Latest DevOps News on the Web

RSAC 2017 Ransomware Summit

Nobody likes to think about their company’s critical data being compromised and held for ransom. Unfortunately, this type of threat, dubbed ransomware, cannot be ignored. In the first quarter of 2016 alone, CNN projected that cybercriminals collected more than $200 million through ransomware attacks.   This would make ransomware a nearly $1 billion business annually, and it is growing quickly. This scale can be difficult to grasp, so how about an example that’s easier to identify with? In February of 2016, Los Angeles’s Hollywood Presbyterian Medical Center was hit with a ransomware attack. The attack lasted for four days before the hospital finally paid the ransom of $17,000 to get its network back. You may think, “$17,000? That doesn’t sound so bad.” Of course, the actual cost – downtime, delays, lost customers, etc. – was much worse: an estimated $11 million. Do I have your attention now?   When I approached the RSA Conference program team with the idea of holding a one day summit on ransomware at this year’s event, they jumped at the opportunity. As the result of long hours, careful planning, and a highly selective abstract review process, we have locked in our inaugural RSAC 2017 Ransomware Summit. With yours truly Andrew Hay as the host, attendees can expect a full day all about ransomware and its multifaceted implications across technical, policy, compliance and financial response. Sessions will discuss innovative research, present case studies on response and recovery to ransomware, explore combatting ransomware, and debate if — and when — you should pay the ransom. Speakers at the summit include:   Andrei Barysevich, Director of Advanced Collection, Recorded Future Christiaan Beek, Head of Strategic Threat research, Intel Security Michael Duff, CISO, Stanford University David Formby, Ph.D. Candidate, Georgia Institute of Technology Robert Gibbons, Chief Technology Officer, Datto Jeremiah Grossman, Chief of Security Strategy, SentinelOne Levi Gundert, Vice President of Intelligence and Strategy, Recorded Future Anton Ivanov, Senior Malware Analyst in Kaspersky Lab, Kaspersky Lab Neil Jenkins, Director of the Enterprise Performance Management Office (EPMO), Department of Homeland Security Paula Long, CEO and Co-Founder, DataGravity Raj Samani, CTO, EMEA, Intel Security Joachim Suico, Threat Research Engineer, Trend Micro, Inc. Candid Wüest, Threat Researcher, Symantec   Though I can’t detail every session, I do want to highlight a few of the sessions I feel attendees simply can’t miss. The first session of the day will be a panel entitled “Preparing for Ransomware” with Michael Duff of Stanford University, Adam Ely of Walmart, and Neil Jenkins from the Department of Homeland Security. This session will set the stage for the challenges of preparing for, and responding to, ransomware across various organizations and industry verticals.   A live hack will be demonstrated in “Out of Control: Ransomware for Industrial Control Systems” by Georgia Institute of Technology Ph.D. candidate David Formby. To illustrate the effects of ransomware on an industrial control system, this session will show the operational and physical harm implications resulting from the compromise of a popular programable logic controller (PLC). This may be the session that causes a restless sleep for some of our...

What products & improvements are new on AWS?

Amazon is releasing new products & services to it’s global cloud compute network at a rate that has all of our heads spinning. Join 32,000 others and follow Sean Hull on twitter @hullsean. Here’s new stuff worth mentioning around databases & data. 1. For ETL – AWS GLUE Moving data from your transactional MySQL or … Continue reading What products & improvements are new on AWS? →

What’s in store for cybersecurity in 2017?

You heard it here first: 2017 is going to be the year of cybersecurity.

How to keep customer data safe this Black Friday

Black Friday is just around the corner.

Cybersecurity action must catch up to interest: A lesson from “Snowden”

Across the country this fall, movie-goers settled into their theater seats, popcorn tubs balanced on their laps, and immersed themselves in one of the best-known data breach stories of our time.

How can startups learn from the Dyn DNS outage?

As most have heard by now, last Friday saw a serious DDOS attack against one of the major US DNS providers, Dyn. Join 32,000 others and follow Sean Hull on twitter @hullsean. DNS being such a critical dependency, this affected many businesses across the board. We’re talking twitter, etsy, github, Airbnb & Reddit to name … Continue reading How can startups learn from the Dyn DNS outage? →

Is a dangerous anti-ops movement gaining momentum?

I was talking with a colleague recently. He asked me … What do you think of the #no-ops movement that seems to be gaining ground? How is it related to devops? It’s an interesting question. With technologies like lambda & docker containers, the role & responsibilities & challenges of operations are definitely changing quickly. Join … Continue reading Is a dangerous anti-ops movement gaining momentum? →

How I use Terraform & Composer to automate wordpress on aws

How I setup wordpress to deploy automatically on aws You want to make your wordpress site bulletproof? No server outage worries? Want to make it faster & more reliable. And also host on cheaper components? I was after all these gains & also wanted to kick the tires on some of Amazon’s latest devops offerings. … Continue reading How I use Terraform & Composer to automate wordpress on aws →

Deploy wordpress on aws by first decoupling assets

You want to make your wordpress site bulletproof? No server outage worries? Want to make it faster & more reliable. And also host on cheaper components? I was after all these gains & also wanted to kick the tires on some of Amazon’s latest devops offerings. So I plotted a way forward to completely automate … Continue reading Deploy wordpress on aws by first decoupling assets →