Forecast: Mostly Cloudy @ISC West 2017

I’ll be speaking on Cloud Security at ISC West on April 6, 2016.

Mostly Cloudy with a Chance of Security

ISC West bills itself as the “largest security industry trade show in the U.S.”

I attended last year and blogged about my experience.

This year I’ll be wearing two hats and advocating on behalf of both enterprises and cloud service providers with a goal to improve the security of both.



Modern Evidence Management: Challenges and Solutions

AUSTIN TX — As I write this in October of 2016, a constant of American life is the inescapable media coverage of critical incidents involving law enforcement. The Media, in a free and open society, plays a critical role reporting and providing to the public a degree of transparency about how our government is policing us. We should be cautioned, however, to form our own individual opinions when digesting these events and to avoid being led blindly by a media narrative woven with information that is often, at best, incomplete, and at worst, completely wrong. Its easy to forget that even the best media coverage lacks the context that comes from having all of the information available to investigators.

The most important part of that information is, of course, the evidence. Evidence is and always has been the impartial witness that enables the facts to be known and justice to be served. Evidence collection and processing has evolved over several hundred years of policing into a mature discipline. A critical component of this discipline is “chain of custody”, a process that seeks to ensure the integrity of the evidence from the time of collection to final disposition of the case. Until recently, the traditional processes and technology used for evidence management had been sufficient. Unfortunately that is no longer the case. A disruptive force threatens even the most mature evidentiary processes. This force, in a word: data.

Every day we create 2.5 quintillion bytes of data, and a staggering 90% of the world’s data was created in the last two years. While the digital evidence associated with critical law enforcement incidents represents a tiny percentage of that data, it is undoubtedly one of the most important parts of it. While no data points exist to speak to the amount of digital evidence being created daily, empirical observations are telling. In addition to the video evidence generated by Body Worn Cameras (BWC’s) used by police officers, other sources such as video surveillance systems and the proliferation of video recording by the public are all contributing to an ever growing mountain of digital evidence that must be managed. This huge trove of data combined with public scrutiny of critical incidents is exerting new pressures on both law enforcement administrators and the technology they use to manage it.

Evidence management systems have evolved significantly from the paper systems of the 1960’s and the mainframes of the 70’s that were only tasked with tracking physical evidence. The personal computer revolution at the end of the 80’s finally enabled digital evidence management, even if only in the most rudimentary fashion. Today, the rise of cloud has enabled the creation of a new class of cloud-enabled Digital Evidence Management Software (DEMS) products, purpose built to manage the enormous amounts of data we must maintain with integrity. While its admittedly not a panacea, in today’s world, cloud based DEMS may represent the best method we have for ensuring that all evidence eventually facilitates justice.


This article is a repost of an article originally guest authored for the DoubleHorn blog.

Early Adopter Pain and Hyperconverged Excellence

Austin’s @pivot3 recent tweet of an @ITWire article about the projected growth in the HCIS (Hyperconverged Integrated Systems) market contain a couple of nuggets of information that demand expanding upon.  

First:  Hyperconvergence has yet to enter the mainstream.  

This is true.  The article states that while HCIS is the fastest growing segment it will be less than 1/4 of the integrated systems market by 2019. 

Innovators and early adopters are clearly benefiting from the fruits of hyperconvergence, namely software centric infrastructure built upon commodity hardware to deliver transparent solutions to internal and external stakeholders quickly and efficiently. That said early adopters are also on point to absorb the inevitable pain of industry upstarts and established giants finding and exploiting a particular market niche and redefining their solutions on a path to revenue nirvana. 

Pivots, acquisitions and chaos lay ahead for some. As evidence some friction has arisen between Dell and EMC as they struggle to understand how Nutanix fits into their new world order. 

Secondly:  Hyperconvergence use cases have been limited and silos have emerged.  

No kidding.  If you treat hyperconvergence like a traditional enterprise point solution, roll with a limited POC, and get frustrated when the touted benefits are not realized, then you deserve your fate.

Hyperconverged excellence requires a philosophical shift to a software first/software only mentality from the help desk to the CIO.  Hyperconverged excellence requires that you are willing to shrewdly assess your organization and act to make the necessary changes to be successful.  Blockers must be eliminated be they technological, cultural or personnel. Hyperconvergence holds great reward only for those organizations that understand the revolution at hand and have the courage to execute.  

The irony is that those that languish in perpetual POC hell will eventually abandon their infrastructure entirely for a public/private cloud solution managed by someone that achieved hyperconverged excellence long ago.