilling down a bit into all that’s new…CONGRATULATIONS on your appointment as General Manager, Surveillance and Security!  One will read at Dell EMC, “To address the changing surveillance data needs of organizations all over the world, Dell EMC is introducing a robust portfolio of surveillance solutions built on a data lake architecture.“  Please give us an overview of the Dell EMC Surveillance Solutions Portfolio.

Ken Mills: Dell EMC is focused on delivering the best in class solutions for the surveillance market in Networking, Compute, Storage, Virtualization, Security, Client and Cloud. We are also focused on building joint solutions with our OEM customers/partners to bring even more value to our end users.

Our customers are truly the future-makers, and we are enabling them to innovate faster, build stronger and scale smarter. Stay tuned for a number of announcements for the surveillance market from Dell EMC and our customers.

SecuritySolutionsWatch.com: Are there product announcements on the horizon from Dell EMC too?

Ken Mills: It is an exciting time to be at Dell EMC right now. Dell Technologies is now #1 In Everything, All in 1 Place and we are bringing this world-class portfolio to the surveillance market.  Never before, have our customers and partners been able to modernize their surveillance infrastructure with an end-to-end portfolio like we have a Dell EMC. We are leveraging the same industry-recognized surveillance lab to expand our validated solutions to include the entire Dell EMC portfolio This is a huge step forward for the industry where for the first time, our customers and partners can purchase with confidence all of their surveillance infrastructure needs from one place - Dell EMC.   More


HP Banner


 

security stock solutionsIn The Boardroom With...

Mr. Steve Visconti
President & CEO

Extenua

 

Steve Visconti, President and CEO, said, “Last week there was a global ransomware cyberattack as never been seen before. This single attack affected more than 200,000 computers and wreaked havoc on financial institutions, healthcare organizations and transportation to name just a few.  To put the problem in perspective in 2015 the industry saw nearly 3.8 million ransomware attacks which 2016 saw approximately 638 million attacks.  2017 is expected to see a triple digit rise over last year.  Additionally, ransomware continues to morph.  It is estimated there are over 32,000 variants currently.  This is costing businesses billions of dollars and will likely cost lives if the industry does not take active steps to minimize its impact.  This is a very serious problem which is why we developed a solution  to protect your data in a way which is impervious to current iterations of ransomware.”

Extenua has just released a most timely white paper…

This free white paper discusses the challenges of keeping ransomware (Cryptolocker, WannaCry, and the like) out of the corporate data storage, whether it is local, in the cloud or hybrid.

CLOUD2DRIVE-PROTECTED ONLINE STORAGE IS IMPERVIOUS TO RANSOMWARE

BY USING SILVERSHIELD 

“Ransomware is a type of malware that restricts access to the infected computer system, and demands that the user pay a ransom to the malware operators to remove the restriction. Probably the most famous ransomware, even though not the only one, is Cryptolocker, and it’s certainly something you don’t want to deal with. Regardless of the strenuous efforts put in place by Antivirus developers, the rate of infection is astonishing, and these days it’s becoming even worse with an unprecedented outbreak of infection. To make things even worse, ransomware can also access all the shared folders on your NAS/SAN, so if you backup to a network drive your backups will be compromised too. The ransomware goals include, in fact, preventing you from being able to restore your old (healthy) data from a backup.”

“Even in case your systems are infected by a ransomware,
you will simply be able to format your computer,
reinstall your operating system,
and restore all your data from an always-healthy backup.”

Download the complete White Paper (in PDF format)

More


security stock solutionsMr. John Mears
Senior Fellow
Information Technology & Security Solutions
Lockheed Martin IS&GS Civil


SecuritySolutionsWatch.com: Thank you for joining us today, John, it’s an honor to speak with a Senior Fellow at Lockheed Martin. 
Before discussing IDHaystack™ in greater detail, please tell us about your background and may we have an overview of the Lockheed Martin Fellows program?

John Mears:  Thank you for the opportunity to address SecuritySolutionsWatch.com today. I’ve enjoyed working at Lockheed Martin for almost 12 years now. I’m a Gator from the University of Florida where I graduated with bachelor’s and master’s degrees in electrical engineering. I began my career at IBM’s Federal Systems Division, one of the predecessor companies for my Lockheed Martin division. While at IBM, I had the privilege of working on projects like the Ground Control Segment of the Global Positioning System, or GPS, where I was a lead tracking station engineer. Here at Lockheed Martin, I’ve worked in strategy, business development, technology planning and independent research and development. I served as director of Biometrics and Identity Management prior to my Senior Fellow appointment three years ago. 

Being inducted into the Lockheed Martin Fellows program is an honor, and is one way our company recognizes, retains and encourages top technical leadership. Appointments are for multi-year periods, and are renewable, but not guaranteed. Up to 10 senior level internal and external recommendation letters are required, and a rigorous set of selection criteria are applied against a comprehensive application document. Two levels exist, Fellows and Senior Fellows, and we all have very diverse sets of expertise. My expertise is biometrics, identity management and forensics. 

SecuritySolutionsWatch.com: Lockheed Martin’s brand recognition is certainly second to none. Some of our readers, however, may not be familiar with Lockheed Martin’s incredible track record and experience in the biometrics space going all the way back to NGI (Next Generation Identification) and IAFIS (the Integrated Automated Fingerprint Identification System).  Please tell us more about Lockheed Martin’s expertise in this market.

John Mears:  That’s right, we’ve been in biometrics, identity management and forensics for about 20 years now. Whether it is large-scale systems integration, design and development of advanced products or technical evaluations, we have played an active role in programs that are critical to the safety of citizens, the facilitation of commerce and the security of nations. I think you can best categorize our work during this time along two dimensions – assured delivery of major identification programs, and innovative research and development in biometrics and forensics. 

In terms of programs, as you mentioned, in the late 1990s we developed and delivered the original IAFIS system to the FBI. It went live in 1999, and performed well and in excess of its original design parameters for 15 years – until September of 2014, in fact – when it was decommissioned because NGI achieved full operational capability and took over. We’re very proud of what we’ve achieved in partnership with the FBI. In fact, NGI was the largest IT development program in the history of the U.S. Department of Justice. It goes well beyond IAFIS capabilities to include enhanced fingerprint accuracy; latents and palm prints; mug shots and photographs; searchable textual descriptions of scars, marks and tattoos; and an iris pilot. It includes process enhancements too, with mobile searches against the Repository of Individuals of Special Concern, or RISC, in less than 10 seconds, and updates to criminal records after initial enrollment through the Rap Back Service. I also think it is also important to note that we delivered the NGI capability on-time, on-budget and on-function – a very significant accomplishment in the world of national-scale biometric systems.   

In terms of research and development, we did some of the early work on mobile fingerprint capture and matching. We’ve done leading-edge work on multi-modal biometric fusion algorithms for fingerprints, faces and irises.  We adapted LADAR systems for very accurate and eye-safe stand-off 3D face capture and recognition. We were pioneers in rapid DNA identification technology, creating intellectual property at the cutting-edge of this emerging technology. We’ve done innovative work on an electronic nose using DNA-based receptors and nano-manufacturing techniques. We’ve done research on using next-generation genomic analysis techniques to advance the future of DNA-based identification for biometric purposes. We have also developed an imaging system to visualize latent prints on multiple surface types in real time and without altering or touching the prints. It has been very exciting and satisfying for me to be associated with these innovative projects and the very talented people working them across the corporation. 

For a couple of years now, we’ve been advancing the highly desirable capability to offer identification as a service, something we generically call ID as a Service, or IDaaS. Our IDaaS offering is branded IDHaystack™.  This is an homage to retired General Keith Alexander, who famously said, “If you are looking for a needle in a haystack, the first thing you need is a haystack!”  More…



security stock solutionsNavy Rear Adm. (Ret.) Elizabeth A. Hight
Vice President Cybersecurity Solutions Group
HP Enterprise Services, U.S. Public Sector
Cybersecurity for U.S. Public Sector


SecuritySolutionsWatch.com: Given that "It only takes one". A single email with an embedded virus or worm; one lone instance of unauthorized network access; a solitary line of unsecure code buried deep within an application; an individual loss of a laptop or mobile device with unencrypted data….is all it takes to launch a damaging cybersecurity attack. Any of these scenarios, and many more, can wreak havoc for public sector organizations. What is HP's approach in working with clients to determine the security strategy the enterprise should adopt?

Elizabeth A. Hight: The first order of business for any organization is to identify two things: first, what it needs to protect, and second, how much risk it is willing to accept. The organization must determine what their critical assets are, whether it is reputation, business strategies, information, intellectual property, national secrets, financials, private citizen data, mission specifics, best practices, etc. Only the business owners of the organization can answer that question - not a consultant and not the IT department. This is often hard thinking and discovery work, but once done, it is illuminating to the enterprise and sets the foundation for their security strategy. Once "the what" is defined, the organization can then turn to the risk element. 

Risk can be defined as the potential that a given threat will exploit vulnerabilities of priority assets or organizational position thereby causing it harm; it involves assessing the likelihood of an event happening and the consequences should it occur. HP has a world-class Enterprise Risk Management program that enables our clients to effectively understand and plan for enterprise risk and incorporate risk management/mitigation concepts into decision-making. We include legal and regulatory compliance as well as global resiliency into the equation, and actually maintain a risk taxonomy and vocabulary to help the leadership understand their "risk portfolio." The security strategy is then based on these risk strategies.

The next order of business is to help clients develop their own security strategy by balancing their requirements to minimize potential loss and maximize potential gain. Business risk management, however, is a "top down" discipline because cyber risk is greater than just an IT failure. It is the business owners that must define an acceptable risk posture. Once defined, IT risk management is conducted "bottom up"; the technical programs, business processes and human resources needed to mitigate threats that must be developed and organized as required by the strategy. 

SecuritySolutionsWatch.com: Can we drill down a bit into cloud security for a moment? With the internet now firmly established as an integral part of the business model of every enterprise and so much information up in the cloud, what is your perspective on best practices for securing cloud computing? 

Elizabeth A. Hight: The Internet has made access to cloud services universal. As a provider of cloud services in multiple markets, HP understands that it's important to address security, regulatory and operational requirements as part of agreed upon Service Level or Risk Level Agreements. At HP, we've combined our long history of understanding U.S. Public Sector security requirements with our security offerings to address these concerns. Our government-market Virtual Private Cloud (VPC) services are hosted within the continental United States. Datacenter personnel are U.S. citizens who believe deeply in the mission and business objectives of our clients. Our cloud infrastructure within those datacenters conforms to NIST Moderate standards, implementing the appropriate controls and processes for that level of assurance. Those controls include access controls, as well as network and virtualization security controls. As cloud services and applications are developed and/or deployed for customers, we perform rigorous security testing, from concept to production, using automated tools like HP Fortify and standard methodologies, like HP's Comprehensive Application Threat Analysis (CATA) and ITIL V3 Configuration Management. When it comes to cloud services, providing a level of assurance for our customers means evaluating all the components of those services and providing the right technologies, people, and processes to deliver them. More



security stock solutions Mr. Larry Cox
Senior Vice President
Intelligence and Information Solutions
Business Unit General Manager
SAIC

www.SAIC.com
NYSE:SAI


Larry Cox: My organization, of approximately 2100 people, does systems engineering, architecture, software and hardware development and production, information assurance services and products and electronic records management for government and commercial customers. The single-award time and materials contract has a one-year base period, four one-year options and a total value of $39.2 million, if the customer exercises all options. For the DHS CBP Security and technology Branch, SAIC will perform work including certification and accreditation, security risk assessments, security test and evaluation, system architecture, communication security services, and technology policy and administration. More






setstats