2014 Mega breaches: 5 key takeaways

This is the first in a series of blog posts concerning IT security and trends for 2015.

A new study by the Ponemon Institute outlines how the mega security breaches of 2014 are changing attitudes towards IT security.

The breaches affected the personal records and credit card information of more than 350 million people. The financial toll is estimated to be billions of dollars in cleanup expenses, fraud response costs, lost market valuation, reputation damage, lawsuits, and related expenses. IT managers face mega challenges as they try to protect data containing credit card information, financial transactions, and other personal information.

In this January 2015 study, 735 IT security practitioners were surveyed about the impact of the mega breaches on their budgets and compliance practices. Here are five key takeaways from the results.

1. More resources are allocated to preventing, detecting, and resolving data breaches.
61% percent of respondents say their budget or security increased by an average of 34%. 65% of respondents say the increased budget enabled investment in security technology to prevent and/or detect breaches.

The top five technology investments are:

1. Security Incident & Even Management (SIEM) (50%).
2. Endpoint security (48%).
3. Intrusion detection and prevention (44%).
4. Encryption and tokenization (38%).*
5. Web application firewalls (37%).

Source: Ponemon Institute

2. Senior management level of concern about cyber defense has risen dramatically to 7.8.
Before the Target breach, the level was 5.7 out of ten. In addition, 55% of respondents rate senior management’s concern as extremely high. Prior to the Target breach, only 13% of respondents believed senior management was extremely concerned. Overall concern among C-level executives was up by about 37%.

Source: Ponemon Institute

Source: Ponemon Institute

3. Senior management realizes the need for a stronger cyber defense posture.
The majority of respondents (72%) reported that after the breaches, their companies provided tools and personnel to contain and minimize breaches. 67% say their organization made sure IT had the budget necessary to defend against breaches.

4. Companies have changed their operations and compliance processes.
60% of respondents say they made changes to operations and compliance processes to improve their ability to prevent and detect breaches.

5. Many companies fail to prevent the breach with the technology they currently have.
65% of respondents say that attacks evaded existing preventive security controls. 46% say the breach was discovered by accident.

*If you are considering solutions that ensure PCI compliance, the Black Box EncrypTight™ system provides multi-site WAN encryption at speeds up to 10-Gbps and across Layers 2-4. It also eliminates the hassles of creating and managing numerous VPN tunnels.

Solution Briefs
PCI DSS Compliance
Network Security for Finance

Machine vision: 100% assembly line inspection

Machine vision technology—the image-based automatic inspection process—has matured greatly and is now becoming an indispensable tool in manufacturing to increase quality and profitability. USB 3.0, with its 5-Gbps throughput and ability to send power and data over the same line, has greatly contributed to this growth.

What is machine vision?
Machine vision is an image-based, automatic inspection and analysis system for applications, such as process control. It automatically takes pictures to inspect materials as they come down the assembly line.

Other machine vision applications include:

• PCB inspection.
• Medical vial inspection.
• Robot guidance and orientation of components.
• Engine parts inspection.

Machine vision uses a small industrial camera and lights mounted near an assembly line to take pictures of product as it passes. The images are then analyzed by software to determine if various aspects of the product meet acceptable specifications. For instance, if a label is misplaced, the bottle will be rejected. All of this is done at incredibly high speeds—fractions of a second.

Years ago, machine vision systems were very expensive, costing hundreds of thousands of dollars. But in the last 15 years or so, advances in technology have brought the cost of machine vision down, making it a practical solution for 100 percent quality control. And the cost for implementing machine vision keeps decreasing as technological capabilities increase.

Machine vision is now an indispensable tool for quality assurance, sorting, and material handling in every industry, including electronics, food processing, pharmaceuticals, packaging, automotive, etc. It is an economical way to make sure sub-spec product is rejected. Machine vision can be used to inspect for geometry, placement, packaging, labeling, seal integrity, finish, color, pattern, bar code, and almost any other parameter you can think of.

USB 3.0 and machine vision
USB 3.0 brings a number of advantages to machine vision systems. Because of its 5-Gbps throughput, ten times more than USB 2.0, it eliminates problems of stability and low latency for image transmission and camera control. USB 3.0 enables the transmission of higher-resolution, higher-frame rate video with no loss of quality.

USB 3.0 also sends data and power on the same line. This is enough to power a camera without worrying about a separate power supply or power line.

In addition, compared to older systems, USB 3.0 is plug-and-play, making it easy to swap out cameras and other hardware, such as USB 3.0 extenders, hubs, and other devices.

Factory automation: four problem-solving technologies

There is a new industrial revolution. It’s combining advancements in machines and controls with advancements in computing and communications from the Internet revolution. Today’s technology is being applied in ways not even thought of even 10 years ago to solve problems and increase industrial productivity.

That’s where the challenge of mixing new and existing technologies in an industrial environment comes in. Here are four problem-solving technologies for industrial networking.

1. Fiber for distance and EMI/RFI immunity.
Fiber optic cable is often the preferred cable choice in industrial environments because it can cover very long distances and offers immunity to electrical interference.

Fiber doesn’t have the 100-meter distance limitation of twisted pair copper, so it can support distances from 300 meters to 40 kilometers, or more, depending on the style of cable, wavelength, and network.

Fiber also provides extremely reliable data transmission. It’s completely immune to many environmental factors that affect copper cable. The fiber is made of glass, which is an insulator, so no electric current can flow through. It is not affected by electromagnetic interference and radio-frequency interference (EMI/RFI), crosstalk, impedance problems, and more. You can run fiber next to industrial equipment without worry.

2. A ring topology for redundancy.
Although Ethernet is usually thought of as having a star topology, it’s possible to build an Ethernet network as a ring. This is often used in applications where it may be difficult to run fiber in a star formation from a central switch, such as in industrial or even traffic signal applications.

One industrial networking scenario involves connecting industrial devices, such as computer numeric controlled (CNC) machines, to hardened Ethernet switches. The switches are set up in a ring topology for maximum reliability with a failover time of less than 30 ms, which is virtually instantaneous. The ring has the advantage of providing a redundant pathway if a link goes down. If one part of the ring fails, traffic will automatically reverse direction.

3. Machine vision and USB 3.0.
Machine vision is an image-based automatic inspection technology that is now an indispensable tool for quality assurance, sorting, and material handling in every industry, including electronics, food processing, pharmaceuticals, packaging, automotive, etc. Machine vision technology incorporates cameras, PCs, software, and other hardware to automatically take pictures and inspect materials as they pass along an assembly line.

Machine vision is an economical way to make sure sub-spec product is rejected. It can be used to inspect for geometry, placement, packaging, labeling, seal integrity, finish, color, pattern, bar code, and almost any other parameter you can think of.

USB 3.0 greatly enhances machine vision systems. Because of USB 3.0’s 5-Gbps throughput, ten times more than USB 2.0, it eliminates problems of stability and low latency for image transmission and camera control. USB 3.0 enables the transmission of higher-resolution, higher-frame video with no loss of quality.

4. Industrial serial connections.
Industrial control is a designation for the devices that interface with machinery such as packaging machines, generators, lathes, and even scales. Although most of today’s IT runs on Ethernet, industrial devices often use an RS-232, RS-485, or RS-422 serial interface. To capitalize on the investment in the industrial equipment and machinery, interface converters and line drivers can be used to provide the link between older RS-232/422/485 equipment connections and newer USB and Ethernet networks.

RS-232 transmits data at speeds up to 115 kbps and over distances up to 50 feet, although higher distances can be achieved by using low-capacitance cable. Both sync and async binary data transmission fall under RS-232. Although the original RS-232 connector is DB25, DB9 and RJ-45 connectors are now more common. Also, industrial devices often use a terminal block instead of a connector for the RS-232 interface. RS-232 is somewhat restricted as an industrial interface because of its restricted range and because it only supports point-to-point links.

For a far more detailed study of industrial communications, see the white paper: Elements of an RS-422/RS-485 System.

3 Ways to use wireless Ethernet extenders

IT professionals are the unsung heroes when it comes to Ethernet LAN extension. Network users don’t care how the network is extended, they just want it to work.

Why wireless Ethernet extension.
Ethernet has a maximum distance or range of 100 meters over CATx cable. If the network needs to go beyond that, fiber is the best medium. But it’s not always practical or economical to trench new fiber. That’s where wireless Ethernet extension comes in.

Here are three examples of how you can extend an Ethernet network quickly and economically with wireless extenders.

Application 1: Point-to-point enterprise LAN extension.
This is the simplest form of wireless Ethernet extension between buildings, such as in a business park or a school campus. Point-to-point LAN extension can also be used to connect networks between buildings across town at data rates of 40-80 Mbps up to six miles apart.

Extenders, like the LWE120 Series, usually come in kits for this type of application. The kits give users a fast deployment time because the access point and the subscriber unit are already pre-synchronized to work together right out of the box. These units feature internal directional antennas with LED indicators for alignment. Dual antennas are used for better speed and range. Power over Ethernet simplifies installation. Continue reading →

The difference between layer 2, 3, and 4 network switches

With the rapid development of computer networks over the last decade, high-end switching has become one of the most important functions of a network for moving data efficiently and quickly from one place to another.

Here’s how a network switch works: As data passes through the switch, it examines addressing information attached to each data packet. From this information, the switch determines the packet’s destination on the network. It then creates a virtual link to the destination and sends the packet there.

The efficiency and speed of a switch depends on its algorithms, its switching fabric, and its processor. Its complexity is determined by the layer at which the switch operates in the OSI (Open Systems Interconnection) Reference Model.

OSI is a layered network design framework that establishes a standard so that devices from different vendors work together. Network addresses are based on this OSI Model and are hierarchical. The more details that are included, the more specific the address becomes and the easier it is to find.

The Layer at which the switch operates is determined by how much addressing detail the switch reads as data passes through. Switches can also be considered MAC- or IP-level. A MAC-level switch operates in Layer 2 of the OSI Model and can also operate in a combination of Layers 2 and 3. IP-level switches operate in Layer 3, Layer 4, or a combination of the two.

Layer 2 Switches (The Data-Link Layer)
Layer 2 switches operate using the data link (MAC) layer addresses. Link-layer, hardware, or MAC-layer addresses identify individual devices. Most hardware devices are permanently assigned this number during the manufacturing process.

Switches operating at Layer 2 are very fast because they’re just sorting MAC addresses, but they do not look at the Layer 3 portion of the packet to learn anything more. Continue reading →