Home Podcasts Videos Guest Posts Q&A My Take Bio Contact
 

My Take

 

MY TAKE: DigiCert and Oracle partner to extend digital trust and scalable infrastructure globally

By Byron V. Acohido

One meeting I had at RSA Conference 2023, was a briefing about a  new  partnership, announced this morning, between a top-rung Silicon Valley tech giant and the leading provider of digital trust.

Related: Centralizing control of digital certificates

I had the chance to sit down with Deepika Chauhan, DigiCert’s Chief Product Officer, and Mike Cavanagh, Oracle’s Group Vice President, ISV Cloud for North America. They walked me through a partnership that gives their joint customers the option to deploy Oracle Cloud Infrastructure (OCI) combined with  DigiCert ONE. Here are a few of my takeaways:

Seeds of the partnership

In 2017, DigiCert acquired and commenced reviving Symantec’s PKI business. This was all part of the Lehi, Utah-based vendor’s efforts to support enterprise cloud migration and the rise of IoT systems, which were both gaining steam.

This ultimately resulted in the 2020 roll out of DigiCert ONE, a new platform of tools and services aimed at “embedding digital trust across the board within the enterprise and between all parts of the cloud ecosystem,” Chauhan says.

Back in Silicon Valley, Oracle was playing catchup. Amazon had introduced Amazon Web Services in 2006 and Microsoft Azure became commercially available in 2010. Oracle launched OCI in October 2016.

MY TAKE: A few reasons to believe RSAC 2023’s ‘stronger together’ theme is gaining traction

By Byron V. Acohido

The theme of RSA Conference 2023 — ‘stronger together’ — was certainly well chosen.

Related: Demystifying ‘DSPM’

This was my nineteenth RSAC. I attended my first one in 2004, while covering Microsoft for USA TODAY. It certainly was terrific to see the cybersecurity industry’s premier trade event fully restored to its pre-Covid grandeur at San Francisco’s Moscone Center last week.

Rising from the din of 625 vendors, 700 speakers and 26,000 attendees came the clarion call for a new tier of overlapping, interoperable, highly automated security platforms needed to carry us forward.

Defense-in-depth remains a mantra — but implemented much differently than the defense-in- depth strategies of the first decade and a half of this century. Machine learning, automation and interoperability must take over and several new security layers must coalesce and interweave to protect the edge.

Getting a grip on identities

To keep the momentum going, business rivals and regulators are going to have to find meaningful ways to co-ordinate and cooperate at an unprecedented level. Here are four evolving themes reverberating from RSAC 2023 that struck me:

Password enabled access will endure for the foreseeable future.

MY TAKE: Putin’s weaponizing of ransomware shows why network security needs an overhaul

By Byron V. Acohido

At 10 am PDT, next Wednesday, April 19th,  I’ll have the privilege of appearing as a special guest panelist and spotlight speaker on Virtual Guardian’s monthly Behind the Shield cybersecurity podcast.

Related: The Golden Age of cyber spying is upon us

You can RSVP – and be part of the live audience – by signing up here. The moderator, Marco Estrela, does a terrific job highlighting current cybersecurity topics ripped from the headlines. For my part, I’m going to ‘follow the money’ with respect to the strategic use of weaponized ransomware on  the part of Vladimir Putin.

I recently had the chance to drill down on this topic as part of a Last Watchdog Fireside Chat podcast I’m currently producing. Stay tuned for my eye-opening discussion with BullWall, a Danish startup that’s in the midst of helping companies effectively mitigate cyber extortion.

Meanwhile, in the April 19th episode of Behind the Shield,  I’m going to attempt to summarize the big theme I’m hearing from BullWall and numerous other security vendors as I get ready to make the trek to San Francisco’s Moscone Center to cover RSA Conference 2023 in person – after two years of covering it remotely.

And that theme is . . . the unfolding reconstitution of network defense. There’s a common thread running through all of the advanced tools, new security frameworks and innovative security services that are rapidly gaining traction.

At some level, they all drive us in the direction of creating a new tier of overlapping, interoperable, highly automated security platforms.  The end game quite clearly must be to bake security deep inside the highly interconnected systems that will give us climate-rejuvenating vehicles and buildings and spectacular medical breakthroughs.

I’ll get this discussion going at Virtual Guardian’s Behind the Shield podcast next week. And I’ll try to ramp it up in my upcoming series of Last Watchdog RSA Insights Fireside Chat podcasts … more

AUTHOR Q&A: China’s spy balloons reflect a cyber warfare strategy America must counter

By Byron V. Acohido

The attack surface of company networks is as expansive and porous as ever.

Related: Preparing for ‘quantum’ hacks

That being so, a new book, Fixing American Cybersecurity, could be a long overdue stake in the ground.

This is a well-reasoned treatise collaboratively assembled by board members of the Internet Security Alliance (ISA.) Laid out in two parts, Fixing American Cybersecurity dissects the drivers that got us here and spells out explicitly what’s at stake. It also advocates a smarter, more concerted public-private partnership as the core solution.

Part one of the book catalogues how cyber criminals and US adversaries have taken full advantage of systemic flaws in how we’ve come to defend business and government networks. Part two is comprised of essays by  CISOs from leading enterprises outlining what needs to get done.

I had the chance to query Larry Clinton, ISA’s president and CEO, about the main themes laid out in Fixing American Cybersecurity. ISA is a multi-sector trade group focused on policy advocacy and developing best practices for cybersecurity.

We discussed this book’s core theme: a fresh set of inspired public-private strategies absolutely must arise and gain full traction, going forward, or America’s strategic standing will never get healed.

MY TAKE: Poll shows consumers won’t patronize companies that fail to assure ‘digital trust’

By Byron V. Acohido

It’s all too easy to take for granted the amazing digital services we have at our fingertips today.

Related: Will Matter 1.0 ignite the ‘Internet of Everything’

Yet, as 2022 ends, trust in digital services is a tenuous thing. A recent survey highlights the fact that company leaders now understand that digital trust isn’t nearly what it needs to be. And the same poll also affirms that consumers will avoid patronizing companies they perceive as lacking digital trust.

DigiCert’s 2022 State of Digital Trust Survey polled 1,000 IT professional and 400 consumers and found that lack of digital trust can drive away customers and materially impact a company’s bottom line

“It’s clear that digital trust is required for organizations to instill confidence in their customers, employees and partners,” Avesta Hojjati, DigiCert’s vice president of Research and Development, told me. “Digital trust is the foundation for securing our connected world.”

I recently had the chance to visit with Hojjati. We conversed about why digital trust has become an important component of bringing the next iteration of spectacular Internet services to full fruition. And we touched on what needs to happen to raise the bar of digital trust. Here are a few key takeaways from our evocative discussion:

MY TAKE: The role of semiconductors in bringing the ‘Internet of Everything’ into full fruition

By Byron V. Acohido

The Internet of Everything (IoE) is on the near horizon.

Related: Raising the bar for smart homes

Our reliance on artificially intelligent software is deepening, signaling an era, just ahead, of great leaps forward for humankind.

We would not be at this juncture without corresponding advances on the hardware side of the house. For instance, very visibly over the past decade, Internet of Things (IoT) computing devices and sensors have become embedded everywhere.

Not as noticeably, but perhaps even more crucially, big advances have been made in semiconductors, the chips that route electrical current in everything from our phones and laptops to automobile components and industrial plant controls.

I recently visited with Thomas Rosteck, Division President of Connected Secure Systems (CSS) at Infineon Technologies, a global semiconductor manufacturer based in Neubiberg, Germany. We discussed how the Internet of Things, to date, has been all about enabling humans to leverage smart devices for personal convenience.

“What has changed in just the past year is that things are now starting to talk to other things,” Rosteck observes. “Smart devices and IoT systems are beginning to interconnect with each other and this is only going to continue.”

MY TAKE: Can Matter 1.0 springboard us from truly smart homes to the Internet of Everything?

By Byron V. Acohido

Ever feel like your smart home has dyslexia?

Siri and Alexa are terrific at gaining intelligence with each additional voice command. And yet what these virtual assistants are starkly missing is interoperability.

Related: Why standards are so vital

Matter 1.0 is about to change that. This new home automation connectivity standard rolls out this holiday season with sky high expectations. The technology industry hopes that Matter arises as the  lingua franca for the Internet of Things.

Matter certified smart home devices will respond reliably and securely to commands from Amazon AlexaGoogle Assistant,  Apple HomeKit or Samsung SmartThings. Think of it: consumers will be able to control any Matter appliance with any iOS or Android device.

That’s just to start. Backed by a who’s who list of tech giants, Matter is designed to take us far beyond the confines of our smart dwellings. It could be the key that securely interconnects IoT systems at a much deeper level, which, in turn, would pave the way to much higher tiers of digital innovation.

I had the chance to sit down, once more, with Mike Nelson, DigiCert’s vice president of IoT security, to discuss the wider significance of this milestone standard.