How Cybersecurity Can Unite the CFO and CIO

first_imgIn my previous blog, I shared some thoughts about why a strong CFO-CIO collaboration is the key to success in the digital world. With five new types of cyberthreats popping up every second, business success is about more than just innovation and growth. It is also about protecting the company’s intellectual property, reputation and shareholder value – and this means incorporating a comprehensive security strategy.Even though CFOs fully understand the reality of cyberthreats and they have witnessed the financial and reputational impact of attacks, they don’t always recognize the need for their involvement in a cybersecurity strategy. But, here again, it is the joint responsibility of the CFO and the CIO to protect the company’s key assets, and that includes the digital ones as well. Only by working hand in hand will they bring cybersecurity awareness to a higher level within their company. Being a CFO myself, and with assuming my share of the responsibility for the company’s assets, I thought I would share some of my experiences with you and explain why such a step is becoming much more than a necessary evil.Attacks are inevitable“It can’t happen here.”This is a sentence I used to hear when visiting customers. But the truth is, we all know now that nobody’s 100 percent safe in the modern age, either on a personal level or from well-publicized, organization-specific ransomware cases like WannaCry (300,000 computers infected) and NotPetya (several well-known multinationals in panic). Add to this daily reports of data breaches involving major retailers, financial institutions, internet companies and even dating sites, and it is not very difficult to understand why individuals and businesses alike are becoming less self-assured when it comes to cyberthreats.“I am convinced that there are only two types of companies: those that have been hacked and those that will be.Share“I am convinced that there are only two types of companies: those that have been hacked and those that will be. And even they are converging into one category: companies that have been hacked and will be hacked again,” said former FBI director Robert Mueller, quoted in the Connected CIO booklet from Dell EMC.Understandably, today’s businesses would prefer to stay off the radar of cybercriminals. Even the most serious banks now play it low-profile. The key is to not tempt hackers, whose favorite techniques now include cryptojacking or fileless malware. In a recent IMF blog, Christine Laguarde estimates the cyber risk for the financial sector, labeled as a significant threat to the financial system. The IMF suggests that average annual potential losses from cyberattacks may be close to nine percent of banks’ net income globally, or around $100 billion. These are staggering numbers, indeed, and do not even cover the worst case scenario. Taking into account that the financial sector has always been one of the most protected segments, this leaves much room for thought about the extent of potential losses in other sectors such as manufacturing. The figures above are based solely on those data breaches that are publicly known. This is just the tip of the iceberg, and I would bet only cover something like 10 percent of the all the real cases.Traditional ‘product’ approaches not enoughLast year, a leading manufacturing company specializing in personal care was crippled by a huge data breach. They turned to my employer, Dell EMC, to help them build and implement a multi-layer cybersecurity strategy, encompassing everything from data encryption to tape backups and cyber insurances. For years, they had been a bit lax in terms of security, but it turned out that traditional strategies, relying on a collection of heterogeneous products, were no longer enough to cope with the ever-increasing ingenuity of hackers.Joint custodiansExamples such as this highlight where a strong CFO-CIO collaboration can make a substantial difference. Given that the CFO is responsible for the company’s assets and the CIO is the gatekeeper of the IT infrastructure who makes security happen, they have a joint responsibility to build a comprehensive strategy that relies on more than a few randomly assembled ‘magic’ security products.Keep your friends close, but your enemies closerThis means analyzing all your organization’s vulnerabilities in detail and taking appropriate actions. It starts with very simple and practical solutions, such as making sure employees change their passwords regularly and log off their computers when not in use. CFOs should make sure that sufficient funding must go into workshops, training and communication efforts to raise security awareness company-wide. Do not forget to take social networks into account during this exercise. There are facts employees should never expose on Twitter, Facebook or LinkedIn if they play a role in the security chain, such as holiday times or function descriptions.Get your cybersecurity toolbox organizedTogether with a trusted partner on the technical side, CFOs must take a hand in directing the implementation of security tools, data encryption techniques and recovery solutions. One key point in an age where data is the new oil is the ability to prioritize or tier the data that is backed up so as to quickly recover the most critical data in the event of a breach or attack, in addition, the most critical data should have the most secure and frequent backups. And that is right up the CFO’s sleeve, where they can prove their added value to the CIO, both literally and figuratively speaking.Given that a security strategy will never be 100 percent successful (80 percent of incidents are caused by humans), the essential questions the CFO can help the CIO answer are:How do I protect the heartbeat of the business if I am the victim of a cyberattack ?What loss of assets would affect the daily operations of my business if the organization were under attack?How could we lose consumer confidence?And what could have an impact on shareholder value and our reputation in the market?Usually, less than 10 percent of the total data needs to be recovered quickly to avoid major losses.While the CFO frees up the necessary budgets, the CIO should offer technical advice on the IT choices as well as actually embed the cybersecurity strategy within the daily operations. For any new IT project, the Connected Partnership needs to reflect together on the security risks, finding the right balance between openness and isolation. In our interconnected world, you cannot close all the gates, but you can proactively incorporate the right tools to detect when something goes wrong. By doing so, CFO and CIO will be well-positioned to move from a strategy of detection to one of protection.To put on my CFO hat for a moment, I confirm that lots of money does indeed flow into cybersecurity and threat prevention. But cutting costs on that post because ROI is difficult to calculate is presupposing a false economy. The risk of investing insufficiently in cyber protection is losing hard-earned goodwill for both your company and your customer. Who would take the risk of cutting costs on the smoke detectors and fire alarms in their office building?Have a wonderful, safe and cybersecure summer vacation!last_img read more

4 New Reasons to Consider a 1-Socket Server

first_imgBy going to single socket, IT admins and developers can ignore having to become experts on affinity mapping, application pinning to hot cores, NUMA control, etc., which leads to complexity reduction across the board. At the end of the day, this helps enable application determinism which is becoming critical in the software defined data center for things like SDS, SDN, Edge Computing, CDN, NFV, and so on.So, what new advantages of 1-socket servers have we uncovered?Avoid (or delay) the rack power challenges that are looming, which could reduce the number of servers per rack.Prepare for your Edge Computing needs.Better server cost structure to enable parity generation to generation.Complexity reduction by not making IT admins and applications developers experts on IO and memory NUMA while saving the networking admin from chasing ghosts.To better support you on your digital transformation journey, we updated our PowerEdge portfolio of 1-socket optimized servers using the latest and greatest features in the AMD ROME CPU. PowerEdge R6515 Rack Server and the PowerEdge R7515 Rack Server as shown below.If you have questions, want to go deeper, or want to understand the Dell EMC family of 1-socket optimized servers, please contact one of our friendly sales representatives. For more musings on this and other topics, please follow me on LinkedIn or visit my other blogs. If you have other interesting 1-socket value props please drop me a note – I’m always interested in learning about the challenges in IT today.To learn more about PowerEdge servers, including the R6515 and R7515, visit the PowerEdge Server page, or join the conversation on Twitter. There are now 14 reasons why single socket servers could rule the future. I published a paper last April on The Next Platform entitled  Why Single Socket Servers could rule the future, and thought I’d provide an updated view as new products have come to market and we have heard from many customers on this journey.The original top 10 list is shown below:More than enough cores per socket and trending higherReplacement of underutilized 2S serversEasier to hit binary channels of memory, and thus binary memory boundaries (128, 256, 512…)Lower cost for resiliency clustering (less CPUs/memory….)Better software licensing cost for some modelsAvoid NUMA performance hit – IO and MemoryPower density smearing in data center to avoid hot spotsRepurpose NUMA pins for more channels: DDRx or PCIe or future buses (CxL, Gen-Z)Enables better NVMe direct drive connect without PCIe Switches (ok I’m cheating to get to 10 as this is resultant of #8)Gartner agrees and did a paper. ( this original article, I’ve had a lot of conversations with customers and gained some additional insights. Plus, we now have a rich single socket processor that can enable these tenets: AMD’s second-generation EPYC processor codenamed ROME.So what else have we learned? First, from a customer perspective, rack power limits today are fundamentally not changing – or at least not changing very fast. From a worldwide perspective surveying customers, rack power trends are shown below:These numbers are alarming when you consider the direction of CPUs & GPUs that are pushing 300 Watts and beyond in the future. While not everyone adopts the highest end CPU/GPUs, when these devices shift toward higher power, that pulls the sweet spot power up due to normal distribution. Then factor in direction of DDR5 and number of DDR channels, PCIe Gen4/5 and number of lanes, 100G+ Ethernet, and increasing NVMe adoption, and the rack power problem is back with gusto. Customers are facing some critical decisions: (1) accept the future server power rise and cut the number of servers per rack or (2) shift to lower power servers to keep server node count or (3) increase data center rack power and accompanying cooling or (4) move to a colo or the public cloud – that alone won’t address the rack power problem brewing as they too have to deal with the growing rack power problem. With the rise in computational demand driven by data and enabled by AI/ML/DL this situation is not going to get better. Adoption of 1U and 2U single socket servers can greatly reduce the per-node power and thus help take pressure off the rack power problem.Power problems don’t just impact the data center, they are present at the edge. As more data is created at the edge by the ever-increasing number of IoT and IIoT devices, we will need capable computing to analyze and filter the data before results are sent to the DC. For all the reasons in the paragraphs above and below, edge computers will benefit from rich single socket servers. These servers will need to be highly power efficient, provide the performance required to handle the data in real-time, and, in some cases, support Domain Specific Architectures (DSA) like GPUs, FPGAs, and AI accelerators to handle workloads associated with IoT/IIoT. These workloads include data collection, data sorting, data filtering, data analytics, control systems for manufacturing, and AI/ML/DL. The most popular edge servers will differ from their DC counterparts by being smaller. In many situations, edge servers also need to be ruggedized to operate in extended temperature and harsh environmental conditions. Data center servers typically support max 25-35C temperature range. While edge servers need to be designed to operate in warehouse and factory environments (25-55C max temperature) and harsh environments (55-70C max temperature). When you reduce the compute complex from 2 processors and 24-32 DIMMs to 1 processor with 12-16 DIMMs then you can reinvent what a server looks like and meet the needs of the edge.Another interesting observation and concern brought up by customers is around overall platform cost. Over the last few years the CPU and DRAM pricing has grown. Many customers desire cost parity generation to generation and customers expect to get Y% higher performance – Moore’s Law at work.  But as the CPUs grew in capability (cores and cost) they added more DDR channels which were needed to feed the additional cores. To get the best performance you must populate 1 DIMM per channel, which forced customers to install more memory. As the CPU prices rose with additional DRAM required, it broke the generation to generation cost parity aspect. In comes the rich 1-socket server and now at the system level you can buy less DIMMs and CPUs – saving cost and power at the node level without having to trade-off performance.The last point customers have shared with me is around complexity reduction. Many said they had spent weeks chasing what was believed to be a networking issue when it was the 2-socket IO NUMA challenge I highlighted in the last paper. Those customers are coming back and letting us know. By adopting 1-socket servers, buyers are able to reduce application/workload complexity by not making IT and application developers an expert on IO and memory NUMA. In the last paper I showed the impact of IO NUMA on bandwidth and latency (up to 35% bandwidth degradation and 75% latency increase).Below is a view of memory NUMA on a standard 2-socket server where we start with core0 and sweep across all cores measuring data sharing the latency. We then go to core1 and again sweep across all cores, and so on until all pairs of cores have been measured. The lowest bar is the L2/L1 sharing from a parent to its sibling HT core, the next level up is all cores within a socket sharing L3. Next level up is across sockets. And to be honest, the few that are the highest we haven’t concluded what is causing that yet – but I think you get the point – it’s complicated and can cause variability.last_img read more

N. Carolina state Sen. Jeff Jackson enters US Senate race

first_imgRALEIGH, N.C. (AP) — A North Carolina Democratic state senator has announced he’s running for the U.S. Senate in 2022. Jeff Jackson unveiled his bid Tuesday. He’s the second high-profile Democrat to enter the race to succeed Republican Sen. Richard Burr, who isn’t seeking reelection. Former state Sen. Erica Smith is running again after an unsuccessful campaign for the Democratic nomination in 2020. Republican incumbent Thom Tillis won in November, extending the GOP’s winning streak in Senate elections in North Carolina to four. Former Republican U.S. Rep. Mark Walker is also running for Burr’s seat. Jackson says he plans to ultimately visit all 100 counties.last_img read more

New museum traces history of Black music across genres

first_imgNASHVILLE, Tenn. (AP) — A new music museum in Nashville is telling an important and often overlooked story about the roots of American popular music. The National Museum of African American Music has opened in Nashville’s musical tourism district. Unlike museums that focus on a genre or label, this museum is touted as the first to span multiple genres including gospel, blues, jazz, R&B and hip-hop. Gospel singer CeCe Winans, who serves as a national chair for the museum, says it was long overdue to honor African American music and the role it has played in America.  The museum has 1,600 artifacts in the collection. Visitors can learn dance moves with a virtual instructor and sing “Oh Happy Day” with a choir.last_img read more

Police: Man shot, killed after ‘prank’ robbery for video

first_imgNASHVILLE, Tenn. (AP) — Police in Tennessee are investigating after a man was shot and killed Friday night during a robbery “prank” for a YouTube video. According to the Metro Nashville Police Department, officers responded to the parking lot of an Urban Air indoor trampoline park at 9:25 p.m., where 23-year-old David Starnes Jr. admitted shooting 20-year-old Timothy Wilks. Witnesses told detectives that Wilks and a friend were participating in a “prank” robbery when they approached a group of people with butcher knives. Starnes said he was unaware of the prank and shot Wilks to defend himself and others. No one has been charged in Wilks’ death. The investigation is ongoing.last_img read more