In the new digital age, anyone can fall prey to cyber crime

This year, South African business will continue to embrace digital transformation. From network-connected smart TVs and photocopiers to air-cons in the boardroom for greater convenience, and the wider adoption of cloud, employees are able to work anytime and anywhere, using smartphones, tablets and even smart watches.

And we can expect cyber criminals to slap their keyboards with joy for the opportunities the growing ‘digital business’ brings.

Well-reported cases show that even large and well-resourced organisations fall victim to cyber attacks, and they’ve suffered data theft, interruption of services or reputational damage as a result. In parallel, security budgets have increased faster than any other, and most companies have board-level visibility and backing for security. Despite the increased investment and business backing, chief information security officers (CISOs) are facing a security challenge greater than any seen in the past 10 years.

Why is this?

For many years, digital security has operated on the principle that you can keep attackers out. Our defence systems attempt to do this by guarding the perimeter of the network, with tools such as firewalls, anti-virus programs and patching. However, it’s clear that this current approach is outdated and ineffective against today’s advanced cyber threats. Sophisticated cyber attackers are capable of ‘bypassing’ the perimeter, and insiders are, by definition, already operating within the firewall. Breaches are a reality within our organisations, whether we know it or not!

We must also accept that cyber security is not just a technical challenge. Human ingenuity and creativity has made it extremely difficult to second-guess how an attack might present itself, or understand in advance which employee or insider poses the greatest risk to your organisation. This new era of cyber threats calls for technologies that can deal with subtlety and uncertainty, and empower individuals to take informed decisions that will tangibly minimise risk, as well as take action in real-time (actionable intelligence).

Why change?

Legacy security defences are also over-reliant on signatures and rules, which by definition can only stop pre-identified threats. As attack methodologies continue to evolve at speed, rules are continually outdated and outmanoeuvred. Would-be attackers may make fractional changes to their binary appearance within a network to evade a signature scan, socially coerce a user into clicking a malware packaged in an attachment to an e-mail, or use other readily available methods to subvert existing security systems.

The insider, an employee, is most likely using authorised access to applications to steal data or execute transactions for personal gain. They may have similar objectives to the criminal, but they will be approaching the objective in a different manner. If we accept the new reality of cybe rcrime and consider this against current SecOps’ modus operandi and the associated cost, we need to ask if we’re getting a return on investment. Are the operating investments delivering measureable improvements in our security posture? These are definite reasons for a change in strategy, technology and execution.

Next-generation digital security

There are several key requirements for effective cyber-threat management – these include comprehensive capture of activity and traffic across users, systems and networks; real-time detection and analysis of anomalous behaviour and malware; advanced visualisation and alerting of threats; and automated remediation and recovery of breaches.

The technologies that come together to deliver the functionality have similar characteristics in that they exploit major advances in machine learning, mathematics and big data in their solutions. No sign of a signature, no rule to be written, no trawling of millions of events, and no waiting for a patch!

So, what makes the emerging security technologies so different? Take a look at Darktrace, one of the leaders in this field. Darktrace’s unique technology is powered by advanced machine learning, allowing it to self-learn what is normal for a company’s network environment, so that it can then determine if any behaviour is abnormal – the business ‘pattern of life’. This allows it to detect outliers to these learned patterns, as they emerge, which may represent a serious threat – cyber attacks of a nature that may not have been observed before, the unknown unknowns. Darktrace does this through the use of advanced mathematical models to establish an evolving understanding of every device, user and network, and stay ahead of developing advanced persistent threats (APTs), insider attacks and other live-threat scenarios.

Enterprise-wide threat visibility is key, and this is mirrored by the need for capabilities that take ‘action’ on intelligence. We need to protect the enterprise’s assets (servers, applications, client devices, etc) that are of criminal interest. Consider the challenge of end-point security – that never-ending cycle of patching and anti-virus updates – and that SentinelOne, an innovative start-up, is changing the end-point game using machine learning to deliver protection against targeted attacks, advanced threats, and zero-day attacks. SentinelOne’s dynamic execution inspection detects advanced threats, provides automated mitigation, and generates real-time forensics.

It’s not only that the sophistication of cyber attackers has developed out of all recognition, but the changing IT landscape also compounds this problem. Just consider cloud, a hot topic in South Africa at the moment. Cloud is now a part of our lives, so why not apply innovation in this space, too?

The use of machine learning and big data for cyber threats is almost mainstream, enabling next-generation SecOps. Looking forward, we should see software-defined security, decoy and deception, and micro-segmentation techniques adding significantly to our defence capabilities.

With next-generation technologies, a company’s CISO will regain the advantage that comes with visibility, early warnings and automated responses and remediation. So in the event of a compromise, the organisation is confident of the capabilities to act before a real crisis occurs.

To learn more about a suitable approach to managing your cyber threat, contact Blue Turtle for a consultation at +27 (0) 11 206 5600 or info@blueturtle.co.za.

Data security through the lens of an IT security industry expert

Security concerns loom in today’s complex, ever-changing environment, with employees seeking mobile convenience and organisations trying to ensure that these demands do not compromise security. Several IT policies and practices are being pushed to the limits with the escalation of security threats and the resulting requirements for greater compliance.

According to the Global State of Information Security Survey 2016 Report, there has been an increase in the theft of sensitive and confidential data. The report uncovers a multitude of significant areas around how companies are trying to protect their data, and the most prominent data security challenges facing business IT in the year 2015 – 2016. These facts alone should encourage every company to tighten its data security policies and capabilities.

Data Security is the main priority for organisations of all sizes. There is no doubt that big data security is one of the key pillars of making big data ready for analytical success. Successful organisations are moving beyond traditional and superficial approaches to security to focus on more intelligent and metadata driven approaches to data security. By leveraging a systematic understanding of big data, enterprises can more holistically improve their big data security positions and ensure big data remains an asset, and not a liability.

One of the major issues with big data is the rate at which it is growing and volumes of data that are being added each day. Although detection technologies and threat intelligence sharing are improving in many cases, many businesses are still not able to prevent a breach, which is something that can have huge legal and financial consequences as well as a significant loss of customer trust and reputation.

Martyn Healy, Director at Blue Turtle states that: “When it comes to matters related to security, the African continent as an emerging market is a target and as the use of big data analytics increases, the range of data sources will spread. One of the key messages that I would like to get across is that big data analytics is not just about log analysis; it is about seeing a wider picture. In order to balance the business benefits of big data analytics with the cost of storage, organizations need to regularly review the data that they are collecting, why and for how long they need it, and where and how they store it. Approaching data differently ensures that organizations ultimately protect their sensitive data and will go on to achieve their compliance objectives.”

Resources

The Global State of Information Security Survey 2016: http://www.pwc.com/gx/en/issues/cyber-security/information-security-survey/download.html
The 2015 Internet Security Threat Report: https://know.elq.symantec.com/LP=1542
Data Threat Report: http://www.vormetric.com/campaigns/datasheet/2016/

 

Blue Turtle and Experitest Partner to Offer end-to-end Mobile Testing Solutions Throughout Africa

Blue Turtle, one of South Africa’s largest enterprise solutions companies, and Experitest, the world’s leading provider of quality assurance tools for mobile DevOps including test automation, manual testing, performance testing, load testing and monitoring for mobile applications, entered into a partnership that allows Blue Turtle to offer Experitest’s end-to-end mobile application testing tools to businesses worldwide.

This partnership will enable Blue Turtle to improve their client’s productivity with a continuous testing process using Experitest’s onsite cloud-based architecture, while covering all operating systems and all mobile devices including the newest models. Blue Turtle will immediately be able to begin using Experitest’s new SeeTest Load tool, along with their revamped Network Virtualization software.

“Partnering with Experitest who are globally renowned for their end to end mobile testing solution suite is perfect as Blue Turtle recognizes the significant demand for a mobile application testing tool that includes cutting edge capabilities in network virtualization, and load in the African region,” said Justin Arnoldi, Application and Data Management Business Manager at Blue Turtle. “There is a startling push to make the internet available to over 1 billion people of the world’s second largest continent, primarily through smartphones.” Experitest offers mobile test automation for both functional and performance testing, with a cloud solution that enables our clients to perform the most comprehensive mobile testing regimen in the most efficient amount of time.”

“We see a huge opportunity in this new partnership. Mobile growth in Africa is the highest in the world,” explains Tal Barmeir, CEO of Experitest, “SeeTest tools meet all the needs for today’s mobile application, integrating with all major continuous integration platforms, and all ALM environments. An enterprise can meet all of its mobile testing needs in one place, while expanding its productivity dramatically using a mobile device lab running on SeeTest Cloud.”

 

Blue Turtle reinforces Information Protection and Control by joining forces with Secure Islands

Secure Islands Extends Partner Program to Offer Advanced Information Protection and Control Solution in Southern Africa with Blue Turtle partnership

Secure Islands, the leading provider of advanced Information Protection and Control (IPC) solutions, today announced that it has signed a partnership agreement with Blue Turtle Technologies, a leading technology management company based in South Africa. The partnership enhances Blue Turtle’s  data protection offering, allowing it to include next-generation DLP, Data Classification, and IRM solutions into its portfolio of data security services.

Blue Turtle, as Secure Islands re seller in Southern Africa, features Secure Islands’ IQProtector™, a persistent, active Data Immunization technology, which offers a unique paradigm that is fundamentally different from other existing solutions: automated, policy-driven classification and protection at the very beginning of the information life cycle. In addition to enhanced data protection, IQProtector intelligently allows organizations to map their information assets to understand where information is created, analyzes and classifies the data by multiple configurable criteria including content and context (i.e. usage, data type, source, user etc.).

“As organisations increasingly turn to the cloud, they now have the opportunity to streamline their entire data management approach with Secure Islands IPC platform,” said Justin Arnoldi, Application & Data Manger at Blue Turtle.  “The ability to classify and protect data upon creation ensures data integrity without having to tightly control the flow of data.  It’s a brilliant approach to securing data that will deliver our clients unprecedented peace of mind. We are excited to have Secure Islands as a partner and look forward to introducing their high standards for information protection.”

“We are happy to expand our reach in South Africa with a strong partner like Blue Turtle,” said Guri Geva, VP Sales EMEA for Secure Islands. “Leading organizations across the globe already embrace our data immunization technology that makes for true, persistent classification controlled encryption management. Coupled with Blue Turtle’s application expertise we bring our customers a clear added value.”

Blue Turtle Chooses TrapX Security’s DeceptionGrid for its Security Service Portfolio

TrapX Security™, a global leader in advanced cyber security defense, today announced that Blue Turtle, leaders in solutions for optimization and management of IT systems, has chosen TrapX DeceptionGrid™ to expand its security service portfolio. The partnership helps solidify TrapX’s growth in South Africa by providing Blue Turtle’s customers with the industry’s leading deception-based technology.

DeceptionGrid automates the deployment of a network of camouflaged malware traps that are intermingled with real information technology resources. If malware touches DeceptionGrid just once, it sets off a high-confidence alert. Real-time automation isolates the malware and delivers a comprehensive assessment directly to an organization’s security operations team.

“We offer a comprehensive network security portfolio of products to our customers,” said Martyn Healy, Marketing Director at Blue Turtle. “But, as we’ve seen in recent months, there’s always going to be some element of risk even to organizations that have bottomless pockets and spend untold millions attempting to build a fortified network perimeter. We are excited to partner with Trapx, as we believe that TrapX DeceptionGrid seeks to offer an extra layer of protection and mitigation that’s been proven reliable in case an attacker does manage to penetrate our perimeter defenses.”

“The fact is there is no one foolproof way to protect an organization’s data against aggressive attackers and crime syndicates. It’s no longer a question of ‘if’ a large organization has been penetrated, but ‘when,” said Carl Wright, General Manager of TrapX Security. “What’s important is a layered security approach that includes a fully-featured firewall, endpoint and deception protection. A properly configured network security stack with DeceptionGrid substantially reduces the time to breach detection and practically eliminates false positive alerts, which is one of the biggest complaints coming out of IT departments today. We are pleased to be offering Blue Turtle’s customers peace of mind that our software will help protect them from the latest malware and advanced persistent threats.”

Blue Turtle offers innovative solution for emerging Cyber Threat with Darktrace partnership

Blue Turtle Technologies, a leading security solutions provider and Darktrace, the leader in Enterprise Immune System Technology, have announced a strategic partnership to deliver Darktrace’s award winning cyber defense technology to the South African market.

Acknowledged for its expertise in providing best-in-class technology management solutions.  Blue Turtle offers carefully selected world-leading products to enhance the performance and efficiency of its customers’ digital environment. Partnering with Darktrace allows it to strengthen its cyber security defense platform and deliver the self-learning Enterprise Immune System to its customers, enabling them to detect advanced cyber threats that pass undetected through traditional perimeter defense solutions.

Darktrace’s innovative technology is based on unsupervised machine learning and mathematics developed at the University of Cambridge. The Enterprise Immune System monitors large volumes of data within networks on a 24/7 basis and ‘learns’ the pattern of life for every device, individual user and network. In achieving this understanding of an organisation’s ‘self’, Darktrace can spot new, emerging behaviors that fall outside this pattern of normality. Users benefit from an unparalleled visibility of their network, are able to address any rising issues early and take proactive measures to mitigate the risk.

“As disruptive cyber-attacks are becoming more effective at breaching security defenses, our partnership with Darktrace can provide great benefits to the Southern Africa market. Darktrace’s immune-system approach assists large organizations and government bodies in detecting behavioral anomalies in real time, allowing organizations to take timely action,” said Ronnie Koch, Infrastructure Security Architect, at Blue Turtle. “By detecting them earlier, they are able to protect themselves against advanced attacks and data compromises from within the network.”

“We are delighted to be working with Blue Turtle and extend the Enterprise Immune System to South African market,” said Nick Trim, Managing Director EMEA, at Darktrace. “Darktrace’s self-learning technology and unique approach to tackling sophisticated cyber threats helps organizations build resilient defense strategies and protect their reputation in an increasingly complex threat landscape.”

Blue Turtle unveils advanced BMC Control-M 9 Platform

Blue Turtle assists in delivering high-speed IT innovation for faster application deployment with built-in stability for optimal production performance with BMC Control-M 9

Delivering services at the speed of digital business is a major challenge for most enterprise IT organizations. To meet this need, Blue Turtle, as the leader in solutions for optimisation and management of IT systems, announces the general availability of Control-M 9, the latest version of its industry leading workload automation solution, which accelerates application time-to-value while simultaneously delivering stability, lowering operating costs, and increasing enterprise application services performance.

BMC’s Control-M 9 is a part of Blue Turtle’s Business Service Management platform and a part of BMCs Digital Enterprise Management strategy designed to make digital business fast and seamless and optimize every environment from mainframe to mobile to cloud.

High-speed IT innovation requires companies to deliver continuous application availability while simultaneously maintaining stability, control, and enterprise application services performance. The Control-M 9 solution enables competitive advantage by providing both IT operations and application developers with a new way to collaborate by automatically promoting application workflows across the stages of development through production with built-in stability and production performance.

“Control-M 9 is a game changer for companies that must deliver high-speed IT digital innovation,” said Gur Steif, president, BMC Workload Automation. “Our new automated application promotion gives the Ops and AppDev teams a friction-free way to meet their simultaneous need for speed and stability. With a host of other innovations that reduce total cost of ownership and improve business value, Control-M 9 delivers better bottom line business results.”

The Control-M 9 solution continues to improve workload automation services’ performance, usability, and cost reduction. New capabilities include risk-reducing high availability, out-of-the-box single view predictive analytics across the enterprise, automated agent and client deployment for faster upgrades, and maintenance, and improved data security. The solution also provides native interface capability to any application with Application Integrator, open platform support for JDBC-compliant databases, and a native interface for Apache Spark, complementing the Control-M solution’s leading position in native Big Data application integration support.

“BMC has made several enhancements that stand to improve workload automation services”, said Neil Cullum, Principal Control M Specialist at Blue Turtle. “We are excited about the Control-M 9 features, our clients will leverage the capabilities within Control-M to overall improve the value of their business and of course, delivering the applications faster.”

“Control-M 9 offers BMC’s customers an important set of enhanced automation capabilities that enable both IT operations and application developer teams to simplify and streamline complex business process workflows and data transformations,” said Mary Johnston Turner, research vice president for Enterprise Systems Management at IDC. “Control-M 9 is a vital part of BMC’s broader Digital Enterprise Management portfolio. By enabling customers to reduce operational complexity and cost-effectively link traditional compute platforms with emerging cloud and mobile applications, Control-M 9 will help many organizations execute their digital business strategies while continuing to maximize the value of existing applications and infrastructure.”

The next generation of leading workload automation software is now available, contact us for a consultation at (011) 206 5600 or info@blueturtle.co.za.

Blue Turtle named BMC Software Partner of the Year 2015

Blue Turtle Technologies, leaders in solutions for optimization and management of IT systems, has announced that it has again been recognized by BMC Software, one of the global leaders in enterprise service management, as the Partner of the Year 2015.

The award was presented at the BMC Africa Day event held at The Campus in Johannesburg. Blue Turtle, a BMC Partner for over 10 years, provides the full range of BMC Enterprise Service Management software. Solutions that provide for optimised operation, delivery and management of IT Services, whilst enabling the move to Digital Service Management.

Blue Turtle named Top Africa Partner 2015

The BMC Software Partner Award is given to partners that have demonstrated excellence in delivering BMC Software based solutions over the past year. This award recognizes Blue Turtle for significant growth in the adoption of BMC software, excellent customer support, and solution delivery in South Africa and Africa.

“This accolade comes after another great year of customer and market growth for the Blue Turtle team,” said Geoff Van Den Bosch, Managing Director at Blue Turtle. “Our customers can be assured that our vendor partners acknowledge our accomplishments and believe in the way we conduct our business. In addition, it confirms our continued investment and position as the leading provider of BMC Software and services in the region.”

 

Blue Turtle announces partnership with Bizagi to drive BPM adoption in SA

 

Depth and breadth of combined services plus a state-of-the-art BPM platform create a perfect combination to deliver value to a very attractive market

Blue Turtle Technologies announces its partnership with Bizagi Ltd, the global Business Process Management (BPM) software author, to jointly offer BPM solutions to the South African Market.

Under this partnership, Blue Turtle will be able to complement its consultancy portfolio, with Bizagi offerings in order to help its customers gain better control over their processes and improve their performance. “Partnering with an organization such as Bizagi, who are globally respected for implementing highly functional business process management solutions, is an exciting opportunity for Blue Turtle,” stated Justin Arnoldi, Application and Data Business Manager at Blue Turtle. “Clients looking to implement highly intuitive, mobile ready solutions, now have the tools necessary to deliver tangible results fast.”

 

Gustavo Gomez, Bizagi CEO, says: “We’re excited by the opportunity to work with Blue Turtle. The business value that customers such as Old mutual have already achieved can now be more effectively delivered to other businesses in the region. The partnership with Blue Turtle opens up new markets and new opportunities for Bizagi, while giving our SA customers a local partner they can rely on; together we can deliver enterprise best practice at a global level.”

 

Further information:

Toad for Oracle 12.7 is coming soon – Be a Part of It

 

The latest version of Dell Software Toad for Oracle is coming soon! All systems are on track and we are scheduled for a mid-June, 2015 release. This release has several interesting new features that will enable you to work more efficiently in teams, work more productively, and streamline some of the features you’ve grown to love. New features include:

  • Integration with Toad Intelligence Central to share files between Toad userstoad-world-logo
  • Centralized Code Analysis with management Analytics web interface
  • Rewritten Team Coding
  • Support for Oracle 12c InMemory
  • New, modern SQL editor
  • New Code Assist

Get a sneak peek of what’s new in this new YouTube video from product manager Brad Wulf on What’s New in 12.7 . Contact the Blue Turtle team to find out more on this release or follow Toad for Oracle blog on ToadWorld for more info.