Four Pillars of Hybrid IT Integration (merge the "how" with the "wow")

Four Pillars of Hybrid IT Integration (merge the "how" with the "wow") Kristoffer Sterzin 270007GGDM sterzlax@gmail.com |   May 12 | Tags:  computing analytics mobility enterprise api systems devops simplify business strategy economy transformation infrastructure virtualization integration hybrid real-time cloud-based services digital ibm it soa data iot scalable 0 Comments  |  2,004 Visits As IT architects, you’re probably suspicious of adopting integrated systems. But what if you could cut through the noise, reduce the time it takes to adopt a platform, and simply plug it in and go? The “if it’s not broken, then don’t fix it” mentality doesn’t really work with the world of hybrid IT. This world presents a new reality. One that creates 2.5 quintillion bytes of data each day, where 85 percent of enterprises use cloud services, and two thirds of all integration flows outside of firewalls. Yet you probably hear your CIO say “we need to build apps faster, connect them and pull in other APIs and services to make them more robust, then pull in customer data and transactions from the cloud, marry it with the backend and connect it back to the app.” Sound familiar? As an IT architect, you carry a lot on your shoulders. You’re tasked with making sure the business has a solid enough base to deliver the “wow” factor that drives the needle – the how of the wow, so to speak. Solutions have to be secure, devices and systems need to talk to each other in a lingua franca, and it all has to be fast, flexible, and scalable. That’s a tall order. Enter integration. Chances are you’ve already engaged in a balancing act between cloud-based services and on-premise systems. But you’re constantly clearing roadblocks, bottlenecks and putting out fires, dealing with a proliferation of shadow ops and increasing complexity. So where do you find the time to step back and plan for an effective digital transformation? Integration is more than added functionality. It offers a single source of truth and that “shareability” which is so important to building experiences people love. Integration lets you be proactive - to set up guidelines and rules for development - rather than just reacting to changes and responding to the needs of the business unit. It’s about speed and service. It’s about focusing on the here and now to simplify operations. It’s about merging the “how” with the “wow.” So what does that look like? It all begins with four pillars that support an overall system of integration: Foundation - A solid foundation that is flexible, fast, scalable, and transparent is the first step to leveraging new technologies with existing IT investments and deploying new projects with ease and speed. Security - 24x7x365 security lets you control your environment, comply with internal and external data policies and trust your mobile transactions. APIs - Easily manage a single API catalog to expose new services, expand your reach into new markets, leverage new tools for new strategies, and engage end-users on a personal level. Messaging - Simplified, connected, and secure messaging lets you access your data wherever and whenever you need it for better collaboration, trusted gateways, smarter workflows, and increased productivity. To learn more about how IBM facilitates your digital transformation through integration, visit IBM.com/Integration. https://www-304.ibm.com/connections/blogs/aim/entry/four_pillars_of_hybrid_it_integration?lang=en_us&ce=&ct=&cmp=&cm=&cr=&ccy=

Maritime industry heavily depends on technology, a cyber attack against its infrastructure and systems could have dramatic consequences on our society.

Maritime industry heavily depends on technology, a cyber attack against its infrastructure and systems could have dramatic consequences on our society.

In a recent post, I talked about attacks targeting SCADA systems will increase, and our ports are among critical infrastructure that makes large use of such systems.
Let’s consider that “almost 90% of the world’s goods are shipped on boats”, and I am sure that not everyone realizes that. These boats bring us our clothes, our electronics, food, etc., etc.
Ports have a crucial role and related activities in our society.
A newsletter provided by the maritime cybersecurity consulting firm CyberKeel includes some scaring statists, 37% of maritime companies using windows web servers that aren’t patched, leaving one-third vulnerable to denial of service attacks and unauthorized remote access.
Do you remember Heartbleed, the announced in 2014? This vulnerability considered by many as “the worst vulnerability ever discovered”, counting that maritime company don’t patch their systems like they should do remaining them vulnerable to several attacks, including the popular Heartbleed that could expose customer data, the goods physical location and much more.
Even if one of the companies in the maritime industry falls victim of a cyber attack, unfortunately, there is no interest in disclosing them since it will generate bad publicity.
“The potential consequences of even a minimal disruption of the flow of goods in U.S. ports would be high. … [S]helves at grocery stores and gas tanks at service stations would run empty.” was reported in report titled “maritime cybersecurity from Brookings explained” published in a 2013.
CyberKeel co-founder Lars Jensen explained that “The thing that started to scare us a little bit was that some of things … where we said, ‘This is clearly Hollywood-scenario stuff’ had already happened.”
But the public didn’t know about these incidents… but there is more, in 2014 a U.S port ( it wasn’t disclosed which) had a seven-hour disruption in their GPS signal, affecting their operations.
GPS is used in port cranes to define the crane’s position and to know to where the containers should move, without the GPS for seven hours, works were crippled. But the scariest part is that the GPS is used in navigation, so if someone is jamming the GPS signals, making the boat lost, they can perhaps ask for a ransom to unblock the GPS signals.

Another worrying incident occurred in 2012 when a malware was deployed in about three-quarters of Saudi Aramco’s files “across tens of thousands of PCs”.
The attacked showed an American flag in the infects machine’s screen. The company was able to mitigate the attack but since we are talking about an Oil company, this means that if the impact was bigger, it would affect the maritime shipping, affecting hugely the company.

“The threat is very real,”, “These intrusions and attacks are taking place every minute and every second of every day.” said Rear Adm. Marshall Lytle, the assistant commandant responsible for U.S. Coast Guard Cyber Command.

Vice Adm. Charles Michel, talked about some of the Coast Guard’s plans for cybersecurity:

“Probably the most important part of the Coast Guard’s Cyber Strategy is in its key organizing principle: The strategy is all about embracing a policy framework that will allow our enterprise to begin to tackle these challenges.”

Cyber-security must be a pillar of every sector in today society, we must consider seriously warning like the ones provided in these post to avoid major problems in the future.
About the Authors

Elsio Pinto is at the moment the Lead Mcafee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog http://high54security.blogspot.com/

Pierluigi Paganini
(Security Affairs – maritime industry, cyber security)