1.
The way of business solutionswww.insightssuccess.com
MAY 2017

2.
lthough all other technology sectors are driven by increasing
Aproductivity and reducing inefficiencies, cybersecurity
spending is predominantly driven by cybercrime. The
increasing cybercriminal activities witnessed all over the world are
generating so much cyber spending, that it has become nearly
impossible for analysts to accurately track the statistics. The global
cybersecurity market in 2004 was worth $3.5 billion, and expected
to be worth more than $120 billion in 2017. So in over 13 years, the
cybersecurity market grew roughly by 35x.
Many corporations are hesitant to announce the amounts of their
increased security budgets because of breaches they’ve suffered, for
fears of antagonizing cybercriminals and reputational damage. Still,
there are some corporations who have stepped up with increased
cybersecurity budgets. Bank of America stated that it has an
unlimited budget when it comes to combating cybercrime. J.P.
Morgan Chase & Co. doubled its annual budget for cybersecurity
sector, from $250 million to $500 million. The technology giant
Microsoft Corp. will continue to invest over $1 billion annually on
cybersecurity R&D. The U.S. Government is planning to invest over
$19 billion for cybersecurity as part of the President’s Fiscal Year
(FY) 2017 Budget. This exemplifies a necessary investment to
secure our Nation in the future with more than 35% increase from
FY 2016 in overall Federal resources for cybersecurity.
Tech is a comprehensive industry with tens of thousands of VARs
(value-added-resellers), IT solution providers, and Systems
Integrators who wrap IT security services around the IT
infrastructures they implement and support — but (most of) these
firms don’t break out and report cybersecurity revenues as a separate
bucket.
As per IT Security Spending Survey — published by SANS Institute
in 2016, most organizations fold their security budgets and spending
into another cost center, whether IT (48%), general operations (19%)
or compliance (4%), where cost line items and security budget are
combined with other related factors. Only 23% track security
budgets and costs distinctly. SANS makes an astute remark which
may account for the shortfall in IT spending projections by some
researchers and analysts.
It is also predicted that cybercrime will continue rising globally and
cost businesses more than $6 trillion annually by 2021. This estimate
is evidently based on historical cybercrime figures including recent
year-over-year growth, a cosmic increase in hostile nation state
sponsored and organized crime gang hacking activities, a cyber-
attack surface of a magnitude that would be greater than it is today,
and the cyber defenses expected to be pitted against hackers and
cybercriminals over that time.
Editorial
Poonam Yadav
The Changing Paradigm
in Budgetary Norms of
Cyber Security

3.
,
Insights Success Media Tech LLC
555 Metro Place North, Suite 100,
Dublin, OH 43017, United States
Phone - (614)-602-1754
Email: info@insightssuccess.com
For Subscription: Visit www.insightssuccess.com
Insights Success Media and Technology Pvt. Ltd.
Ofce No. 513, 5th Floor, Rainbow Plaza, Shivar Chowk,
Pimple Saudagar, Pune, Maharashtra 411017
Phone - India: 020-69400110, 111, 112
Email: meera@insightssuccess.in
For Subscription: Visit www.insightssuccess.in
sales@insightssuccess.com
Corporate Ofces:
MAY, 2017
Database Management Steve
Technology Consultant Vishal More
Circulation Manager Robert
Research Analyst Jennifer
Chris, Alex
Editor-in-Chief Pooja M. Bansal
Ariana LawrenceSenior Editor
Managing Editor Poonam Yadav
Co-Editors
Art & Design Director Amol Kamble
Co-designer Alex Noel
Visualiser David King
Business Development Manager Mathew Smith
Business Development Executive
Marketing Manager Nick
Art Editor Harmeet Singh
Abhijeet Parade
SmithDavid
AndrewsStephanie
Picture Editor Vijaykumar Dudhbhate
7
RoyKaustav

4.
COVER STORY
08
Empowering CEOs in the struggle for
Cyber Security, Governance & Resilience
CXO
Are you staying in network
secure zone?
IT and Communication Trends
for Critical Infrastructure
24
The Way of IOT’s, smart Grid,
Smart Citie’s Future Goes Through
Technology and Network convergence
18
40
HIGHGROUND CYBER

5.
CommuniTake Technologies: Delivering
Best-of-all-Worlds Platform for
Mobile Enterprise Security
SECEON: Protecting Critical
Infrastructures by Detecting and
Eliminating Cyber Threats
Secured2 Corporation:
Going Beyond Encryption
to Secure You
SecurView: Implementing
Secure IT Architecture
16
26
34
42
C
O
N
T
E
N
T
S
ARTICLE
Exploring the
Emerging Technology:
‘Fog Computing’
22. TECH-TALK
How to Minimize
Cyber-Attacks On
Your Organisation
30. THREAT-O-CURE
Network Security
Threats & Solutions
36. Editor’s Perspectives

6.
n today’s fast paced world, people are becoming more and more dependent on open networks such as the Internet,
Iwhere commercial activities, business transactions and government services are comprehended. This has led to a
precipitous rise in new cyber threats and information security issues which are utilized by cyber criminals. For
example, recently attacked by “Wannacry” has made leaders all across the world vulnerable and enforced to think about
their security infrastructure. Distrust for all emerging telecommunications and computer network technologies have had
implausible socio-economic impacts on global enterprises as well as individuals. Furthermore, some incidences of
international frauds often require the investigation of the facts that transpire across international borders. Those are often
subjected to totally different legal systems and jurisdictions. The increased complexity of the communication and
networking infrastructure is making preventing of cyber-crimes difficult therefore new approaches for cybersecurity are
desired.
The dire need for competent cybersecurity solution providers has made us look out for “The 10 Fastest Growing Cyber
Security Companies of 2017”. On our cover page we have Ken Barnhart, the Founder & President of Highground Cyber,
Inc. Highground Cyber was introduced with a mission to help the small & mid-market CEO’s to protect their companies,
themselves, and their families. Highground Cyber provides value and expertise in everything from security strategy and
risk management to network penetration testing and security architecture design.
Further, we have CommuniTake Technologies, which builds security, care and management solutions to provide people
and organizations with better, and more secure mobile device use. Listed for delivering smart solutions that protect
organizations against security threats are SecurView and Seceon. Cobalt Labs’ hacker-powered application security
solution and Secured² Corporation’s data security technology are contributing towards developing a secure architecture
for various developing companies. Thycotic is enlisted for skillfully preventing cyber-attacks by securing passwords,
protecting endpoints, and controlling access. Portnox sees, controls, reacts to and manages the risk networks face for any
user, any device, anywhere. Intrinsic ID authenticates everything by securing the Internet of Things, validates payment
systems, ensures safe connectivity, authenticates sensors, and protects sensitive military data and systems. EveryCloud
Technologies is listed for being the best performing email filtering service with products and services in Spam Filtering
and Email Archiving for various verticals including businesses, education, ISPs / MSPs and IT resellers.
So flip through the pages to know more about these combatants fighting cyber-crime. Not to miss out on scholarly
articles viz. ‘How to Minimize Cyber-Attacks On Your Organisation’ and ‘Exploring the Emerging Technology: ‘Fog
Computing’.
Complexity of Cyber Security
Comprehended
CYBE
IT YSECUR
The 10Fastest Growing
c o m p a n i e s o f 2 0 1 7

7.
C
yber security has never been simple. The threats
evolve every day and the attackers have become
more inventive and better financed. Over the past
years, we’ve witnessed all the hype and confusion
surrounding cyber security as it transforms into a
frightening new reality—one where corporate and
government organizations seem helpless to stop cyber
incidents. It’s critical that senior executives properly define
the issue and identify what constitutes an effective cyber
security program. In an interview with Insights Success
Magazine, Ken Barnhart, founder and CEO of Highground
Cyber, shared his keen observations into the cyber security
industry and his journey in developing and leading his
company for this new era.
What inspired you to start Highground Cyber?
As a combat veteran, I firmly believe cyber security
represents a clear and present danger to our nation and its
economy. In my role as a Vistage speaker and cyber
security champion, I travel around the country educating
Board of Directors, CEOs, and small business owners about
how to improve their cyber posture. I’ve listened to their
gut-wrenching stories of bank accounts drained in spear-
phishing attacks, intellectual property stolen, systems and
data locked up with cyber extortion tactics, and their
identities stolen. Highground Cyber was launched with a
mission to help the small and mid-market CEOs to protect
their companies, themselves, and their families.
What market segments are you focusing on?
We’re heading straight for the areas where we observe the
greatest need. The data clearly suggests the small and
medium businesses under $250 million and 200 employees
are losing the cyber security battle. According to a recent
report by ADP, 50 percent of our nation’s payroll dollars’
flow through companies with less than 250 employees and
that market is bearing 72 percent of the cyber security
attacks. While retailers like Target, Home Depot, and
Walmart get all of the big media headlines, these are also
companies that have the resources to weather a cyber
security storm and recover rather quickly. In Target’s case,
they have even rebuilt a world-class cyber security system
into a model that other companies are now copying. That’s
not the case for small and mid-market companies. Just
recently a $200 million professional services company in
the Midwest lost a multi-million-dollar payroll run to a
spear-phishing attack, and now their very survival is in
doubt. These are not isolated incidents—the statistics show
that 60 percent of companies that suffer a major cyber
attack will fail within six months and 90 percent fail in a
year. Reversing that trend in the small and mid-markets is
our core focus.
What are some of your growth plans?
While the Highground Cyber brand is new, our experience
is not. We are a spin- off of a practice group that has been
defending enterprise clients for almost a decade. I spent 17
years as the founder and CEO of the Occam Group, Ltd,
and a few months ago I sold the company to the minority
shareholder. I brought with me our award-winning Smart &
Safe Assessment. In 2015, CIO Review recognized our
CEO-centered Smart & Safe framework as one of the TOP
20 MOST PROMISING Cyber Security Solutions. Our
five-year plan is to double every year as a national brand.
The ability to laser focus my attention on the growth of
Highground has resulted in a 200 percent growth so far in
2017. That puts us a little ahead of our plans, but we have a
big mountain to climb and many CEOs to help them along
the way.
With so many new cyber security companies, how do
you differentiate Highground in the market?
Our differentiation strategy is born from the realization that
most of the mid-market is improperly conceptualizing the
cyber security issue as a technical problem. The hard reality
is that cyber attacks are only part of the larger
organizational issue of risk management and business
continuity. Since most CEOs don’t have a technical
background and because cyber is incorrectly classified as a
technical issue, they delegate the organizational response to
the IT functional or outsourcing partner. In most cases, the
mid-market CEOs aren’t actually delegating the
responsibility for the cyber issue they are abdicating their
authority. This is particularly dangerous for the CEO as
they are the corporate officer who is ultimately
professionally and personally liable when a major cyber
incident happens. We address this dilemma with three
unique claims called Lift-Shift-Persist. Our first claim is as
simple as it is bold. The small or medium business must
LIFT the focus of their cyber security efforts from the IT
leader to the CEO. If they don’t, their program will never
achieve the necessary results. This is not because the IT

8.
leaders lack professional skill or experience, but rather they
are not organizationally empowered to direct the human
resources, legal, risk management, policy, brand and public
relations functions that play a critical role in a holistic cyber
security program. The CEO is the only role with the
decision rights and organizational authority to coordinate
these functions. The critical success factor is empowering
the CEO with an approach that helps them put together a
plan to coordinate these functions and helps them manage
the execution.
Our second claim is the business must SHIFT the execution
to a cyber program that’s holistic, realistic and reports into
the CEO. The program-planning process starts with our
award-winning Smart & Safe Assessment that establishes a
baseline of the cross-functional areas necessary for a
comprehensive plan. Once completed, we develop a
bespoke cross-functional program to address the unique
threats and assets for every company. We work with the
CEO to then make the plan realistic for the three
checkbooks from which they manage their company. The
first is obviously financial, as the program plan will need
funding, but we take a multi-budget cycle approach that
looks forward 36 months. The second is change
management. Organizations have a varied capacity for
change, and the pace and scope of change for a business to

9.
address cyber security is often much more limited than
their financial resources. As the final check, we work with
CEOs to address their corporate culture. The defense of a
company’s digital assets and sensitive information has to
be woven into the fabric of the corporate culture and the
CEO is the leader of that effort.
Our final differentiator is PERSIST because cyber security
is not a “set-it-and-forget-it” issue for companies. Many of
our competitors sell a system or software, install it, and
either walk away or do some type of annual checkup. Our
approach focuses on creating a culture of security and
information systems that keep the CEO and the Board of
Directors informed on the overall security posture in three
critical areas: Security, Governance and Resilience.
What does winning the cyber security challenge look
like for a mid-market CEO?
We believe there is a difference between explaining cyber
issues honestly, which can be admittedly scary when the
company is your 401k plan, and just scaring people for the
pure shock value. I talk with hundreds of CEOs every year
and I have yet to meet a single one who earned their chair
by being easily frightened. The way we explain this is with
what we call the IRON TRIANGLE of cyber security:
Security, Governance and Resilience. In the final analysis,
security has always been about one thing for thousands of
years—asset protection. The first win a CEOs must achieve
is to establish a comprehensive list of the physical and
digital assets that they cannot afford to lose. If the loss of a
particular asset is a business-crippling event, then they have
to get those locked down first. We call this phase, “locking
up the crown jewels.” Security tools play a powerful role in
this area and the options available to mid-market companies
have improved dramatically, while simultaneously dropping
in cost. It’s important for CEOs to recognize they need to
enlist their employee and partners in the defense of critical
company assets. All it takes is one person to handle a
critical asset recklessly or maliciously and serious damage
can be done.
Getting on top of governance is the next big “win” for the
leadership. The CEO, not the IT leader, is the source of
authority here and bears the responsibility to demonstrate
good governance of the organization. The federal courts
have recently provided ruling and rationale to help clarify
what exactly “good business judgment” means. The
Department of Homeland Security has also made some
major contributions to further clarify what companies
should be doing to establish proper governance. The good
news is that the path to establish an effective cyber security
program is much clearer than is has ever been. The bad
news is the IT function has zero chance of successfully
implementing the required elements.
The ultimate win for any mid-market CEO in their cyber
posture is resilience. The ability to recover quickly from a
cyber incident and keep rolling needs to be every CEOs
goal. The cliché we hear all the time is that it isn’t a
question of if a company will experience a cyber attack but
when. While there is a measure of truth in this phrase, it
also misses the larger point impact mitigation. Many
organizations have built systems and processes that are
“robust but fragile.” A speed boat is fast and agile, but can’t
take a breach in the hull and continue to float much less
function. The resilience goal is to make organizations more
like a battleship that can take several serious hits and stay in
the fight.
Your passion is so compelling. What drives you?
In a word: Enough! I am sick and tired of seeing good
CEOs and their families getting hurt, harried and harassed. I
have always been fond of the Edmund Burke quote, “All
that is required for Evil to triumph is for good men to stand
by and do nothing.” With passion and purpose, I’m hoping
that Highground Cyber proves its mettle in this marketplace
and grows very quickly.

10.
Address :
Country :City : State : Zip :
Global Subscription
Date :
Check should be drawn in favour of : INSIGHTS SUCCESS MEDIA AND TECH PVT. LTD.
Yes I would like to subscribe to Insights success Magazine.
Name :
Telephone :
Email :
Read it First
Subscribe to Success
1 Year.......... $250.00(12 Issues) .... 6 Months ..... (06 Issues) ..... $130.00
3 Months ... (03 Issues) .... $70.00 1 Month ...... (01 Issue) ..... $25.00
Insights Success Media and Technology Pvt. Ltd.
555 Metro Place North, Suite 100,
Dublin, OH 43017, United States
Phone - (614)-602-1754,(302)-319-9947
Email: info@insightssuccess.com
For Subscription : Visit www.insightssuccess.com
CORPORATE OFFICE
Never Miss An Issue

11.
Management BriefCompany Name
Cobalt Labs
www.cobalt.io
Jacob Hansen
Co-founder
Cobalt’s hacker-powered application security solution
transforms today’s broken pen testing model into a data-driven
engine fueled by our global talent pool of trusted pen testers.
COMMUNITAKE
www.communitake.com
Ronen Sasson
CO-founder & CEO
CommuniTake is a software company that builds security, care
and management solutions to provide people and organizations
with better, and more secure mobile device use.
EveryCloud Technologies
www.everycloudtech.com
Matt Baker
CMO & Co-Founder
Highground Cyber
www.highgroundcyber.com
Ken Barnhart
Founder & CEO
Highground Cyber helps to simplify cyber security by providing
everything that a client needs to define strategy, identify threats,
deploy the right technology and ensure operational readiness to
protect client’s business.
Portnox
www.portnox.com
Nilly Assia
CMO
Portnox sees, controls, reacts to and manages the risk networks
face for any user, any device, anywhere.
SECEON
www.seceon.com
Chandra Pandey
Founder & CEO
Seceon OTM, is a cyber-security advanced threat management
platform that visualizes, detects, and eliminates threats in real
time.
Secured² Corporation
www.secured2.com
Daren Klum
Founder & CEO
Secured² is the pioneer of new data security technology that
uses a ‘shrink, shred, secure & restore methodology, combined
with new compression technology that reduces the size of data
by up to 90%.
SecurView
www.securview.com
Rajeev Khanolkar
President & CEO
Thycotic
www.thycotic.com
Steve Kahan
CMO
Thycotic prevents cyberattacks by securing passwords,
protecting endpoints, and controlling access
EveryCloud the best performing email filtering service with
products and services in Spam Filtering and Email Archiving
for various verticals including businesses, education, ISPs /
MSPs and IT resellers.
SecurView is a Cyber Security Solutions company, delivering
smart solutions that protect organizations against security
threats.
Intrinsic ID
www.intrinsic-id.com
Milan Lazich
CEO
Intrinsic ID secures the Internet of Things, validates payment
systems, ensures safe connectivity, authenticates sensors, and
protects sensitive military data and systems.

12.
| May 201716
CommuniTake
Technologies:
The mobile security space is in transition. There are various vendors, products and functions that fall into different
buying patterns and needs. Many companies still operate under outdated endpoint protection platform which is not
built to withstand modern mobile cyber-crime.
Bring your own device (BYOD) programs face increasing challenges. Delivering malware and data loss defenses, encounter
user resistance, and inconsistent legal interpretations of users’ privacy. Furthermore, mobile security tools are changing
rapidly along with the nature of threats.
CommuniTake Technologies brings a unique value proposition that addresses all the use scenarios within mobile enterprise
security. These scenarios range from the most security minded organizations to less demanding organizations.
CommuniTake’s array of solutions provide solution to organizations that seek only secure communications with light central
management, all the way to organizations that look for a comprehensive solution containing secured device, purpose-built
security-rich OS, secure communications, fused command and control center and local deployment.
A Relentless Visionary Leader
Ronen Sasson, Co-founder and Chief Executive Officer of CommuniTake Technologies, is an accomplished software
industry executive and visionary, with an extensive history of pioneering new ground in business and telecommunication
systems. Ronen has a proven record of strong leadership, passion and innovation, and he brings 30 years of successful
experience in managing high-tech products and professional services. Prior to CommuniTake, Ronen spent 14 years in
Amdocs where he was the Founder and General Manager of the company’s self-service line-of-business vision, product &
market direction, and his teams’ commitment to customer service resulted in more than US$100M annual revenues in just 4
years. Before Amdocs, Ronen spent 9 years in advanced technology military technology units & development centers, and
he holds B.Sc. in Electrical Engineering from the Technion.
Ronen’s personality has many contributing levels which come out with his unique leadership abilities. Serving as an ‘officer’
in the Israeli Air Force and as a Vice President in Amdocs, he has established leadership qualities that impact his current role
in driving success. As a marathon runner combining the creativity that came from art, he believes that his mission in life is to
make dreams into reality influencing millions of people. He is driven by a “Can Do” approach and “Embracing Challenges”
as a way of life with continuous learning and analyzing both success and failures.
Inception of a Cyber Security Provider
CommuniTake was established to provide “Total Mobile Security and Productivity” strategy. It delivers three building blocks
of mobility enablement: productivity, security and manageability. These markets are in different life cycle stages.
CommuniTake has started with productivity via an Omni-channel support, and then shifted to deliver security combined with
infused manageability – based on market readiness and adaptation.
The knowledge and competences that were accomplished via the remote access technologies and the enterprise mobility
management capabilities were translated to the security expansion.
CommuniTake’s Prime Product’s Protective Architecture
CommuniTake is a software company that builds security, care and management solutions to provide people and
organizations with better, and more secure mobile device use.
Delivering Best-of-all-Worlds Platform for Mobile
Enterprise Security

13.
To address the connected world challenges and provide
organizations with risk-free and highly secured mobility,
CommuniTake has developed Intact Mobile Security
platform. It provides powerful protection with its complete
competent suite of Secure-Manage-Care.
The platform natively unifies the following components:
Ÿ IntactPhone – specially-manufactured Android-like
mobile phone;
Ÿ IntactOS – custom-built security-rich operating system;
Ÿ IntactDialog – end-to-end and midway encrypted voice
calls and messages;
Ÿ IntactCC – fused command and control center;
Ÿ IntactCare – complete remote control technology and
self-troubleshooting app;
Ÿ IntactApps – security utilities including, persistent
VPN, Anti-malware, web-browsing control, and threat
detection.
CommuniTake’s is a game-Intact Mobile Security
changing mobile Endpoint Protection Platform (mEPP) that
protects against mobile cyber-attacks, enabling top security
across all the devices in the organization. It ensures central
security governance and seamless device performance and
remediation via multiple purpose-built solutions aimed at
differentiated security essentials.
Ronen Sasson
Co-founder & CEO
CommuniTake Technologies
Distinctive Techniques of Cyber Security
CommuniTake’s unique value proposition is derived from
its holistic approach.
CommuniTake’s platform defends against interception
techniques, injection techniques, physical data extraction
and careless use. The powerful in-depth protection
eliminates most of the attack vectors generated from apps,
devices, networks and users. CommuniTake has
successfully replaced Google services with proprietary
services and push notifications, and an internal secured app
store thus minimizing the vulnerability coming from the
Google Play store and the privacy hazards that are related to
Google e-services in general.
The encrypted voice calls are encrypted via the ZRTP
protocol which creates a key per session and encrypts the
voice using AES-256, which can be modularly customized
with proprietary government encryption algorithm. All
other communications are fully encrypted using TLS. The
system forms a highly protected virtual private network for
totally safe wireless communications within the enterprise
environment.
Future Aspects
CommuniTake mobile security platform provides robust
security like none other. The team at CommuniTake is
going to further enhance their mobile cyber security
offerings and expertise, to deliver exceptional solutions
across both governmental and enterprise target markets
including military units, Special Forces, governmental
agencies, and other data-sensitive organizations.
They are going to strengthen their leadership position in the
mobile cyber security ecosystem and be the default choice
for secret organizations that wish to deploy top mobile
security. Committed to their vision, they will operate in a
global manner with various partners focusing in each target
segment as well as OEM partners, with their security
enabled next generations’ devices, services and IoT
systems. CommuniTake envisions tremendous growth as
the market is already adopting mobile security technology
on a massive scale. This is already seen when they grew up
by hundred percent in new orders and have already built a
scalable and reliable platform to maintain their growth in a
solid manner.
“We operate as part of a “security
nation” and leverage highly capable local
talent in cyber security technologies
to deliver cutting-edge and future-proof solutions”
17| May 2017

14.
In North America, utilities have installed nearly 70
million smart meters over the last decade. This
technology investment has delivered tangible value to
both utilities and consumers. But utilities have yet to realize
the full potential of this platform and the value of the data
these systems generate. This is primarily due to common
challenges that utilities as well as technology providers
have struggled with:
• Smart meters are viewed mainly as a cash registers and
instruments of customer billing rather than as
sophisticated sensors that provide a rich source of data
and insight to improve grid operations.
• For the most part, smart metering systems have been
deployed in technology “silos,” meaning they run on
purpose-built, largely proprietary networks that were
designed for meter reading rather than on a standards-
based, multi-application IP-platform.”
• These systems have created a relative tsunami of new
data-more frequent and detailed usage data, event data
from power outages and voltage anomalies and meter
tamper alerts-data that utilities are struggling to manage
and create new business value from.
• More than smart meters, the term “smart grid” implies
grid devices, assets and data interacting in real time and
with less human intervention to respond to changing grid
conditions. This degree of interoperability and
automation has been elusive or cost-prohibitive thus far
for the low-voltage level of the network.
Most of these challenges are technology-centered, while
some are cultural and organizational, but the upside is that
these challenges are being solved. Information technology
and operational technology are converging rapidly in the
utility and energy space to create a new strategic and
operational reality. This comes none too soon in light of
significant business challenges utilities worldwide are
| May 201718

15.
facing as well as the economic and environmental
challenges we all face.
Led by companies such as Cisco and Itron, a growing
ecosystem of smart grid technology providers have
collaborated to evolve network architecture so that
utility field area networks look and behave much
more like enterprise IT networks. Solution providers
are also introducing more distributed intelligence to
grid operations that enable grid assets and devices
that are currently “siloed” to work in concert with
one another. In addition, the available value stream of
this network infrastructure investment is broadening
by connecting to emerging markets and applications
such as smart cities and the Internet of Things (IoT).
The heavy lifting really began four years ago when
Itron and Cisco announced an agreement to work
together to re-architect Itron’s widely-deployed
OpenWay smart grid network to IPv6 architecture
from Cisco. This joint development effort,
undertaken by the industry leaders in utility
automation and networking, was a watershed effort in
the industry. The smart metering network became a
multi-application smart grid and smart city network,
broadening significantly its usefulness and value. A
growing ecosystem of leading smart grid technology
providers can now build to a common reference
architecture through the Connected Grid Cisco
Developer Network to accelerate adoption and spark
innovation.
But standards-based, multi-application network
architecture by itself was not enough to address all
those challenges. Itron believes that for the smart grid
to deliver on its promised value, data analysis and
action must take place where it makes most sense-
increasingly at the edge of the network rather than in
the utility back office. That’s the whole idea behind
ITRON RIVA™, a new distributed intelligence and
advanced communication platform the company
launched this fall.
Distributing intelligence across the network allows us
to economically solve utility problems that couldn’t
be feasibly solved before, greatly increasing the value
and timeliness of smart grid analytic applications as
well as the utilization of network capacity.
Specifically, these development efforts yield a new
and common set of technology attributes for meters,
grid sensors and other types of intelligent devices,
“Led by
companies
such as Cisco and Itron,
a growing ecosystem of
smart grid technology
providers have collaborated
to evolve network
architecture so that
utility field area networks
look and behave much more
like enterprise
IT networks”
Jeff Carkhuff
VP, Itron
19| May 2017
CXO Standpoint

16.
whether they come from Itron
or third-party partners who embed the technology or build to the standard.
• Locational awareness: For the first time, smart meters and grid devices know where they are in relation to other
grid assets (feeders, phases, substations, transformers, distributed generation, other meters, etc.). This “self-
awareness” opens up an entirely new approach to smart grid use cases and applications.
• “Multilingual” devices: A unified software platform supports multiple communication/application protocols,
allowing a single meter or grid device to simultaneously speak the language of distribution automation, load control
and smart metering. This enables highly localized communication and action among diverse devices, assets and
grid control systems to respond to changing conditions at the edge of the network.
• Edge processing power: Thanks to Moore’s Law, Itron is embedding the computing equivalent of a recent
generation smart phone in high-volume meters and grid devices to enable advanced communications, data
processing and analysis in the edge device.
The ability for edge devices to know exactly where they are, process and analyze data independently and
communicate with other types of devices creates many new possibilities for improving the accuracy, resolution and
timeliness of analytic applications. A clear opportunity exists to deliver new business value in areas such as
localized demand response/load control, asset monitoring and management, outage detection and response,
renewable integration and diversion detection. This approach allows utilities to put intelligence where it makes the
most sense, whether that’s in the edge device, the field area network itself or at the enterprise level, meaning
analytics no longer must always take place in the back office where “tomorrow” or “next week” is no longer good
enough.
Perhaps most interestingly, the Itron Riva distributed intelligence platform has enabled Itron to revolutionize grid
communications. Known as adaptive communications technology, this capability incorporates multiple
communications media-RF Mesh, Wi-Fi and Power Line Carrier-on the same chipset, working in concert to solve
key network performance and connectivity challenges. Running on the OpenWay smart grid network, adaptive
communications technology always utilizes the fastest and most reliable communication path for every message
and every link based on location, network operating conditions and the nature of the application or data. This is true
whether communicating with an office application or another device on the grid.
This makes deployment of network infrastructure
easier, faster and less costly, while offering a single
communications solution for both dense and difficult urban environments as well as lower-density areas. Adaptive
communications technology flattens the cost curve during the latter stages of network deployment when the “hard-
to-reach” devices and areas must be addressed. In other words, it provides a network that continuously self-
optimizes based on geography, topology, operating conditions and business requirements.
Together, these developments mean that many utilities throughout the world are in a good position to leverage these
recent and significant advancements in network architecture, edge intelligence and analytics as they implement
their grid modernization strategies and connect to broader opportunities such as smart cities and IoT.
There is absolutely no doubt that the convergence of information technology and operational technology in the
global utility industry will continue and accelerate, and that technology advancement will continue to outpace the
asset lifecycle paradigm utilities have so long operated within. Nevertheless, thresholds are reached that warrant a
shift in thinking about how to approach and solve problems. For tomorrow’s grid, that time is now.
| May 201720
CXO Standpoint

17.
Exploring the Emerging Technology:
‘Fog Computing’
yber Security has now become an integral part of
Cany organization. It is very difficult to ignore the
importance of cyber-security nowadays. From the
significant role it played in the 2016 presidential poll to the
recent revelation about the Yahoo bluff (where more than
one billion Yahoo accounts were breached in 2013), cyber
security is no longer a problem unique to Sci-Fi thrillers.
Perceptibly, the two examples stated here are simply the
most egregious of recent times, but they are vague in
comparison to the threat of cyberattack on actual
infrastructure.
Cyber Security for the Industrial Internet of Things (IIoT)
started as a spark and quickly turned into an eruptive
volcano. Undeniably, data is the most important “currency”
in the tech world today, and companies both public and
private are struggling to figure out the best possible way to
protect that data will still ensure real-time transport and
analysis.
Emergence of Fog Computing
The forthcoming months will see the advent of True Fog
Computing and Programmable/Intelligent Edge Devices
designed with robust security measures till-date.
According to a report by analysts, companies have now
become more comfortable hosting the critical infrastructure
and applications in the Cloud. In an effort to optimize
processes and shorten the response time, companies will
explore ways to horde applications at the device/sensor
level (which is termed the Edge or Fog Computing). It is
basically a decentralized network architecture, that brings
computing control closer to where data is generated and
acted upon, Fog Computing allows analysis, automation
and control closer to the “Things” in the IIoT. Cyber
Security will be improved by reducing the threat and attack
to surfaces of IIoT networks, since Fog Computing will
reduce the amount of data being directed towards the
Cloud. Certain processes will move away from the Cloud
and closer to the Edge, which will aid the industries where
even milliseconds are vital.
The base of this shift in intellect deployment is simple: the
Cloud, while legitimately secure, is still prone to security
breaches, so rather than hosting all of the data and the
analytics tools over the cloud, we must consider moving
those processes closer to the edge to the sensors and devices
with built in security.
Now, while the concept is simple, the implementation is
more difficult. This shift requires a high-speed, robust
network capable of real-time data diffusion and, perhaps
even more essentially, programmable devices at the edge.
Rather than thinking about big data from the outlook of
consuming from a fire hose, a programmable device at the
edge permits the user to develop exclusive applications that
cleans out unnecessary data. Consequently, the smaller data
packets assist two things: faster transmission to the
analytics engines, and the ability to send that data via mesh
networking technology, which has been verified to provide
better security.
Currently, the problem faced in this shift in intelligence to
the edge is because there are very few companies producing
programmable devices for this advantage. It’s a totally
different way of impending data transmission and security,
and so far, the industry has been slow to catch on: instead of
trying to build a wall in front of the huge door (the Cloud),
eliminate the door and build a series of constantly moving
mouse holes (the Edge). Which one do you think sounds
easier to protect?
| May 201722
Tech-Talk

18.
Conclusion
Data has not been an issue; we already have more of it than we can analyze or utilize, and we’re collecting more and more
every day. The problem is going to be about storing and retrieving the data when we want it in a convenient fashion.
Fog computing allows for data to be processed and accessed more rapidly and more reliably from the most logical location,
which lessens the risk of data latency.
Any business that trusts someone else’s data center for storing its data would be wise to consider this new trend, and
scrutinize how their business might be affected in the future if they lack the bandwidth to access it.
CLOUDComputing, Networking,Storage,..
CORE
FOG
Computing, Networking,Storage,.. FOG
Computing, Networking,Storage,..
FOG
Computing, Networking,Storage,..
ACCESS POINT
INTERNET
INTERNET
| May 2017 23
Tech-Talk

19.
One word can sum up the most common strategy for
network defense - “boxy.” Building and
maintaining a strong perimeter has a long and
storied history. Consider a castle with its moat, high walls
and drawbridge. That is how most networks are defended. In
a box. Currently, the mentality is: “Do you want to protect a
new system?” Put it inside the box. “Processing personal
information?” Put it inside the box.
While the “box” approach was successful in the past, it’s an
antiquated model. And, while the conventional approach has
been occupied with defending the castle from a ground
attack, adversaries have deployed an air assault with the
latest modern weapons.
User’s choice
Over the past decade, there has been a quiet revolution with
how IT systems and services are used within organizations.
Fed up with a lack of options, viable solutions and a general
disconnect with the business, users have taken matters into
their own hands.
This evolution started with the
rise in mobile usage. Early on,
traditional security teams focused
efforts on stopping mobile usage.
Eventually, they acquiesced and
accepted mobile devices, but only
those that were “approved.”
Ultimately, reason triumphed and
mobile is now treated in a more
logical fashion. While still four
letters, “BYOD” is no longer a
bad word. Unfortunately, we are
now seeing the same cycle with
cloud services.
Consumer is the new business
Consumer-focused services are
making significant inroads into
enterprises around the world. It is
fairly common to see large
volumes of outbound network
traffic utilizing services such as Dropbox, Google Apps,
Github or any number of other cloud-based applications. In
fact, these services have begun to incorporate features and
functionality specifically targeted to the size and scope of
various business operations.
Think of this as a “bottom-up” approach. It is a sign that
users in organizations are pushing technology adoption just
as much - if not more - than a traditional “top-down”
approach. Overall, this should be seen as a positive. The
shift is now aligning IT with the actual focus of the
organization. It is a move toward technology that works in
the “real world,” instead of simply looking good “on paper.”
However, it’s not all unicorns and rainbows.
Crumbling walls
While productivity might be up, it is extremely difficult to
maintain a strong perimeter around this new blend of
traditional, mobile and cloud infrastructure. There action to
this is: “Then why try? Isn’t there a better approach?” This
response is rational, but not the
sentiment of a vast majority of
the security industry.
Just as with mobile adoption, the
common security response to
cloud services is to attempt to
block user’s access and, instead,
guide them toward an “approved”
(and typically less usable) server.
That isn’t embracing reality and,
quite simply, is no longer
feasible.
The architecture diagram for
current networks no longer fits
cleanly into a simple box. Trying
to wedge it into one is
counterproductive and can lead to
frustration among employees. It
is imperative to accept the fact
that the perimeter as it has been
known is now gone. Which leads
CXO Standpoint
Mark Nunnikhoven
| May 201724

20.
to the core of the issue -what strategies can be adopted to
defend today’s networks?
Level up
First, it is important to understand that traditional controls
still have a place in modern defense. There is a need for
firewalls, intrusion prevention, anti-malware, filtering, etc.
These traditional elements serve as a strong component, but
they play a smaller role and cannot be considered the end-
all, be-all of security. Instead of focusing on individual
components of the network, it should be viewed according
to the way specific data flows.
Security in isolation
Take a typical e-commerce transaction, for example:
In a traditional approach, each of these systems would reside
in relative isolation. First, there must be a firewall on the site
and anti-malware so it is “secure.” Second, the shopping cart
is delivered to the user via HTTPS so it is “secure.” Third,
the payment information is encrypted, thus it is “secure.”
Finally, the shipping system is only internal so it is “secure”
through access control.
While none of these controls are bad, they do not take into
account the realities of today’s networks. Now, shopping
carts are provided via PaaS, payments are provided via SaaS
ans all shipping is done through a third-party API. These
providers inherently change over time cteating more
variables and avenues for breaches.
Data flow
In addition to adding basic security to each system or
service, it is critical to examine how data flows. When a
high-level view of data flow is incorporated into the typical
e-commerce transaction, the following occurs:
It is immediately apparent that there is a variety of
information shared across multiple systems. Some of the
systems are controlled by the enterprise, some are not. With
this view, the real challenge comes to the forefront - how
can the safety of orders (items purchased, quantities,
shipping info, etc.) and processing data be ensured by at
least three different entities? In addition, payment
information resides on at least two systems. How does that
affect Payment Card Industry compliance? This is the level
where security should be applied - and it must be acted upon
holistically.
Next steps
The top priority for security must be monitoring. It is clear
that controlling every element of the network can be
overwhelming. With the variety of services, endpoints and
connections, the aforementioned “box” model has been
demolished. Thus, the traditional perimeter is gone. What
takes place in networks requires more transparency to read
and react accordingly.
A modern monitoring practice not only pulls in log data
from network devices and application servers (as has
traditionally occurred), but also logs and reports from IaaS,
PaaS, SaaS and mobile systems. This in itself cteates a new
challenge with an immense amount of diverse data needing
to be processed. Fortunately, “big data” analytics can be
applied to resolve this issue.
There is very little value in denying where network
infrastructure design, and access, is headed. The soundest
strategy is to welcome this reality and work to increase
security of the current network to focus on monitoring. It is
essential to be cognizant of data workflows within the
overall enterprise. Once that is established, taking steps to
protect data, regardless of where it is stored and processed,
is far less daunting.
CXO Standpoint
25| May 2017

21.
SECEON:
It’s quite evident, that despite huge amounts being spent on cybersecurity solutions, data breaches are still happening at
an increasing rate and greater severity. Today’s organizations are too slow to identify and stop cyber threats from
inflicting damage once the organization is breached. They need a cost-effective solution that detects and stops threats
before any loss of data.
Traditional technologies are built on one fundamental flaw – smart humans must use an array of complicated tools to identify
a threat and then figure out how to stop it. The problem is that 95 percent of attacks exfiltrate or corrupt data within a few
hours of the breach—hardly enough time for smart humans to react! developed an approach that deploys analysis ofSeceon
all traffic, flows and processes in & out of the network and correlates them near-simultaneously with behavioral analytics,
recognizing zero-day exploits and policies to surface threats and proposed responses in real-time. Moreover, this approach
can easily be deployed within a few short hours in any size organization with little to no cybersecurity expertise required of
enterprise or service provider staff.
See, Stop, Secure with SECEON
Seceon is focused on enabling organizations to see cyber threats clearly and quickly, stop threats from inflicting extensive
damage through surgical containment and elimination and to predict all kinds of cyber attacks, sourced either internally or
externally, through behavioral threat detection modeling and machine learning.
Businesses and service providers are challenged to find automated, affordable, fast and effective enterprise-class
cybersecurity solutions that don't require extensive and resource-intensive human intervention to analyze, detect, respond to,
remediate and report threats before they cause extensive damage and loss. Gaining notoriety as an affordable, comprehensive
solution that detects, responds to and eliminates threats in real-time, Seceon OTM is designed for any size organization with
any level of technical expertise regardless of deployment environment—on-premise, cloud or a hybrid of the two.
They provide customers with a proverbial Security Operations Center or SOC-in-a-Box™. Automating the disjointed, time-
consuming and complex tasks of threat monitoring, detection and elimination, Seceon OTM frees staff to address threats
quickly preventing risk, damage or loss of valuable information.
A Neoteric and Inspirational Leader
Chandra Pandey, Founder & CEO of Seceon, is an expert in data center architecture and highly scalable network
solutions, and a proven business leader with more than 20 years of experience developing and marketing innovative
technology solutions. As Seceon’s CEO, he works closely with customers to define and address the problems, implications,
and solutions of defending corporate assets in today's highly-connected enterprise. Chandra holds multiple patents in
application virtualization, highly scalable data center architecture, scalable multicast distribution and power optimization for
high-performance computers.
Before founding Seceon, Chandra was General Manager and Vice President of Platform Solutions at BTI Systems. Chandra
has also held senior leadership roles at Juniper Networks, Internet Photonics (Ciena), Lucent and 3Com (HP).
Protecting Critical Infrastructures by
Detecting and Eliminating Cyber Threats
| May 201726

22.
Expedition and Exploration of the Industry
The most important step in Seceon’s journey as a fast-
growing cybersecurity startup was to identify and recruit
expert talent to help them bring their vision to life and their
mission to bear. Building the best team possible was critical
to their ability to execute against objectives effectively.
In 2015, Chandra and his co-founders were personally
affected by a data breach with the loss of private identity
and credit card information. After sharing their experiences,
they were quick to realize that even the most advanced
cybersecurity approaches were incapable of protecting the
enterprise from inevitable attack before they inflicted
damage. A new approach was needed to help organizations
see and stop threats the moment they happen. This demand
spurred development of Seceon’s powerful, parallel-
processing Open Threat Management (OTM) platform and
their mission to empower enterprises to detect, respond and
eliminate all known and imminent cyber-threats.
Continuing Competence with OTM and Innovations
In 2016, Seceon delivered the industry’s first and only fully
automated real-time threat detection and remediation
system to detect, analyze and eliminate cyber-threats.
Seceon is the first company to provide:
Chandra Pandey
Founder & CEO
SECEON
· An affordable “SoC-in-a-Box” cyber security solution that
automatically detects and stops all forms of cyber threats
within minutes of the breach without human intervention.
· A solution that deploys in any environment: private,
hybrid or public cloud in under 4 hours with untrained
staff and needs minimal rule updates or tuning.
This architecture can process billions of inputs and generate
correlated outputs of all related threat behavior in seconds,
improving threat detection while minimizing false
positives, and reducing the number of threat activities to be
analyzed.
They consistently win engagements because Seceon OTM
provides: Comprehensive Visibility, Automated Threat
Detection and Remediation in Real Time and Automated
Correlation Engine to improve speed of detection and
response, lowering data breach costs.
Techniques Used for Ensuring Data Security
Processing massive amounts of data with real-time compute
capacity, Seceon’s OTM is built on five patent-pending
primary components—a control and collection engine
(CCE), analytic processing engine (APE), automated
response and threat intelligence— that analyze hosts,
network devices, application and user behavior to detect
internal risks and cyber-threats, thus accelerating response,
preventing damage and loss.
Seceon has applied for more than five patents for its unique
approaches to parallel processing, behavioral analytics and
machine learning, and is awaiting final results. Until now
there has been no affordable, comprehensive solution that
detects and eliminates threats in real-time. Seceon’s
subscription-based, environment-agnostic solution provides
automated detection and alerts to prioritize threats
efficiently.
Envisioning Tremendous Growth
In early 2017, Seceon announced a version of Seceon OTM
for MSSPs, providing a single screen for viewing multiple
tenants with each tenant or customer only able to see its
own assets. With OTM deployed in a multi-tenancy
environment, all customers can benefit from the platform’s
machine learning capabilities. Any new threats are
captured, reported and fed back into the system’s threat
models, ensuring the continuous sharing of threat
intelligence across all customers.
“We provide a comprehensive
cyber security solution
for the digital era”
27| May 2017

23.
C
yber security plays a massive role in today’s tech savvy world. According to industry insiders, average cost of
data breach for various companies has increased from $3.8 million to $4 million recently. Most of the companies
today have embraced open source for infrastructure software; additionally they have also embraced cloud storage.
Both of these comes with their own blend of positives and negetives. Like if a data centre gets attacked or fails then it
could be deadly for a company, and most of the open source softwares are vulnerable to cyber attacks which posses a
massive threat.
So, here we are listing out some of the cyber security threats and their potential solutions, that can change the cyber world.
DDoS Attacks Targeted On Internet of Things Devices
As per recent trend, cybercriminals have got all out to target various IoT devices, that includes survellience cameras,
security systems, electronic appliances, cars, commercial enviornments, vending machines, robots in various
‘
| May 201730
Threat-o-Cure

24.
manufacturing plants etc. There are more than 12 billion
IoT devices that can be connected to the Internet and
researcher’s estimate there would be 26 times more IoT
devices than people by the end of 2020. This threat came
into spotlight recently after a revelation, where thousands of
low security IoT devices were being used to launch
massive-scale DDoS attacks. These attacks impacted
various DNS service providers.
DDoS is a kind of DOS attack which makes sure that
multiple systems are compromised, with the help of Trojan
virus. Ultimately, the victims of DDoS attack gets
maliciously controlled and used by the hackers.
To counter the threat, FTC has started targeting some IoT
device manufactures, whose products come without adequet
security.
Ransomware
Ransomware has seen steady improvement over the years
since its first appearance way back in 2005. In its early
days, cybercriminals would use fake apps and fake
antiviruses to alert victims, and then they ask for fees as a
charge for fixing some fake problems. Even it showed FBI
warnings, which contained threat messeges. Ultimately,
they began to lock down systems or any specific app until
the demands were met.
However, the main threat these days are crypto
ransomeware, where the attacker encrypts the file and the
victim needs to pay in order to get the key and unlock their
own file. According to various agencies, Ransomware has
caused damages of around $325 million till date.
In order to stay safe from the Ransomware, the user must
use reputed and original antivirus and anti maleware
softwares. Users shouldn’t open email attachments, until
they are completely sure. Use of storng password is must
and one should not reuse older passwords. Keeping all the
softwares up to date is another thing one must follow, and
last but not the least a user must backup all the data to
prevent data loss.
Business Email Compromise Schemes
A BEC attack is a form of fishing attack where the offender
pretends to be an executive and targets a vendor or a
customer who would transfer funds or classified
information to the attacker.
BEC attack is completely different from other attacks, in
case of BEC attacks, the attackers are highly motivated and
these kind of attack mostly passes through spam filters and
even evades email whitelisting campaigns. All these
together makes it hard to recognize that the email is not
from an authentic source.
So how can one be safe from a BEC attack? Don’t worry
there are few guidelines which will make life a bit easier.
A company must implement a multi factor authentication,
as a security policy, the authentication system will make the
hacker’s life much more difficult and ultimately it will
prevent the criminal from gaining access to a employee’s
mailbox. One must also check on organiztion’s spoofability,
that helps to know how secured the company is. There’s
nothing like teaching employees how to spot phising attacks
which will eventually help employees and the company to
be safe.
Risk Of Using Cloud
Recently most of the companies have started using cloud
services. Popular apps like Dropbox and Google Drive are
being used by companies, and sadly there are many users
who are using these services from their non-corporate mail
accounts which eventually expose sensitive data to outside
threats. Companies also lack specific usage policies when it
comes to cloud service, that can lead to sharing sensitive
information to unapproved apps, which can lead to severe
data breach.
So, to get rid of risk related to clouds, one organization
must have a strict and clear policy about how and when to
use it. An employee must be barred from sharing sensitive
data to unapproved apps.
Third Party Vendors Increases Risk
A company might build brilliant security system with great
policies to keep their customers and their data safe, but
unless and until their third party vendors use the same level
of security the data and customers will always be at risk.
Just look at the recent Wendy’s incident, where more than
1000 franchised location of Wendy’s were hit by a Point-of-
Sale malware attack, that eventually led to massive data
breach.
Until companies make sure that policies are tighted up
enough and the third party vendor is taking all the needed
security measures, these kind of attacks will continue to
31| May 2017
Threat-o-Cure

25.
take place. To prevent cyber attacks, organizations should come up with a policy, by which one should ensure that third party
vendors are taking same security measures as the company.
In addition to all these, stortage of skilled IT professionals is also hurting to a great extent; there are more than a million
vacant IT professional jobs across the globe. So, with more skilled professionals and by filling the vacant positions, the cyber
threats can be minimized to a great extent. However, one still has to religiously update and patch firewalls, firmwares,
changing the default password of the router and setting up strong passwords to not to get trapped in the world of web.
So, these are the type of cyber attacks that could hurt your company to a great extent, we have also listed out the prevention
methods, that will eventually help you to be safe in the web.
| May 201732
Threat-o-Cure

26.
G R I P That Truly Works.
www.jktyre.com
+91-11-23311112-7

27.
Secured2
Corporation:
The Cyber Security Industry is in the toughest spot more than ever, and below statistics complement the fact;
56000000 from the large retailer, 145000000 from the large online retailer, 76000000 from multinational bank and
70000000 records were stolen from the large consumer store. The problem promoted by today’s security firms are
2
simply not working. Enters Secured Corporation. Founded with the mission of securing their customers’ data and
2
developing cutting-edge solutions that prevent data theft, Secured has achieved a significant feat over the years.
2
Based out of Minneapolis Minnesota, Secured has created the new paradigm of data security that addresses current threats
(over the wire at rest) and prevents emerging threats like (Hacking with Quantum Computing advanced Super
2
Computing). A patented ‘Shrink, Shred, Secure Restore’ methodology at the heart of Secured , makes data impossible for
hackers to access or penetrate because the data is ‘shred spread’ in many locations of a customer’s choosing (multiple
clouds, hybrid or local using multiple VM’s).
Flexibility at its Best
Built into the largest cloud platform in the world; Microsoft Office 365 and Microsoft Azure, the company’s data security
advantages are flexible at its best and from which it provides groundbreaking security to the apps that customers use from
2
Microsoft each day. Secured is integrated into Office 365 email, Exchange Email, older versions of Outlook / Outlook 2016
and they have just launched a new product with Microsoft called DepositBox. Depositbox is an easy to use drag drop
storage container and is your ‘digital safety deposit box’ where data simply cannot get hacked. It’s the ideal application for
wills, trusts, family pictures, and your financial information. Whatever you don’t want anyone to see, access or hack. As
2 2
well, Secured just launched a new Data Security API that allows Microsoft Azure customers to build Secured into their own
2 2
applications. Both Secured Depositbox and the new Secured API can be found in the Microsoft Azure Marketplace.
A High-tech Industry Leader of Action
Daren Klum, the Founder and CEO has been in the high-tech industry most of his career. He is known for his innovative
thinking, problem solving and ability to develop solutions to problems most say are impossible. Daren’s brilliance in
software hardware has been behind the companies he’s founded. Daren’s first startup Hardcore Computer (now
LiquidCool Solutions) is where he invented developed the fastest PC in the world Hardcore Reactor with over 10 industry
firsts, the world’s fastest server the LSS 200 and developed a submersion cooling system that eliminates the air-cooling
infrastructure found in today’s data centers.
Daren and his business partner worked for over 5 years developing the core concepts, technologies, patents, and security
2
platform that is behind Secured Corporation. Daren prides himself on being a data security outsider, because he believes the
Going Beyond Encryption to Secure You
| May 201734

28.
establishment is a big part of the problem. Change can’t
happen in big machines where the status quo lives. It must
come from the risk taker, the innovator and the team willing
to do what it takes to make the impossible, possible. That’s
just what Daren and his team have done.
Keeping up to Speed with the Market
2
Secured ’ strategies revolve around keeping up to speed
with the market and their relationship with Gartner. It’s
literally yet truly impossible to stay on top of all the trends,
threats, problems, and that’s the reason one needs to lean on
companies like Gartner that can do the research for you and
help you quickly understand where things are heading and
2
why. At Secured , their uniqueness comes from their
Daren Klum
Founder CEO
Secured2 Corporation
approach to the problems they solve for the customers and
2
that’s why Secured always goes for innovative solutions
and things that nobody has done before, and this includes
going in a totally opposite direction from the market.
Building the Very First Solution with Proof
Today, there is no existing solution which can ‘prove’ that
it’s secure and even encryption is not exceptional. So to
build the first solution with ’proof’ is a very, very big deal,
and this is what Secured has done. “So I think the fact we
2
think out of the box, can prove what we do is secure and
that it can be built into any platform in the world is pretty
dang unique. Especially, in a market that keeps
regurgitating encryption systems that are not working,”
asserts Daren. Other than a layer of AES encryption,
Secured has built every tool from the scratch to meet2
today’s security standards like HIPAA. Given the ability,
they have to prove that something is secure and the only
‘risk’ ultimately becomes the person who you give access to
the data. To solve this issue, Secured has partners that can2
do user monitoring and for this there are alarms, if behavior
falls out of the norms or location of doing business.
Promising Future of Secured2
With the pace, Secured has been growing, the future holds
2
a promising picture for the company. “The future of Cyber
Security is going to be our technology married with
Artificial Intelligence. By adding a layer of intelligence to
our solution we will be able to start having a gate keeper
that can watch users like a baby sitter. The only difference
is this babysitter can know in a nanosecond if something is
right or wrong. So we see artificial intelligence playing a
big role in upcoming solutions we develop and this is on
our roadmap as we grow,” concludes Daren.
“Encryption alone is not enough
and we provide a better way to
secure your data”
35| May 2017

29.
Threats Solutions
November 3, 1988, is considered as a turning point
in the world of Internet. 25 Years ago a Cornell
University graduate student created first computer
worm on the Internet, “Morris Worm.” The Morris worm
was not a destructive worm, but it permanently changed the
culture of the Internet. Before Morris unleashed his worm,
the Internet was like a small town where people thought
little of leaving their doors unlocked. Internet security was
seen as a mostly theoretical problem, and software vendors
treated security flaws as a low priority.
Today, there is a paradigm shift, Morris worm was
motivated more by intellectual curiosity than malice, but it
is not the case today. According to a 2015 Report, 71% of
represented organizations experienced, at least, one
successful cyber attack in the preceding 12 months (up
from 62% the year prior).
According to survey report, discloses that, among 5500
companies in 26 countries around the world, 90% of
businesses admitted a security incident. Additionally, 46%
of the firms lost sensitive data due to an internal or external
security threat. On average enterprises pay US$551,000 to
recover from a security breach. Small and Medium business
spend 38K.
Incidents involving the security failure of a third-party
contractor, fraud by employees, cyber espionage, and
network intrusion appear to be the most damaging for large
enterprises, with average total losses significantly above
other types of the security incident.
Let’s Take a Look at Recurrent Security Threats Types-
Denial of Service Attacks
A denial of service (DoS) attack is an incident in which a
user or organization is deprived of the services of a resource
they would normally expect to have. These attacks are very
common, accounting for more than one-third of all network
attacks reviewed in the report. A standard approach is to
overload the resource with illegitimate requests for service.
Brute Force Attacks
Brute force attack tries to kick down the front door. It’s a
trial-and-error attempt to guess a system’s password. The
Brute Force Attack password cracker software simply uses
all possible combinations to figure out passwords for a
computer or a network server. It is simple and does not
employ any inventive techniques.
Identity Spoofing
IP spoofing, also known as IP address forgery. The hijacker
obtains the IP address of a legitimate host and alters packet
headers so that the regular host appears to be the source. An
attacker might also use special programs to construct IP
packets that seem to originate from valid addresses inside
the corporate intranet.
Browser Attacks
Browser-based attacks target end users who are browsing
the internet which in turn can spread in the whole enterprise
network. The attacks may encourage them to unwittingly
download malware disguised as a fake software update or
application. Malicious and compromised websites can also
force malware onto visitors’ systems.
SSL/TLS Attacks
Transport layer security (TLS) ensures the integrity of data
transmitted between two parties (server and client) and also
provides strong authentication for both sides. SSL/TLS
attacks aim to intercept data that is sent over an encrypted
connection. A successful attack enables access to the
unencrypted information. Secure Sockets Layer (SSL)
attacks were more widespread in late 2014, but they remain
Editor’s Perspectives
Network Security
| May 201736

30.
prominent today, accounting for 6% of
all network attacks analyzed.
Network Security is an essential
element in any organization’s network
infrastructure. Companies are boosting
their investments in proactive control
and threat intelligence services, along
with better wireless security, next-
generation firewalls and increasingly
advanced malware detection. The U.S.
Federal Government has spent $100
billion on cyber security over the past
decade, $14 billion budgeted for 2016.
Increased use of technology helps
enterprises to maintain the competitive
edge, most businesses are required to
employ IT security personnel full-time
to ensure networks are shielded from
the rapidly growing industry of cyber
crime. Following are the methods used
by security specialists to full proof
enterprise network systems-
Penetration Testing
Penetration testing is a form of hacking
which network security professionals
use as a tool to test a network for any
part of this race to help enterprises to
secure their network systems.
Organizations like IBM, Symantec,
Microsoft have created solutions to
counter the global problem of network
security threat. These cutting-edge
products show genuine promise and
are already being used by enlightened
companies.
Good Network Security Solutions
Traits
A real security solution should have
four major characteristics;
Detect Threats
Targeted attacks are multi-faceted and
specially designed to evade many point
technologies attempting to identify and
block them. Once they are inside, the
only way to find these cyber threats is
to understand the behavior of the
individual attack components and use
analytics to understand their
relationships.
Respond Continuously
Today it is not important that an
organization will be attacked, but
vulnerabilities. During penetration
testing IT professionals use the same
methods that hackers use to exploit a
network to identify network security
breaches.
Intrusion Detection
Intrusion detection systems are capable
of identifying suspicious activities or
acts of unauthorized access over an
enterprise network. The examination
includes a malware scan, review of
general network activity, system
vulnerability check, illegal program
check, file settings monitoring, and any
other activities that are out of the
ordinary.
Network Access Control
Network Access Controls are delivered
using different methods to control
network access by the end user. NACs
offer a defined security policy which is
supported by a network access server
that provides the necessary access
authentication and authorization.
Network Security is a race against
threats, and many organizations are a
37| May 2017
Editor’s Perspectives

31.
important and more crucial is to
identify when and how much they can
limit the impact and contain their
exposure. This means having the
capability to respond quickly once the
initial incident has been discovered.
Prevent Attacks
Malware is gettings quick-witted day
by day. They utilize heuristics to
change their code dynamically. A
capable solution should have an
adaptive architecture that evolves with
the changing environment, and threats
today's business faces.
Integration
Today’s threats have multiple facets,
and a single software or solution is not
sufficient. Protection system should
have the capability to integrate with
other security tools from different
vendors to work together as a single
protection system, acting as connective
tissue for today’s disjointed cyber
security infrastructure.
Threat Protection. Symantec ATP
operates via a single console and works
across endpoints, networks, and
emails, integrating with Symantec
Endpoint Protection (SEP), and
Symantec Email Security cloud, which
means organizations do not need to
deploy any new endpoint agents.
Symantec says, ATP is the only threat
protection appliance that can work
with all three sensors without requiring
additional endpoint agents. With ATP,
Symantec’s goal is to deliver end-to-
end threat protection, prevention,
detection, and response in a single
pane of glass, offering more value to
businesses than individual point
products can provide. Symantec
Advanced Threat Protection combines
multiple layers of prevention,
detection, and response.
Solutions In Market
Like infectious diseases, cyber threats
will never be eradicated entirely, but
they can be better contained and
understood, and their effects
minimized. How can this be achieved?
IBM has built an enterprise-level
“immune system,” an adaptive security
architecture to battle today’s cyber
pathogens. IBM has developed a vast
fleet of products, QRadar, X-Force
Threat Intelligence, Trusteer Pinpoint
Malware Detection, IBM Threat
Protection System a dynamic,
integrated system to meddle the
lifecycle of advanced attacks and
prevent loss.
The IBM Threat Protection System
integrates with 450 security tools from
over 100 vendors acting as connective
tissue for today’s disjointed cyber
security infrastructure.
Symantec is another major player in
catering enterprise network security
systems with Symantec Advanced
Chalk Talk
| May 201738
Editor’s Perspectives

32.
IT and Communication
Trends for Critical
Infrastructure
Bobbi Harris
VP of Market Strategy Development
Utilities Telecom Council
| May 201740
CXO Standpoint

33.
About Bobbi Harris
Bobbi Harris is the VP of Market Strategy and Development at UTC. She is a smart city industry expert
with more than 15 years of experience focusing on environmental issues and sustainability technologies to
address water and energy challenges including smart water infrastructure, smart grid, cleantech and green
building initiatives. UTC is a global trade association dedicated to creating a favorable business, regulatory
and technological environment for companies that own, manage or provide critical telecommunications
systems in support of their core business. Founded in 1948, UTC has evolved into a dynamic organization
that represents electric, gas and water utilities, natural gas pipelines, critical infrastructure companies, and
other industry stakeholders.
ritical infrastructure such as electric, gas and water
Cutilities rely on Information and Communications
Technology (ICT) solutions to deliver reliable,
efficient and affordable services throughout the world.
UTC is the trusted resource for ICT solutions, collaboration
and advocacy for utilities and other critical infrastructure
industries. The growing convergence of IT and OT within
utilities is quickly becoming a catalyst for great
interoperability and real-time communications.
New discussions involving “smart city” technologies are
starting with the electric utility infrastructure. The new
Envision America initiative announced by the White House
is issuing a challenge to America’s cities to become smarter
by accelerating deployment of innovative technologies that
tackle energy, water, waste, and air challenges. UTC brings
together government, the research community, utilities and
cities to discuss innovative solutions to problems citizens
care about - like reducing traffic congestion, fostering
economic growth, improving sustainability, fighting crime
and improving the delivery of important critical
infrastructure services.
Quickly emerging issues around cyber and physical security
are bringing a new challenge to cities and utilities large and
small. Not a single week goes by without a news story
about a company or government agency being hacked and
millions of personal, customer or otherwise sensitive
information exposed. Disruption of critical infrastructure by
a cyber-incident is a serious concern for utility executives
and technical practitioners. UTC believes that cybersecurity
is the 21st century reliability challenge. To help our
members address this challenge, UTC is implementing a
comprehensive holistic strategy that provides practical tools
and information about handling cybersecurity challenges in
a utilities environment.
With billions of data packets and millions of endpoint
connections, utilities are exploring optimization and
efficiency solutions from a multitude of vendors including
large established companies as well as entrepreneurial
solutions built on the latest protocols. The key decision
point for packet-based communications networks is not
only cybersecurity but also latency with the
communications network. Machine-to-machine and grid
edge computing interacting with central computing and data
analytics demands real-time communications over secure
networks.
How will telecom providers address the massive growing
list of smart devices, which gather terabytes of data for
critical infrastructure processes? Join the conversation at
UTC Telecom Technology 2016, which will take place in
Denver at the Colorado Convention Center May 3-6, 2016.
41| May 2017
CXO Standpoint

34.
SecurView:
Everyone wishes their organization could be more secure. With the number of hackers posing threats to your business
and intellectual property, you can always benefit from enacting a new security practice. Constant reports of hacking
attacks, denial of service attacks, ransomware, and leaks by malicious insiders reflect the amount of cyber security
threats that organizations are facing every-day.
It is no wonder that in our age of evolving threats and compliance regulations, companies struggle to keep their data
protected. Therefore, many businesses have turned to SecurView, a rapidly growing cyber security solutions provider, for
assistance with setting up, assessing, and optimizing components of their networks.
SecurView provides a full life-cycle of cyber security services for clients of all sizes and verticals.
Foremost Among Cyber Security Solution Providers
SecurView was founded in 2007 to deliver cyber security solutions. SecurView’s corporate journey started when the
company received strategic funding from Cisco to become a leading cyber security service provider. SecurView provides
support for security products from all major vendors, including Cisco, Check Point, Juniper Networks, Palo Alto, Fortinet,
FireEye, and IBM/ISS. Their security services specialize in areas related to datacenters, mobility, network visibility and
access policy, and segmentation.
The company’s two main offices are located in Edison, New Jersey and Pune, India. The Edison office specializes in next
generation security solutions in cloud and mobility. The Pune office specializes in remote and managed security services.
Over the past few years, the company has expanded and set up sales offices in the Middle East, Asia, and Europe. SecurView
aims to open more offices globally in the near future.
An Ingenious and Inventive Leader
Rajeev Khanolkar, President and CEO, co-founded SecurView with Niten Ved in 2007. As the CEO, Rajeev forms several
strategic partnerships that, in turn, contribute to the development of new products and solutions. He has been instrumental in
building and maintaining a strong partnership with Cisco Systems, which enables SecurView to reach a global client base.
Under Rajeev’s leadership, SecurView has become a leading cyber security solutions company.
Rajeev is a serial entrepreneur. He had also co-founded NetCom Systems in 1995 with his partner Niten Ved. The company
was very successful in delivering enterprise management solutions to Fortune 2000 companies. In 1999, NetCom Systems
spun off netForensics, a pioneer company in SIEM (Security Information and Event Management).
As the CEO of netForensics from 1999 to 2005, Rajeev helped shape netForensics into a global leader in the SIEM field.
Under his leadership, the company won many technology and business leadership awards.
Cutting-Edge Services
SecurView specializes in Advisory, Integration, and Managed services. Advisory services identify security gaps and provide
recommendations to resolve them. Two examples are Network Vulnerability Assessments and Penetration Testing for
network infrastructures. Integration services design and implement the appropriate solutions to remediate the identified
Implementing Secure IT Architecture
| May 201742

35.
security gaps. This includes Design, Implementation, and
Optimization services for Network Access Control,
Network Segmentation, VPN, and Firewalls. Managed
services include comprehensive management and unique
features to further protect the network, such as Advanced
Analytics and protection from threats caused by
Malware/APT.
The most prominent security products that SecurView
supports are for Network Access Control and Network
Segmentation. The company has managed some of the
largest Network Access Control projects in the world. “We
have a deep understanding of the Enterprise Infrastructure
Security and Compliance Domain, especially with respect
to Cisco’s Identity Services Engine (ISE) solution. We have
an advanced Cisco ISE lab and a skilled team that delivers
portfolio services to partners and clients globally. In
addition, we developed a tool named ISE Deployment
Assistant (IDA) to enhance our Cisco ISE and TrustSec
services,” stated Rajeev Khanolkar.
Design, Build, and Operate with SecurView
SecurView provides customized solutions for Security
Operations Centers (SOCs). The company has a history of
building and operating SOCs, CERTs and NOCs for
Rajeev Khanolkar
President CEO
SecurView
Fortune 500 companies. Exclusive partnerships have been
enabling SecurView to access and test next generation
security solutions for operation centers. As a result, the
company was the first to build an “Intelligent Operations
Center,” which is a combination of a SOC, CERT, and
NOC. The company’s clientele includes top tier telecom
operators, financial institutions, airports, cable operators,
and hotels.
SecurView designs SOC architecture to meet business and
operational requirements for client. Their design services
include recommendations for hardware and software. Their
consultancy services ensure that the SOCs will possess high
value and operational efficiency.
They have a professional services team that can build
custom SOCs. They also offer a rapid deployment solution
that enables their client to become operational in a matter of
weeks. Specifically, this includes the full SIEM solution
with log retention, help desk, and collector manager that
can be procured either through a build-and-transfer model
or leased on a monthly basis.
SecurView has trained SOC analysts that help client
operate their SOCs. This approach reduces the operating
budget and enables client to focus on their businesses.
Envisioning Innovation and Growth
Through SecurView’s new product, it is clear that the
company strives for innovation. Their most celebrated
product, ISE Deployment Assistant (IDA), is a multi-tenant
application that reduces the manual effort required to roll
out Cisco ISE in client environments. Specifically, it helps
automate the network readiness assessment, configuration
of network access devices, and troubleshooting. IDA 2.0
also offers several premium features, including template
based provisioning for network access control use cases,
reporting, and troubleshooting day-to-day operations.
SecurView provides actionable services that improve the
overall IT security framework and reduce the attack surface
to protect the business and intellectual property of their
clients.
“We assess client-specific security
requirements and deliver comprehensive
solutions”
43| May 2017