The Confidential Computing Webcast Series

May 25, 2021May 25, 2021 Jim Fister

The need for improved data security and privacy seems to grow bigger every day. The continuous attacks and bad actors from hackers and rogue governments are increasing the demand from businesses and consumers alike to make stronger data protection a top priority. In the midst of this need, Confidential Computing has emerged as a solution for stronger data security and is gaining traction from a variety of start-ups and established companies. Read More

What is Confidential Computing?

May 17, 2021May 17, 2021 Jim Fister

While data security in the enterprise has never been for the faint of heart, the move to a more contiguous enterprise/cloud workflow as well as the increase in Edge data processing has significantly impacted the work (and the blood pressure) of security professionals. In the “arms race” of security, new defensive tactics are always needed. One significant approach is Confidential Computing: a technology that can isolate data and execution in a secure space on a system, which takes the concept of security to new levels. This SNIA Cloud Storage Technologies Initiative (CSTI) webcast “What is Confidential Computing and Why Should I Care?” will provide an introduction and explanation of Confidential Computing and will feature a panel of industry architects responsible for defining Confidential Compute. It will be a lively conversation on topics including: Read More

A Q&A on Protecting Data from New COVID Threats

February 17, 2021February 17, 2021 Alex McDonald

The SNIA Cloud Storage Technologies Initiative began 2021 discussing the topic that has been on everyone’s mind for the last year – COVID-19. But rather than talking about positive cases or vaccine availability, our experts, Eric Hibbard and Mounir Elmously, explored how COVID has increased cybersecurity concerns and impacted the way organizations must adapt their security practices in order to ensure data privacy and data protection. If you missed our live webcast “Data Privacy and Data Protection in the COIVD Era” it’s available on-demand. As expected, the session raised several questions on how to mitigate the risks from increased social engineering and ransomware attacks and how to limit increased vulnerabilities from the flood of remote workers. Here are answers to the session’s questions from our experts. Q: Do you have any recommendations for structuring a rapid response to an ongoing security threat? Read More

Understanding CDMI and S3 Together

February 9, 2021February 9, 2021 Alex McDonald

How does the Cloud Data Management Interface (CDMI

) International Standard work? Is it possible be to both S3 and CMDI compliant? What security measures are in place with CDMI? How, and where, is CDMI being deployed? These are just some of the topics we covered at our recent SNIA Cloud Storage Technologies (CSTI) webcast, “Cloud Data Management & Interoperability: Why A CDMI Standard Matters.” CDMI is intended for application developers who are implementing cloud storage systems, and who are developing applications to manage and consume cloud storage. Q. Can you compare CDMI to S3? Is it possible to be both CDMI and S3 compliant? Is it too complicated? Read More

How COVID has Changed Data Privacy and Data Protection

January 6, 2021January 6, 2021 Alex McDonald

The COVID-19 Pandemic has amplified cybersecurity concerns particularly related to the cloud. Threat actors have recognized a unique opportunity to exploit pandemic-related vulnerabilities through social engineering attacks, business email compromise, work from home and other remote weak points. This results in increased risk and occurrence of ransomware attacks and data breaches that can disrupt or totally compromise organizations’ ability to conduct business. These security incidents can also subject victims to liability for violations of privacy and data breach notification laws. The SNIA Cloud Storage Technologies Initiative (CSTI) will be taking on this important topic with a live webcast on January 20, 2021, “Data Privacy and Data Protection in the COVID Era” where our SNIA experts will discuss: Read More

Questions on Securing Data in Transit Answered

December 9, 2020December 9, 2020 Alex McDonald

Data in transit provides a large attack surface for bad actors. Keeping data secure from threats and compromise while it’s being transmitted was the topic at our live SNIA Networking Storage Forum (NSF) webcast, Securing Data in Transit. Our presenters, Claudio DeSanti, Ariel Kit, Cesar Obediente, and Brandon Hoff did an excellent job explaining how to mitigate risks. We had several questions during the live event. Our panel of speakers have been kind enough to answer them here. Q. Could we control the most important point – identity, that is, the permission of every data transportation must have an identity label, so that we can control anomalies and misbehaviors easily? Read More

Why Cloud Standards Matter

November 18, 2020November 18, 2020 Alex McDonald

Effective cloud data management and interoperability is critical for organizations looking to gain control and security over their cloud usage in hybrid and multicloud environments. The Cloud Data Management Interface (CDMI

), also known as the ISO/IEC 17826 International Standard, is intended for application developers who are implementing or using cloud storage systems, and who are developing applications to manage and consume cloud storage. It specifies how to access cloud storage namespaces and how to interoperably manage the data stored in these namespaces. Standardizing the metadata that expresses the requirements for the data, leads to multiple clouds from different vendors treating your data the same. Read More

An FAQ on the “Fine Print” of Cyber Insurance

September 30, 2020September 30, 2020 Paul Talbut

Last month, the SNIA Cloud Storage Technologies Initiative, convened experts, Eric Hibbard and Casey Boggs, for a webcast on cyber insurance – a growing area to further mitigate risks from cyber attacks. However, as our attendees learned, cyber insurance is not as simple as buying a pre-packaged policy. If you missed the live event “Does Your Cyber Insurance Strategy Need a Tune-Up” you can watch it on-demand. Determining where and how cyber insurance fits in a risk management program generates a lot of questions. Our experts have provided answer sto them all here: Q. Do “mega” companies buy cyber insurance or do they self-insure? A. Many Fortune 500 companies do carry cyber insurance. The scope of coverage can vary significantly. Concerns over ransomware are often a driver. Publicly traded companies have a need to meet due care obligations and cyber insurance is a way of demonstrating this. Q. Insurance companies don’t like to pay out. I suspect making a claim is quite contentious? Read More

Where Does Cyber Insurance Fit in Your Security Strategy?

July 17, 2020July 17, 2020 Paul Talbut

Protection against cyber threats is recognized as a necessary component of an effective risk management approach, typically based on a well-known cybersecurity framework. A growing area to further mitigate risks and provide organizations with the high level of protection they need is cyber insurance. However, it’s not as simple as buying a pre-packaged policy. In fact, it’s critical to identify what risks and conditions are excluded from a cyber insurance policy before you buy. Determining what kind of cyber insurance your business needs or if the policy you have will really cover you in the event of an incident is challenging. On August 27, 2020 the SNIA Cloud Storage Technologies Initiative (CSTI) will host a live webcast, “Does Your Storage Need a Cyber Insurance Tune-Up?” where we’ll examine how cyber insurance fits in a risk management program. We’ll identify key terms and conditions that should be understood and carefully negotiated as cyber insurance policies may not cover all types of losses. Read More

Applied Cryptography Techniques and Use Cases

July 15, 2020July 15, 2020 AlexMcDonald

The rapid growth in infrastructure to support real time and continuous collection and sharing of data to make better business decisions has led to an age of unprecedented information storage and easy access. While collection of large amounts of data has increased knowledge and allowed improved efficiencies for business, it has also made attacks upon that information—theft, modification, or holding it for ransom — more profitable for criminals and easier to accomplish. As a result, strong cryptography is often used to protect valuable data. The SNIA Networking Storage Forum (NSF) has recently covered several specific security topics as part of our Storage Networking Security Webcast Series, including Encryption101, Protecting Data at Rest, and Key Management 101. Now, on August 5, 2020, we are going to present Applied Cryptography. In this webcast, our SNIA experts will present an overview of cryptography techniques for the most popular and pressing use cases. We’ll discuss ways of securing data, the factors and trade-off that must be considered, as well as some of the general risks that need to be mitigated. We’ll be looking at: Read More