Feeds

Tired of arguing with suits? Get ready to argue with engineers!

And you can thank the internet of things for your new collaborators

3 Big data security analytics techniques

Since time immemorial, IT professionals have been told they must serve their employers by delivering infrastructure that ensures both uninterrupted operations and delivers competitive advantage within moments of a new product or service being imagined.

The reality is rather messier, leading to endless commentary to the effect that IT has to stop being the department that says no and instead earn its keep while making chief information officers look good.

Now it looks like IT departments may be about to go through this all over again with a new stakeholder: the operations folks and engineers responsible for heavy machinery.

The reason IT professionals might be about to butt helmets with engineers is the advent of the internet of things, which is finding its way into industrial machinery. That creeping invasion has already been demonstrated to have problems, as every SCADA vulnerability demonstrates. But engineering types, Gartner research fellow Kristian Steenstrup told The Reg today, are reluctant to address problems in part because the suppliers of heavy equipment sell sealed-box products that are sold as just working. Throw in the fact such outfits aren't sufficiently mature software developers that they're tooled up for updates of their products and some heavy infrastructure can operate for years with known vulnerabilities baked in.

That's about to become scary, Steenstrup said, because enthusiasm for the internet of things means heavy infrastructure will soon come online.

Enter IT organisations, who are going to be asked to do for engineering what they've long been asked to do for the rest of a business.

This new conversation may show IT in a good light, Steenstrup said, because IT shops have better software development processes than those in operations. But IT will need to understand what engineers and operational technologists want and need, and that will mean some changes. Common security models spanning infrastructure and IT operations will soon be needed, he said, while software maintenance implementation plans may need to synchronise with plan maintenance schedules.

Gartner has devised a roadmap to help IT and engineering learn how to work together. The Reg suggested that roadmap might be called or lead to something called “EngOps” and Steenstrup smiled. Wanly. ®

SANS - Survey on application security programs

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
Next Windows obsolescence panic is 450 days from … NOW!
The clock is ticking louder for Windows Server 2003 R2 users
Ditch the sync, paddle in the Streem: Upstart offers syncless sharing
Upload, delete and carry on sharing afterwards?
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.