New podcast episode: securing home working

In the latest episode of my Security Insights podcast, I speak to Amar Singh about steps organisations can take to secure home working.

Amar is the CEO of the Cyber Management Alliance, a cyber security adviser and crisis management firm. Amar is well-known as a security practitioner, speaker, and former CISO.

The CMA recently issued a free-to-use checklist on the steps security and IT teams can take to ensure working from home isn’t opening up businesses to undue risks. To listen to the interview, go over to the podcast on the Security Insights page.

If you are, or know, an expert in security who’d be a good guest for the podcast, please drop me an email. The podcast sets out to address strategic security issues and thought leadership in both the physical and cyber domains.

Upcoming articles: Compliance and Object Storage

I am writing two articles for Computer Weekly’s storage section, one on storage and data compliance for the enterprise, and the other on the growing field of high-performance object storage.

Data compliance

This piece will look at the top 5 UK compliance concerns in 2020.

What are the five key laws/regulations that must be adhered to by UK organisations in 2020, including both current and upcoming legislation. For each we will look at the implications of the law/reg for storage, backup, and archiving.

This could, for example, include legal search and e-discovery, or the Right to be Forgotten under GDPR.

We will also look at how the cloud fits in.

High performance object storage

Object storage has been known as a good way of storing lots of unstructured data, but with less emphasis on performance.

But AI and analytics workloads are prompting storage architects to look at performance too. The feature will cover:

  • Where object storage is heading in performance terms and what’s driving it.
  • Which performance metrics matter
  • How have object storage vendors improved performance?
  • Who are the key object storage vendors that are tackling the challenge of better performance and what do they offer?

The deadline for leads for both articles is Friday 20th March, please contact me by email if you can help.
.

Upcoming commission: the environmental impact of tech

I am writing the following piece for a corporate audience – it will appear on the customer portal of a UK-based banking group.

While Big Tech can demonstrate high-profile efforts to promote sustainability, the true cost of the tech sector to the planet is thought to rival the aviation industry’s carbon footprint. With data centres and AI innovation guzzling energy at the present rate, it’s estimated that powering internet technologies creates 2% of global emissions. How and where in its activities is the sector most energy-hungry, and what steps can be taken to reduce its carbon footprint? Who is innovating in this area and how can their efforts be emulated by smaller companies?

Although we’re highlighting the environmental impacts of the tech sector, the piece will be geared towards potential and actual solutions rather than too much finger-pointing. The focus is larger SMEs and smaller corporates.

The deadline for written comment is 1700 London time on Monday 16th March. However if you would like to set up an interview please contact me as soon as possible, by email.

Upcoming commission: computational storage

For Computer Weekly, I am investigating this emerging technology.

The piece will cover:

  • What is computational storage?
  • What is the architecture/key features of computational storage?
  • What use cases is it aimed at?
  • What are the pros and cons for those that might deploy it?
  • Who are the vendors and what products do they have?

I am looking for expert views – ideally independent — and real-world use cases or case studies. Deadline for leads: Wednesday 4th March, 1700 GMT. Drop me an emailif you can help.

Upcoming article: Flash storage tiers

For Computer Weekly, I am writing a short piece looking at the various tiers of solid-state storage.

What is on the market, how does each technology’s performance differ, and what are their applications? Why do businesses use tiered storage, and where does each solid state technology fit into tiering?

I will cover these storage types:

  • Optane/3D Xpoint/Z-NAND
  • NVMe
  • TLC Flash
  • QLC Flash

If you have market research or other information to share on these, the deadline to contact me — as ever by email — is 1700hrs, Friday 14th February.

Upcoming article: Latest government data breaches in 2019/2020

I am researching an analysis into security breaches in the public sector. We are looking especially at globally significant incidents.

In the piece, we will examine the trend – how did 2019 compare with 2017 and 2018?

Are there any notable changes in geography, or in the type of breach?

Which organisations are being attacked, and is that changing?

What size of incidents are we seeing? Are they larger, or having a greater impact?

The piece will then look at the cost of public sector data breaches, and their impact. And we will ask if there are specific steps public sector IT and security leads should be taking to protect their assets.

The piece will appear in The Daily Swig. This earlier piece in the series, on healthcare, is a guide for what we are looking for.

Submissions of content or suggestions for interviewees, by Thursday 6th February, by email in the first instance.

Upcoming article: a deep dive into DDoS

For The Daily Swig, I’m writing an explainer on DDoS attacks, and how organisations can prevent them.

The article will include:

– A definition of a DDoS attack, and why they happen
– How a DDoS attack works, including its various stages
– Types of DDoS attacks
– Their impact on businesses
– The legal status of DDoS attacks
– Actions organisations can take to prevent or stop attacks and how to mitigate their impact.
We are also keen to include details of recent attacks, and any up to date research on the topic.

The deadline for submission of ideas, leads or content is 1700, on Thursday 21st November.

As ever email is the best way to reach me.

Upcoming articles: Disaster recovery planning, and Disaster Recovery as a Service

For Computer Weekly I am writing two linked articles on DR. The first is a top level overview on disaster recovery planning. The second looks more deeply at Disaster Recovery as a Service – a market analysts say is growing rapidly, and could soon outstrip conventional DR tools.

Essentials of disaster recovery planning

This article will cover the key points organisations need to consider when developing a disaster recovery plan. This will include:

Identifying the risks to of the organisation – this is about more than just IT. It will include physical, human and (cyber) security risks.

Identifying the key components of the IT system and the potential damage downtime or failure could mean to the organisation.

Determining RTOs and RPOs for each component of the IT system.

Developing a response strategy, which can comprise elements that range from premises and people to technology.

How disaster recovery can be provisioned in house, off site and in the cloud

Maintaining the DR plan. How is the plan validated, tested and updated?

Key DRaaS options

This is a drill-down into the key as-a-service options available for DR.

Why is DRaaS changing and how is the cloud influencing this?

What are the key features of:

  • managed,
  • assisted,
  • and self-service DR options

How does each work in terms of infrastructure, data transfer, and recovery etc and which types of use cases, size of organisation etc they are best suited to?

Finally, the piece might add pointers to help IT directors choose the right provision for their business.

Deadlines:

Customer case studies, research reports, technical information and white papers only please for these articles. For the Essentials, the deadline is 1700hrs, London time, Friday 15th November. For DRaaS, the deadline is 1700hrs, London time, Thursday 21st November. Please send information by by email in the first instance.

Upcoming article: SME disaster recovery: Hyper-converged or the cloud

In this follow up piece for Computer Weekly, we’ll be looking more deeply at disaster recovery for the SME sector. The piece will cover:

• The key requirements for disaster recovery

o Why is it simpler than ever for SMEs to achieve effective DR

o What are the key choices (platforms, hardware and software)?

• Plus:

What are the key characteristics of disaster recovery using hyper-converged infrastructure? Who plays in the space and what doing they offer?

• What are the key attributes of the use of the cloud for DR?

• What are the pros and cons of each for SME customers?

For this piece I am open to input from analysts and systems integrators and consultants. We will also consider input from vendors, especially customer examples – but they must be SME, private sector projects.

The deadline for leads is Friday 18 October, 12 noon London time. Please contact me by by email, as ever.

Upcoming article: can the cloud replace tape?

My next article for Computer Weekly will look at whether the cloud will finally see off tape, as the enterprise’s main backup medium.

For years analysts and vendors have predicted the demise of tape, but it lives on. Compared to disk-based backup, tape retains some advantages. And recent ransomware attacks have also caused organisations to look again at tape.

Could the cloud, though, finally see off tape backup? This article will examine the key cloud alternatives as organisations seek to move away from tape, and consider what they mean storage architecture. We will discuss:

  • Tiers of storage are there and how do they relate to each other
  • Difficulties in the (continued) use of tape
  • The key types of cloud products that can be seen as tape replacements
  • How do tape replacement cloud offerings fit with on-premises architectures?
  • Who are they key vendors of cloud tape replacement products and what do they offer

The deadline for submitting spokespeople’s names is 1700 London time, Wednesday 09th October. The deadline for submitting comment is 1700 London time, Monday 14th October. However please do not submit comments without contacting me first.

We welcome input from analysts, consultants and also senior end user IT architects, business continuity or archiving specialists.

Please contact me by by email in the first instance.