Sunday Reading — September 22, 2019

Published in

Enterprise Te.ch

5 min readSep 22, 2019

Are we safer on-premises or in the cloud?: In June, RiskRecon and the Cyentia Institute published their “Cloud Risk Surface report which leverages “a massive dataset supplied by RiskRecon spanning 18,000 organizations and over 5 million hosts yielding 32 million security findings” and is probably one of the most comprehensive studies of its kind. Among their findings…

1. Cloud consolidation is a thing; the top 5 clouds alone host assets from 75% of organizations.
2. Heavy consolidation may impact security; the rate of severe findings are highest when cloud diversity is lowest. Firms with 4 clouds exhibit one-quarter the exposure rate of those with just one cloud provider. Having 8 clouds drops that rate in half again.
3. Overall, organizations are over twice as likely to have high or critical exposures in high-value assets hosted in the cloud vs. on-prem. BUT clouds with the lowest exposure rates do twice as well as on-prem.
4. Some industries appear less cloud-ready than others; the prevalence of cloud-based exposures in the Healthcare sector jumps 4X to 5X compared to on-prem.
5. Size matters; Midsize firms appear a bit better off in the cloud, but larger enterprises tend to manage their internal hosts better.

This excellent report goes further in-depth on specific industries and public cloud providers.

AI disruption of stock photography: Icons8 has just released “a massive free resource of 100k faces generated from scratch” using an AI algorithm trained on tens of thousands of real-life portraits. The resulting headshots can be used by anybody, royalty free, without worrying about model releases or other stock photography issues. From The Verge:

The project’s Product Hunt page lists the team at Icons8, a designer marketplace for icons and photographs, as the creator of the project. The AI-produced images are intended to be used as design elements in anything from presentations to websites and mobile apps. Everything is free to use with link attribution back to generated.photos.

IT service provider breach: Symantec has identified a previously unknown attack group that targeted IT providers as an early stage of a supply chain attack operation. Researchers found the group had targeted 11 IT providers over the past year. From Ars Technica:

The campaign, which primarily infected IT providers in Saudi Arabia, was by no means perfect. A custom backdoor used by Tortoiseshell had a “kill me” command that allowed attackers to uninstall the malware and remove all traces of infection. The presence of this feature suggested that stealth was a key objective in the campaign. But two of the compromised networks had several hundred connected computers infected with malware. The unusually large number was likely the result of the attackers having to infect many machines before finding the ones of interest. Whatever the cause, the large number of infections made it easier to detect the campaign.

Quantum computing: Google claims to have reached “quantum supremacy” with a 53-qubit quantum computer, meaning that it has solved a problem that no classical computer can solve within a reasonable time frame. It is the first time this has been achieved, marking a major milestone in the field of quantum computing. From the Financial Times:

A paper by Google’s researchers seen by the FT, that was briefly posted earlier this week on a Nasa website before being removed, claimed that their processor was able to perform a calculation in three minutes and 20 seconds that would take today’s most advanced classical computer, known as Summit, approximately 10,000 years.

NetApp is Recognized as a Magic Quadrant Leader…Again!

The influential analyst firm, Gartner, recently published the Gartner 2019 Magic Quadrant for Primary Storage1. The Magic Quadrant for Primary Storage replaces two Magic Quadrants: the Magic Quadrant for Solid-State Arrays and the Magic Quadrant for General-Purpose Storage Arrays. Gartner first recognized NetApp as a Leader in their Magic Quadrant for General-Purpose Disk Arrays in 2013, and we remained in the Leaders quadrant for 6 consecutive years. In the Magic Quadrant for Solid State Arrays, we were a Leader for the last three years, starting in 2016. The new report covers AFF, FAS, SolidFire, E-Series and EF-Series systems. In this report, NetApp is named as a Leader based on our ability to execute and completeness of vision, and we positioned highest for our ability to execute. Read more…