Microsoft and Oracle to interconnect Microsoft Azure and Oracle Cloud

Press release June 5, 2019

REDMOND, Wash., and REDWOOD SHORES, Calif. — June 5, 2019 — Microsoft Corp. and Oracle Corp. on Wednesday announced a cloud interoperability partnership enabling customers to migrate and run mission-critical enterprise workloads across Microsoft Azure and Oracle Cloud. Enterprises can now seamlessly connect Azure services, like Analytics and AI, to Oracle Cloud services, like Autonomous Database. By enabling customers to run one part of a workload within Azure and another part of the same workload within the Oracle Cloud, the partnership delivers a highly optimized, best-of-both-clouds experience. Taken together, Azure and Oracle Cloud offer customers a one-stop shop for all the cloud services and applications they need to run their entire business.

Connecting Azure and Oracle Cloud through network and identity interoperability makes lift-and-improve migrations seamless. This partnership delivers direct, fast and highly reliable network connectivity between two clouds, while continuing to provide first-class customer service and support that enterprises have come to expect from the two companies. In addition to providing interoperability for customers running Oracle software on Oracle Cloud and Microsoft software on Azure, it enables new and innovative scenarios like running Oracle E-Business Suite or Oracle JD Edwards on Azure against an Oracle Autonomous Database running on Exadata infrastructure in the Oracle Cloud.

“As the cloud of choice for the enterprise, with over 95% of the Fortune 500 using Azure, we have always been first and foremost focused on helping our customers thrive on their digital transformation journeys,” said Scott Guthrie, executive vice president of Microsoft’s Cloud and AI division. “With Oracle’s enterprise expertise, this alliance is a natural choice for us as we help our joint customers accelerate the migration of enterprise applications and databases to the public cloud.”

“The Oracle Cloud offers a complete suite of integrated applications for sales, service, marketing, human resources, finance, supply chain and manufacturing, plus highly automated and secure Generation 2 infrastructure featuring the Oracle Autonomous Database,” said Don Johnson, executive vice president, Oracle Cloud Infrastructure (OCI). “Oracle and Microsoft have served enterprise customer needs for decades. With this partnership, our joint customers can migrate their entire set of existing applications to the cloud without having to re-architect anything, preserving the large investments they have already made.”

As a result of this expanded partnership, the companies are today making available a new set of capabilities:

• Connect Azure and Oracle Cloud seamlessly, allowing customers to extend their on-premises datacenters to both clouds. This direct interconnect is available starting today in Ashburn (North America) and Azure US East, with plans to expand additional regions in the future.
• Unified identity and access management, via a unified single sign-on experience and automated user provisioning, to manage resources across Azure and Oracle Cloud. Also available in early preview today, Oracle applications can use Azure Active Directory as the identity provider and for conditional access.
• Supported deployment of custom applications and packaged Oracle applications (JD Edwards EnterpriseOne, E-Business Suite, PeopleSoft, Oracle Retail, Hyperion) on Azure with Oracle databases (RAC, Exadata, Autonomous Database) deployed in Oracle Cloud. The same Oracle applications will also be certified to run on Azure with Oracle databases in Oracle Cloud.
• A collaborative support model to help IT organizations deploy these new capabilities while enabling them to leverage existing customer support relationships and processes.
• Oracle Database will continue to be certified to run in Azure on various operating systems, including Windows Server and Oracle Linux.

“The alliance between Microsoft and Oracle is welcome news as we accelerate Albertsons’ digital transformation and leverage the full value of the public cloud,” said Anuj Dhanda, executive vice president and chief information officer at Albertsons Companies. “This will allow us to create cross-cloud solutions that optimize many of our current investments while maximizing the agility, scalability and efficiency of the public cloud.”

“As we look to bring our omnichannel experience closer together and transform the technology platform that powers the Gap Inc. brands, the collaboration between Oracle and Microsoft will make it easier for us to scale and deliver capabilities across channels,” said Sally Gilligan, chief information officer at Gap. “The interoperability between Azure and Oracle Cloud allows us to deploy Oracle or custom-built applications on Azure and Oracle databases on Oracle Cloud.”

“At Halliburton, we have a long history of running both Oracle and Microsoft technologies for our most critical applications. Our deep experience with these two strategic vendors has yielded consistently stable and performant application deployments,” said Ken Braud, senior vice president and CIO at Halliburton. “This alliance gives us the flexibility and ongoing support to continue leveraging our standard architectures, while allowing us to focus on generating business outcomes that maximize returns for our shareholders.”

Those wanting to learn more should visit https://aka.ms/OracleOnAzure or www.oracle.com/cloud/oci-azure.html.

https://news.microsoft.com/2019/06/05/microsoft-and-oracle-to-interconnect-microsoft-azure-and-oracle-cloud/

Lockheed Martin and Lake Nona Students Partnered on Top-Secret Project

Press release

Orlando, Fla., April 4, 2019 – Lockheed Martin and Discovery Education, the leading provider of digital curriculum resources, digital content and professional development for K-12 classrooms, surprised students today at Lake Nona High School with a top-secret STEM mission creating a prototype aircraft that could serve in a humanitarian aid mission.

Lockheed Martin engineers were on hand to help students complete the challenge. Orange County Schools Superintendent Barbara Jenkins also attended the event.

“Advancing STEM education is a critical focus for Lockheed Martin as we work to inspire the next generation of engineers, scientists and technologists,” said Stephanie Asendorf, senior technology manager at Lockheed Martin in Orlando. “For me, bringing STEM to life in this classroom today is special as I’m an Orange County Public Schools graduate who pursued a STEM career at a company that supports developing technology around the world.”

Lockheed Martin also gifted the school with a 3D printer and plan to bring engineers back to the school to assist with training on how to use it.

The project, called Designed for Service, is part of a larger program called Generation Beyond.  

Lockheed Martin launched Generation Beyond in 2016 in partnership with Discovery Education, with the hope of inspiring high school students to become the next generation of scientists and engineers by demonstrating how exciting a STEM career can be. 

This spring, Generation Beyond will take over high schools in three additional cities nationwide.

Lockheed Martin takes pride in its connection with our Central Florida community. With more than 60 years and 8,000 employees, Lockheed Martin’s Orlando employees develop some of the most advanced technology for the nation and our allies.

In 2015, Lockheed Martin announced its $2 million investment into Orange County Public Schools to expand STEM programs through Project Lead the Way curriculum.

Advancing the STEM workforce pipeline, Lockheed Martin presented $300,000 to Valencia College in November 2018 to support a second advanced manufacturing training program.

In February 2019, Lockheed Martin partnered with the University of Central Florida (UCF) to establish a Cyber Innovation Lab. The lab will foster the next generation of cyber talent.

Details about Lockheed Martin are available at our website and Orlando page.

https://news.lockheedmartin.com/news-releases?item=128709

AppDynamics Launches New Integration Partner Program Aimed at Accelerating Enterprises' AIOps Journeys

News release 04 June 2019

SAN FRANCISCO, Calif. – June 4, 2019 – AppDynamics, a Cisco company and leader in application intelligence, today announced the AppDynamics Integration Partner Program, a new partnership program that simplifies the rapidly expanding technology ecosystem for enterprises through strategic collaboration with leading technology companies. AppDynamics has curated joint innovations geared toward empowering IT teams with an extended view of their applications, network, infrastructure and business, and providing AI-powered insights for automated remediation and optimization.

As IT systems continue to grow more complex and distributed, many companies are turning to AIOps to help alleviate the increasing resources needed for manual management. With the AIOps market projected to rise to $11 billion by 2023*, the challenge of figuring out how to efficiently incorporate AIOps into existing systems and realize its full value is daunting for many enterprises.

“We’re reaching a tipping point where the chaos and complexity in modern IT operations has become too much to manage without AI and automation,” said Thomas Wyatt, chief marketing and strategy officer, AppDynamics. “An ecosystem of technology partners collaborating with an AIOps mindset is a must for enterprises adopting a more automated approach. The Integration Partner Program brings AppDynamics together with industry leading technology providers to help businesses create systems of intelligence that power amazing experiences for their users."

Every vendor in the Integration Partner Program has been carefully assessed to ensure integrations answer enterprises’ most critical needs. The methodology for partner selection is based on AppDynamics and Cisco’s Central Nervous System for IT, which empowers IT professionals in their AIOps journey by providing broad visibility into complex environments, real-time insights and the ability to automatically trigger targeted actions. Partners in this new program have strategically integrated with AppDynamics in support of this AIOps-focused vision. Founding members include Apica, Atlassian Opsgenie, BigPanda, Evolven, Harness, Moogsoft, PagerDuty, Turbonomic, Virtual Instruments and xMatters.

“Jobvite is a leader in talent acquisition innovation, helping companies engage candidates with meaningful experiences at the right time,” said Ron Teeter, chief architect, Jobvite. “Because we leverage automation and intelligence to increase the speed, quality and cost-effectiveness of talent acquisition, the Jobvite platform is essential to our clients. By leveraging AppDynamics and Harness, we’re able to optimize the performance and availability of our services and deliver meaningful outcomes to our customers every day.”

Members of the Integration Partner Program gain access to a collaborative support network during the development cycle to ensure high quality integrations are built and positioned as integral to AppDynamics and Cisco’s Central Nervous System vision. If you’re interested in joining the program, please apply here.

*MarketsandMarkets, AIOps Platform Market by Component, Service (Implementation, Consulting, and Managed Services), Application (Real-time Analytics, Infrastructure Management, and Application Performance Management), Vertical, and Region - Global Forecast to 2023

Additional Information

• Learn more about the Integration Partner Program
• Read more about the Integration Partner Program on the AppDynamics blog

https://newsroom.cisco.com/press-release-content?type=webcontent&articleId=1991536

(ISC)² Study Reveals a Third of Businesses are Boosting Diversity in IT/ICT and Cybersecurity to Attract and Retain Top Staff

Press release 04 june 2019

Study uncovers that 74% of businesses took action on diversity in the last 2-5 years in an effort to create a more appealing and inclusive workplace across age, gender and ethnicity

Infosecurity Europe – London, UK, June 4, 2019 – (ISC)² – the world’s largest nonprofit association of certified cybersecurity professionals – today released headline findings from its forthcoming study into workplace and hiring diversity in IT/ICT and cybersecurity roles. The independent blind study of employees in 1,000 organizations in the U.K. and 250 in the Netherlands reveals that workplace diversity in IT and security has become a key operational concern, as organizations broaden their efforts to encourage diversity and inclusivity amid the impact of the sector’s skills shortage on IT and cybersecurity recruitment and staff retention.

Talent acquisition and retention is the leading operational reason that companies have been ramping up their diversity initiatives, according to (32%) of respondents. Meanwhile, nearly one in three (29%) added that diversity is important to their organization because the workforce should represent the demographics in society.

The study, which looked at the diversity of age, gender, ethnicity and origin, revealed that nearly three quarters of organizations surveyed (74%) instituted a stated diversity value or program in the last 2-5 years. On top of this, a further 16% have followed suit in the last 12 months.

“Workplace diversity encompasses multiple factors including gender, ethnicity, age, origin and much more. While it is important to spotlight changes and improvements in individual areas such as gender diversity, the wider diversity make-up of the IT department, cybersecurity teams and the organization as a whole can speak volumes about the realities of inclusiveness, forward-thinking and openness to new ideas and approaches in the workplace,” said Deshini Newman, Managing Director EMEA at (ISC)².

“The cybersecurity challenge of combating threats with the right people and the right skills is a relentless one. It is just one reason why organizations must maximize their ability to entice and keep talented and qualified individuals from all corners of society. Bringing new ideas, experience, alternative thinking and approaches to the table, as part of a broad selection of skills, experience and backgrounds can inspire, motivate and help organizations to find innovative solutions to today’s IT and security concerns.”

Diversity Being Driven by HR, Not the Board
Overall, 40% of survey respondents stated that the HR department is the primary driver of diversity and inclusivity efforts, including measuring employee diversity goals. This compares to just under one quarter (23%) who said it was the senior management team and just 10% that said it was the C-suite driving diversity initiatives.

Amid the demand for skilled and qualified cybersecurity personnel, the study confirmed that efforts to improve the hiring prospects for these roles are helping overall efforts to recruit While diversity in hiring is prevalent across the organizations surveyed, IT and cybersecurity constitute a major part of the overall diversity hiring push.

Nearly two-thirds (60%) of respondents said that up to 20% of the current vacancies in their organizations are IT and/or cybersecurity-based. A further quarter (26%) said these roles constituted between 21-50% of their workforce.

Hiring Cyber Roles
Over three quarters (77%) of respondents said that cybersecurity roles were recruited for in their organizations in the last 12 months. The number of roles filled ranged from 1 to 31 across the responses, although nearly 55% of the respondents said that up to 10 cybersecurity personnel were hired by their organization over the last 12 months. Meanwhile, 18% said that between 11 and 30 roles were hired in the last year.

Over a third of respondents (37%) say just 6-20% of their IT department employees are aged 18-21, while an additional third (35%) say none of their IT department employees are aged 18-21. This indicates a struggle to bring enough new talent into the department that can learn from their experienced peers. This is critical when considering that the IT department has an age diversity profile weighted towards older employees. One quarter (24%) said that up to half the IT department staff in their organization were aged 31-40, with 20% of respondents suggesting that up to 35% were aged 41-50.

(ISC)2 will release its full IT and Cybersecurity Diversity whitepaper in July. For more research on the Cybersecurity workforce, please visit www.isc2.org/research.

About the Report Methodology
(ISC)2 commissioned Opinion Matters to conduct an independent blind study of employees in 1,000 organizations in the U.K. and 250 in the Netherlands. The study gathered insights from those responsible for hiring IT roles in organizations employing 500+ people. The sample was not exclusively focused on those in dedicated HR roles, but widened to include others outside of the HR department that would routinely have a hand in the hiring process for IT professionals. Respondents included IT department heads, team leads, IT directors, CIOs and CISOs. The aspect of diversity explored focused on factors such as gender, ethnicity, age and country of origin, as well as how organizations operationalize their hiring methods.

About (ISC)²
Celebrating its 30th anniversary this year, (ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP^®) certification, (ISC)² offers a portfolio of credentials that are part of a holistic, pragmatic approach to security. Our membership, more than 140,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation – The Center for Cyber Safety and Education™. For more information on (ISC)², visit www.isc2.org, follow us on Twitter or connect with us on Facebook and LinkedIn. 

https://www.isc2.org/News-and-Events/Press-Room/Posts/2019/06/04/ISC2-Study-Reveals-a-Third-of-Businesses-are-Boosting-Diversity

I router CISCO sono a rischio ?

Qualche giorno fa, su Wired, è stato pubblicato un articolo dal titolo inquietante: "A Cisco router bug has massive global implication".
Secondo quanto riportato alcuni ricercatori di sicurezza hanno scoperto delle vulnerabilità gravi in diversi modelli di router Cisco, il problema sembra essere relativo al controllo che i router effettuano per verificare la bontà degli aggiornamenti che ricevono dalla casa madre. In particolare diversi modelli di router Cisco della serie 1001-X sembrano essere affetti dalla vulnerabilità scoperta. La Cisco, da parte sua, ha annunciato che sta lavorando alla soluzione del problema.
I ricercatori della Red Balloon Security hanno sfruttato due vulnerabilità dei router:
- un bug del Cisco IOS (il sistema operativo dei router Cisco), vulnerabilità che consente a persone non autorizzate l'accesso al router a livello root (massimo livello di accesso) e la possibilità di modificare qualunque parametro (in particolare le rotte);
- la seconda vulnerabilità consente, una volta ottenuto l'accesso di root, di bypassare il sistema di sicurezza fondamentale dei router, il cosiddetto "Trust Anchor", implementato praticamente in tutti i router Cisco a partire dal 2013.
Nell'articolo di Wired si allude alla possibilità che, con delle modifiche più o meno attagliate ai router delle diverse famiglie, si possano hackerare potenzialmente centinaia di milioni di router sparsi nel mondo, router di società come di organizzazioni pubbliche civili e militari.
Il CEO e fondatore della Red Balloon Security, Ang Cui, ha affermato che la sua società ha mostrato che è possibile disabilitare in modo permanente il Trust Anchor e quindi modificare in modo arbitrario i dati dei router Cisco facendo si che il sistema continui a segnalare di funzionare correttamente.

C'è da dire che Ang Cui non è nuovo a queste scoperte, già anni addietro aveva dimostrato che era possibile hackerare i telefono digitali di Cisco. Cisco rispose con una patch che Ang Cui dimostrò essere inefficace. Con un altro lavoro di ricerca dimostrò che era possibile hackerare le stampanti di rete HP.
Ang Cui ha affermato di aver ricevuto finanziamenti da varie organizzazioni US (tra cui la DARPA) per il suo lavori di ricerca ed è da anni alla guida della sua società che tra l'altro ha prodotto un sistema capace di mettere in sicurezza, teoricamente, qualunque sistema IoT (Internet of Things) che si chiama Symbiote Defence System.
Per chiudere con qualcosa di utile, agli amministratori di rete e sistema raccomandiamo l'applicazione delle patch indicate da Cisco. Come abbiamo fatto altre volte invitiamo tutti a studiare attentamente la propria rete, convinti che la conoscenza di ciò che si amministra sia alla base della sicurezza, e ad applicare le patch.
Agli amministratori Delegati e ai consigli di amministrazione diamo invece un suggerimento al loro livello, invitandoli a fare ogni sforzo possibile per invogliare il proprio personale a sposare la cultura della sicurezza e ad investire il giusto per gestire il rischio legato alla sempre maggiore pervasività della tecnologia.

Una cosa è certa, ogni giorno che passa rende sempre più chiaro che il mondo a cui ci siamo affidati non è quello che pensavamo. Sempre più "complesso" e tutt'altro che sicuro fa pensare ad un vecchio film statunitense del 1999, Matrix, in cui era possibile entrare ed uscire dalla rete a causa dei bachi di programmazione. Un mondo nel quale, per assurdo, all'agente Smith era possibile prendere il posto di una persona attraverso una qualche "magia digitale". 

Bene, quel mondo fantastico è ora intorno a noi...  

Alessandro RUGOLO

Per approfondire:
- https://www.wired.com/story/cisco-router-bug-secure-boot-trust-anchor/;
- https://www.bbc.com/news/technology-48269600?intlink_from_url=https://www.bbc.com/news/topics/cz4pr2gd85qt/cyber-security&link_location=live-reporting-story
- https://www.redballoonsecurity.com/;
- https://www.enterpriseai.news/2015/09/22/from-hacker-to-iot-security-hero-red-balloon-floats-new-solution/;
- https://www.extremetech.com/computing/145371-your-worst-office-nightmare-hack-makes-cisco-phone-spy-on-you;
- https://arstechnica.com/information-technology/2011/11/hp-printers-can-be-remotely-controlled-and-set-on-fire-researchers-claim/;
- https://www.cyberscoop.com/cisco-router-vulnerabilities-future-prevent-software-updates/;
- https://www.cisco.com/c/en/us/products/collateral/security/cloud-access-security/secure-boot-trust.html