Home Tags Forecast

Tag: forecast

What’s next for solar energy

A look forward to how we get to Terawatts of solar power capacity.

HP rises again to be the world’s top PC maker as...

It was another tough quarter for PC shipments, but there was good news for HP, which edged Lenovo to regain the title of world top's PC maker, according to IDC.Worldwide PC shipments totaled 60.3 million units in the first quarter of 2017, growing by just 0.6 percent compared to the same quarter the previous year.[ Windows 10 vs. MacOS: Which gives sys admins the most management control? | Get deep into Windows: Subscribe to the InfoWorld Windows Report newsletter. ]IDC previously forecast a decline of 1.8 percent in PC shipments, so the positive growth was a sign the PC market is recovering. Quarterly PC shipments reported positive growth for the first time since the first quarter of 2012. To read this article in full or to leave a comment, please click here

Russia: Maybe reusing rockets isn’t a crazy capitalist idea after all

"The main thing is to ensure a competitive product," a Russian official said.

A sizzling Gulf of Mexico could bring more spring storms

More tornadoes? Probably.

But there's no link between winter heat and hurricanes.

Facebook open-sources its Prophet forecasting tools for Python and R

Facebook has open-sourced its Prophet forecasting tool, designed "to make it easier for experts and non-experts to make high-quality forecasts," according to a blog post by Sean J.

Taylor and Ben Letham in the company's research team. "Forecasts are...

Infosec firm NCC Group launches review over crap financials

Misses full-year forecast by, oh, only 20 per cent Cybersecurity firm NCC Group has launched a strategic review after issuing a profit warning.…

IDG Contributor Network: How SUSE is becoming a key player in...

According to the most recent Gartner forecast, there will be more than 8.4 billion internet connected things in use worldwide in 2017, with total spending on endpoints and services rocketing to almost $2 trillion.When we think of IoT we usually don’t look beyond small, connected devices.

But when I look at IoT, I see three core components:The user facing devices (hardware) Data centers running services for these devices
 Software running on these devices It should not come as a surprise that Linux is a dominant player in the latter two categories. Most data centers and cloud, irrespective of whether its public cloud or private cloud, run on Linux. Most IoT devices run some form of Linux based operating system.To read this article in full or to leave a comment, please click here

10 IT skills that employers need in 2017

IT skills that employers need in 2017Image by ThinkstockUnemployment rates in the IT industry are still hovering at historic lows, and some roles -- like network and security engineers and software developers -- are showing unemployment rates of around...

5 data breach predictions for 2017

In 2017, most companies have data breach preparedness on their radar.

But the threat landscape is ever-evolving.
Staying ahead of emerging threats and the increasing sophistication of cybercriminals requires "constant vigilance," as Mad-Eye Moody from J.K. Rowling's Harry Potter series was fond of saying. "Preparing for a data breach has become much more complex over the last few years," says Michael Buemmer, vice president at Experian Data Breach Resolution. "Organizations must keep an eye on the many new and constantly evolving threats and address these threats in their incident response plans." To aid in that effort, Experian Data Breach Resolution recently released its fourth annual Data Breach Industry Forecast, a report rooted in Experian's history helping more than 17,000 companies deal with data breaches in the last decade (4,000 in 2016 alone). Experian says five data breach trends will dominate 2017: Aftershock password breaches will expedite the death of the password. Nation-state cyber-attacks will move from espionage to war. Healthcare organizations will be the most targeted sector with new, sophisticated attacks emerging. Criminals will focus on payment-based attacks despite the EMV shift that took place more than a year ago. International data breaches will cause big headaches for multinational companies. 1.

Aftershock password breaches will expedite the death of the password Experian says that "aftershock" breaches, which it considered an emerging trend in 2016, will become more common and varied in 2017. Earthquakes are often followed by a series of aftershocks, smaller magnitude earthquakes that can occur for years after the initial quake as the earth's crust around the displaced fault plane adjusts. Password breaches are similar, according to Experian: Attackers continue to sell old username and password information on the dark web.
Since users often reuse passwords, this can lead to companies that didn't experience a first-hand data breach becoming the target of repeat unauthorized log-ins, which in turn forces those companies to notify their users that their information is being misused. By way of example, Experian points to the breach of 500 million Yahoo! Accounts in 2014. "It has been reported those stolen credentials were subsequently resold and used by other criminals to compromise accounts across a wide variety of services where consumers use the same username and password," Experian notes in the report. "This exposure of the largest-ever breach of usernames and passwords is likely to reverberate for years to come as the exposed credentials make their way through the underground economy.

Companies that have never experienced a direct breach will be forced to deal with the aftershock of Yahoo!'s loss of user credentials." Experian predicts 2017 will see criminals expanding on the aftershock breach concept.

They won't just involve usernames and passwords; attackers will take the same approach with even more personal information, like social security numbers and medical information. To combat this trend, Experian recommends implementing two-factor authentication to identify users.
It also recommends companies account for aftershock breaches in their incident response plans. 2. Nation-state cyber-attacks will move from espionage to war Experian predicts that cyber conflicts between nation-states will escalate from espionage to cyber-warfare in 2017. "While the [U.S. Office of Personnel Management] breach of 2015 was clearly motivated by gaining specific intelligence, in 2017 we will see new operations made public that use cyber-attacks as an outright offensive weapon," the report said. Experian notes that when the issue of state-sponsored cyber-attacks came up during the recent U.S. presidential campaign, both candidates said they would favor using cyber weapons to retaliate, leading Experian to predict an escalation in cyber-attack conflict in 2017.

These conflicts will tend to leave consumers and businesses as collateral damage. "The progression of cyber-attacks driven by nation-states will undoubtedly place critical infrastructure in the crosshairs, potentially leading to widespread outages or exposed personal information that could impact millions of innocent consumers," the report said. Experian recommends companies address this threat by participating in their respective Information Sharing and Analysis Center (ISAC) to share cyber threat information with peers and national defense organizations.

Additionally, businesses &8212; especially businesses involved in critical infrastructure — should prepare for full-on disruption. Proactive steps could involve purchasing insurance protection and shoring up security measures against large-scale disruptions. 3. Healthcare organizations will be the most targeted sector with new, sophisticated attacks emerging For years, personal medical information, particularly electronic health records (EHRs), have been some of the most valuable data criminals can target.
In 2015, many attackers focused on health insurers.

But Experian believes 2017 will see criminals expanding into other aspects of healthcare, including hospital networks.

The report notes that hospital networks tend to be more distributed, making it harder to maintain security measures compared with more centralized organizations. "The consequences of a medical data breach are wide-ranging, with devastating effects across the board -- from the breached entity to consumers who may experience medical ID fraud to the healthcare industry as a whole," says Ann Patterson, senior vice president, Medical Identity Fraud Alliance (MIFA). Experian predicts ransomware will be a top concern. "Ransomware presents an easier and safer way for hackers to cash out.

Given the potential disruption to a company, most organizations will opt to simply pay the ransom," the report says. "This has unintended consequences of funding more research and development by attackers who will in turn develop more sophisticated and targeted attacks.

These new variants will likely be able to evade many of the security detection systems that were developed and are now widely deployed to stop the previous generation of attacks." Experian recommends healthcare organizations of all sizes and types review their security measures and ensure they have contingency planning for responding to ransomware attacks as well as adequate employee security training. 4.

Criminals will focus on payment-based attacks despite the EMV shift taking place over a year ago All payment cards in the U.S. started incorporate EMV chips last year.

But according to a report last September by the Strawhecker Group (TSG), only 44 percent of U.S. card-accepting merchants have EMV terminals, and only 29 percent can actually accept chip-based transactions. Experian predicts that uneven adoption of the technology, combined with attackers targeting new industries and adapting their tactics, means payment attacks will plague companies in 2017. "Instead of targeting big name retailers as we've seen in the past, attackers may turn their attention to smaller franchised stores and others with distributed infrastructure," the report says. "Along with needing to manage more distributed infrastructure, these businesses are experiencing other barriers, such as the need for software updates to accept payments that are not available and the impact it can have on the checkout process." For years, cybercriminals have made use of skimmers, devices capable of stealing magnetic stripe data from point-of-sale (POS) systems.
In the past, such devices have largely been used with ATMs.

But the increasing popularity of self-checkout terminals in retail outlets opens new opportunities for criminals to use the devices.

EMV chips help defend against skimmers if the technology is used, but current adoption levels lead Experian to predict that at least one major national retailer will be hit with a significant skimming outbreak in 2017. To combat this, Experian says that while there are legitimate barriers to merchants adopting EMV Chip and PIN technology, the risk of not doing so has become too high to ignore. "It is essential that companies behind the curve speed up their plans for EMV Chip and PIN adoption," the report said. "Both retail companies and consumers need to maintain security best practices during this time of ongoing transition and recognize that cyber criminals may shift their focus but won't be completely deterred. Paying close attention to potential weak spots, including catching POS simmers quickly, can help mitigate potential fallout." 5.
International data breaches will cause big headaches for multinational companies Experian believes that breaches involving the loss of international consumers' data will cause the most significant damage in 2017, especially once the new GDPR (General Data Protection Regulation) in the E.U. goes into effect.

Experian notes that new regulations will also soon take effect in Canada, and Australia is also considering a data breach bill. A recent Ponemon Institute study found that 42 percent of companies have not included processes to manage an international data breach in their incident response plans. "The 72 hour notice requirement to E.U. authorities under the GDPR is going to put U.S.-based organizations in a difficult situation," says Dominic Paluzzi, co-chair of the Data Privacy & Cybersecurity Practice at McDonald Hopkins. "The upcoming E.U. law may just have the effect of expediting breach notification globally, although 72 hour notice from discovery will be extremely difficult to comply with in many breaches. Organizations' incident response plans should certainly be updated to account for these new laws set to go in effect in 2017." "Clearly, the biggest challenge for businesses in 2017 will be preparing for the entry into force of the GDPR, a massive regulatory framework with implications for budget and staff, carrying stiff fines and penalties in an unprecedented amount," adds Omer Tene, vice president of Research and Education for International Association of Privacy Professionals. "Against a backdrop of escalating cyber events, such as the recent attack on Internet backbone orchestrated through IoT devices, companies will need to train, educate and certify their staff to mitigate personal data risks." Experian predicts the lack of preparedness, and the high stakes involved, mean at least one U.S. multinational will take a significant hit to its valuation in 2017 due to an international data breach. Experian recommends companies confront this threat by working to comply with the new rules, including "dry runs" to ensure they are properly prepared. This story, "5 data breach predictions for 2017" was originally published by CIO.

7 Ways To Fine-Tune Your Threat Intelligence Model

The nature of security threats is too dynamic for set-and-forget. Here are some ways to shake off that complacency. 1 of 8 We look at threat intelligence as the active, selective gathering of multiple threads: The latest malware variants, a new twist on ransomware, some nefarious innovation on social engineering, DDoS stratagems, to name a few.  These services are as different from old-school security feeds as sprinkler systems are from fire hydrants.
Security feeds vacuum up (and disperse) everything in their wake; threat intel is, well, more intelligent, not to mention curated and customizable. One of Dark Reading's columnists summed up the difference more succinctly: There's data, and then there's information – in the case of threat intel, it's specific data that allows users to gauge exposure and risk, then act accordingly.

Business, government and non-profits see the value of threat intel; global service revenue is forecast to top $5.8 billion by 2020, according to Markets and Markets. But the set-and-forget mentality is an occupational hazard in all of IT; seasoned infosec professionals understand the security landscape changes too quickly to relax for very long.
So here are some flash points to help guard against complacency with threat intel, and maybe even raise your organization's security IQ. What's worked for you and your organization? What's overblown marketing hype? We know you won't be shy about letting us know in the comments section… let us hear from you. Terry Sweeney is a Los Angeles-based writer and editor who has covered technology, networking, and security for more than 20 years. He was part of the team that started Dark Reading and has been a contributor to The Washington Post, Crain's New York Business, Red Herring, ...
View Full Bio 1 of 8 More Insights

5 key technologies to double down on now

With digital transformation dominating the business agenda, IT pros are under pressure to create a modern-day tech foundation sturdy enough to drive that change as they head into 2017. What milestones are they aiming for in the year ahead? Where should they direct their limited resources? According to Computerworld’s Forecast 2017 survey, IT professionals will prioritize security, analytics, XaaS or “as a service” technology, virtualization and mobile apps in the coming year.
If you’re thinking of adding those technologies to your own 2017 to-do list, read on for findings from our survey, along with real-world advice from other IT leaders. 1.
Security High-profile corporate data breaches, politically charged cyberattacks like those against the Democratic National Committee (DNC), and the October DDoS attack that took down much of the internet have kept security front and center this year, prompting many in IT to ramp up strategies and add layers to their lines of defense. In Computerworld’s Forecast 2017 survey, 47 percent of the 196 IT professionals polled said they plan to increase spending on security technology in 2017, and 14 percent chose security as the most important technology project currently underway at their organizations. Moreover, 15 percent of those surveyed said they expect security to be their top leadership challenge over the next 12 months, and another 15 percent said they’re currently beta-testing enterprise security technologies.

Even those not pursuing specific security initiatives have security on their minds: 19 percent of the respondents said their primary goal for their most important project is “to meet security, privacy or compliance goals.” At Global Strategy Group, a New York-based public affairs and political research firm, security is always a priority, but it’s at the very top of the list this election year. “As a firm that works with the DNC, security has always been a top thought, but when it becomes front page news, everyone is looking at it,” says Andrew Ho, the firm’s vice president of technology.

Global Strategy plans to tighten things up over the coming year with tools like single sign-on and multifactor authentication, but Ho says it’s really less about the technology and more about changing employee behavior. “We’re definitely looking at new technology, but it’s 70 percent about the culture,” he says. “It’s about changing people’s behavior and thinking through the psychology of what really gets hacked.
It’s not necessarily about a stronger firewall, but about people realizing they can’t do things like use the same passwords for everything.” Hiring more people to confront security challenges is another common tactic. Of the Forecast survey respondents expecting to add new employees this year, 30 percent said the reason was to bolster security initiatives, with 26 percent of them saying they anticipate new hires in the areas of security, compliance and governance. They might have trouble finding qualified talent, however: One-quarter of the survey respondents with hiring plans ranked security as the most difficult skill to hire for. 2.

Analytics As companies double down on their efforts to get closer to customers, data has taken on critical importance, with analytics serving as a springboard for success. Organizations are stockpiling data on web traffic, customer preferences, buying behavior, real-world product performance and more, creating a potential gold mine of insights—if they adopt the right strategy and use the right analytics tools to make sense of everything they collect. Some 38 percent of survey respondents said they plan to increase spending on data analytics (a category that includes big data, enterprise analytics, data mining and business intelligence tools) next year, and data analytics was No. 4 on the list of technology projects that respondents cited as their organizations’ most important initiatives. Moreover, 21 percent of respondents said their organizations are engaged in a beta test of a big data project, and nearly 30 percent pegged big data/analytics as the disruptive technology most likely to impact their organization over the next three to five years. In Edmonton, Alberta, the city government has made analytics an organizational focus for 2016 and 2017.

The plan, currently underway, is to build a federated-style data warehouse linked to data marts, leveraging big data tools like Tableau for visualization. “The goal is to break down barriers and let previously siloed information be available and useful to others to enable better decision-making,” says Bruce Rankin, service support lead for the municipal government’s Spatial Centre of Excellence. Global Strategy Group’s Andrew Ho It’s a similar story at Global Strategy Group. Over its 20-year history, the firm has collected tons of data on elections, and it’s using analytics to identify trends, says Ho. The next step is to take open technologies like R, a programming language tuned for statistical computing, and visualization capabilities like Tableau and remake static PowerPoint presentations into something dynamic that can reflect trends in polling. “We want to put an iPad in front of a client, change a variable here or there, and see how the trends change,” he says. “It’s a practice we started this year.” 3. XaaS Another year in and there’s no stopping the cloud computing juggernaut, especially as companies retool IT infrastructure for digital transformation. The “as a service” trend continues to gain traction, with 33 percent of survey respondents reporting that their organizations are planning to increase spending on software-as-a-service (SaaS) offerings next year, putting SaaS at No. 5 on the list of respondents’ most important technology projects. At the same time, 24 percent of those polled said they intend to spend more on platform-as-a-service (PaaS) technologies and 27 percent said they will put more money toward infrastructure as a service (IaaS) in 2017.

And finally, 29 percent of respondents expect cloud or SaaS systems to be the disruptive technology that has the most impact on their business over the next three to five years. As interest in hosted systems gains steam, 13 percent of the respondents said they’re beta-testing SaaS offerings, while 12 percent are taking PaaS for a spin and 8 percent are piloting IaaS. With all of that cloud activity underway, IT leaders are looking to expand their teams’ skill sets: 26 percent of survey respondents who plan to increase head count in the next 12 months said they intend to hire people with cloud and SaaS skills, putting cloud/SaaS expertise at No. 5 on the list of skills they’re seeking. Roche Bros., a 20-store Boston-area grocery chain, is moving as much of its infrastructure and applications as possible to the SaaS model, says John Lauderbach, the company’s vice president of IT. Human resources applications, sign and tag printing systems, backup and recovery tools and even mainstream productivity applications have all been moved to the cloud, helping to reduce costs and provide better reliability and 24/7 availability, according to Lauderbach. “We are four people [in IT], so for us to manage servers, facilitate patches and do backup and recovery work is a lot,” he says. “There are people who do this for a living who can do it better than we can.” 4. Mobile apps As smartphones and tablets become standard fare for consumers and employees alike, IT groups are racing back to the drawing board to retool existing applications to be mobile-friendly while creating new mobile apps to court customers and gain competitive advantage. In our Forecast 2017 survey, 35 percent of those polled said they plan to increase spending on mobile systems next year. Nearly 10 percent said they’re beta-testing mobile apps, while 21 percent of those with hiring plans said they hope to add people with mobile application and device management skills. Mott Community College’s Cheryl Shelton Mott Community College in Flint, Mich., has a mobile app to facilitate student services, but it’s also in the process of revamping its website to make it more mobile-friendly.
Students want access to critical information on their go-to mobile devices, though they aren’t married to the idea of a single-purpose app, says CTO Cheryl Shelton. “We decided to go with an adaptive web design because an app doesn’t fit our culture,” she says. “We decided to build a robust website and make that work for mobile instead of limiting ourselves and wasting a lot of time keeping an app up to date.” 5.
Virtualization The march toward wholly virtualized IT environments rolls on.

Companies are virtualizing more than just desktop systems these days and are beginning to expand their efforts to areas like servers, networks, storage and even mobile infrastructure. Some form of virtualization will be on the docket for 29 percent of survey respondents in 2017, and of those who are planning hiring increases next year, 18 percent said they will be looking for people with expertise in virtualization. Desktop systems are still the most common targets of virtualization initiatives—16 percent of respondents to the Computerworld Forecast 2017 survey said they currently have desktop virtualization beta tests underway.
Storage is the second most common technology to be virtualized, with 11 percent of respondents saying they’re beta-testing such systems, followed by server virtualization (being beta-tested by 10 percent of those polled), mobile virtualization (8 percent) and network virtualization (7 percent). Roche Bros. has already gone all-in with virtualization, using the technology for desktops, servers, networks and storage, says Lauderbach. “Everything we have is already virtual,” he says. Similarly, the Edmonton city government has been pursuing infrastructure virtualization projects for years, says Rankin. “Virtualization keeps going and growing, but it’s not at a point anymore where it’s strategic—it’s just what we do,” he says. The year of the customer IT leaders are adopting and applying these five technologies with specific business outcomes in mind. One of the most important is customer satisfaction. Nearly half (48 percent) of the respondents to the Computerworld Forecast 2017 survey said improving customer satisfaction or the customer experience was the most important business priority for IT in the coming 12 months. That makes sense to Global Strategy Group’s Ho, whose goals for 2017 include improving the customer experience. “IT is here to serve the business; our business isn’t IT,” he says. “Customers and users are the ones that need to be happy and able to do their work well.

The way that happens is that we make their experience as great as possible.” This story, "5 key technologies to double down on now" was originally published by Computerworld.

SAP Chief Security Officer Details Approach to Infrastructure and Software Security

VIDEO: Justin Somaini, Chief Security Officer at SAP discusses his role and what it takes to secure SAP's infrastructure, employees and software. Justin Somaini became the first Chief Security Officer (CSO) at enterprise software vendor SAP on January 1, 2016, in a bid to help further improve security.

As the first CSO ever at SAP, Somaini has helped to define his own role and the role of security within multiple aspects of SAP's global organization, including both infrastructure and product security.In a video interview with eWEEK Somaini said that the role of the CSO at SAP is to own security end-to-end within the organization, which also includes making sure that employees and end-user devices are secured.Somaini explained that SAP uses a long list of security technologies to protect employees, including end-point protection, forensic analysis capabilities, network segmentation, network access control and vulnerability scanners among other tools."Where we really find the interesting challenge is where the solutions have weaknesses that can be augmented by some of the more innovative solutions in the market," Somaini said. To that end, Somaini noted that he does take interest in emerging technologies from security startups that include Endpoint Detection and Response (EDR) and protocol inspection approaches. Somaini is also making use of SAP technology extensively to help secure the organization, including SAP's GRC (Governance Risk and Compliance) platform. He explained that with SAP GRC he's able to pull in all the signals and feeds from the various security tools and processes in use across the company, to continuously report on the company's security posture.There are several key security metrics and regulatory compliance directives that SAP's security efforts track.
Somaini said that when reporting on security, he really wants to provide visibility into the company's Key Performance Indicators (KPIs).

That is, what is the impact of security to SAP's revenue stream, reputation and business operations.SAP also tracks metrics on vulnerability reporting and how fast new issues are detected and fixed.

Among the key issues that Somaini tracks is whether SAP is actually getting better at reducing the number of vulnerabilities over time."One of the benefits of actually working at SAP, which creates products that help to manage businesses, is we can actually hook into the general ledger," Somaini said.As such, Somaini's team can identify what a given system is running and how it relates to the overall business operations of SAP. With that insight, Somaini can forecast what impact a potential compromise of a specific system might have on SAP's revenue."Pulling in the end-to-end model on the revenue chain is one example of how you take a security related topic in a business context," Somaini said.From a software development perspective, SAP also embraces a secure software development model that is based on the ISO 27034 application security guidelines.

From a developer lifecycle perspective, Somaini said that SAP runs many different tools to help improve code security.Watch the full video interview with Justin Somaini, CSO at SAP, below:  Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com.

Follow him on Twitter @TechJournalist