Fear, Uncertainty and Doubt (FUD) has been a factor in technology adoption since, well since forever. And that there’s FUD around cloud adoption driven by data security concerns is a no brainer. Sure, companies can go for all sorts of security certifications, but it’s unclear that accreditation will ease cloud anxiety.
Fanning the FUD flame this week was a new report (PDF here) from the Commission on the Theft of American Intellectual Property estimates that IP theft costs the U.S. economy $ 300 billion per year. Not surprisingly, China was fingered as the chief culprit, although Russia and India were also named as problem children here.
The panel, Reuters reported, wants to anoint the president’s national security advisor as grand poobah of a ramped-up effort to protect intellectual property. Bad behavior should be met with banking sanctions, import bans and financial blacklisting, according to the 89-page report. (In related news, former CIA Director James Woolsey this week warned that the U.S. is at risk of a cyber attack from North Korea which truly is scary. At least Chinese motives seem rational.)
Security, or lack thereof – is one big de-motivating factor when it comes to moving more corporate workloads to the cloud– or allowing employees to use their personal smartphones at work for that matter. But it would foolish for security vendors to waste a good crisis.
This week Verdasys, for example, launched an update to its managed security service to extend protection to users’ end-point devices. Expect a raft of similar offerings and updates to come.
Security guru Dan Geer says high-stakes hacking is now a way of life and the best any company can do is to mitigate, not eliminate, risk.
“If your enemy really is the People’s Liberation Army, what can you do? We can sputter about it but they’re serious and they’re good,” he told me in an interview last week. “The most serious attackers will probably get in no matter what you do. At this point, the design principal, if you’re a security person working inside a firm, is not failures, but no silent failures.”
The key is to know as soon as possible that a breach has occurred and to react fast.
Other than that, key design points are to keep things patched and to put firewall filtering both on incoming and outgoing traffic, said Geer.
Other key cloud news from around the web
From PC World: Nvidia, Citrix crank up virtual desktop delivery
From The Guardian what CIOs should know about : Public,private or hybrid cloud.
From GigaOM: How Amazon’s cloud competitors are trying to find cracks in AWS armor
Citrix Synergy 2013 live blog from Brian Madden.
And now, for your moment of Zen
With apologies to Jon Stewart:
Photo courtesy of Flickr user annabellaphoto
Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.
- Infrastructure Q1: IaaS Comes Down to Earth; Big Data Takes Flight
- Cloud computing 2013: how to navigate without a map
- Infrastructure Q4: Big data gets bigger and SaaS startups shine