Author: Stephen

Posted on

Upcoming article: Flash storage tiers

For Computer Weekly, I am writing a short piece looking at the various tiers of solid-state storage.

What is on the market, how does each technology’s performance differ, and what are their applications? Why do businesses use tiered storage, and where does each solid state technology fit into tiering?

I will cover these storage types:

  • Optane/3D Xpoint/Z-NAND
  • NVMe
  • TLC Flash
  • QLC Flash

If you have market research or other information to share on these, the deadline to contact me — as ever by email — is 1700hrs, Friday 14th February.

Posted on

Upcoming article: Latest government data breaches in 2019/2020

I am researching an analysis into security breaches in the public sector. We are looking especially at globally significant incidents.

In the piece, we will examine the trend – how did 2019 compare with 2017 and 2018?

Are there any notable changes in geography, or in the type of breach?

Which organisations are being attacked, and is that changing?

What size of incidents are we seeing? Are they larger, or having a greater impact?

The piece will then look at the cost of public sector data breaches, and their impact. And we will ask if there are specific steps public sector IT and security leads should be taking to protect their assets.

The piece will appear in The Daily Swig. This earlier piece in the series, on healthcare, is a guide for what we are looking for.

Submissions of content or suggestions for interviewees, by Thursday 6th February, by email in the first instance.

Posted on

Upcoming article: a deep dive into DDoS

For The Daily Swig, I’m writing an explainer on DDoS attacks, and how organisations can prevent them.

The article will include:

– A definition of a DDoS attack, and why they happen
– How a DDoS attack works, including its various stages
– Types of DDoS attacks
– Their impact on businesses
– The legal status of DDoS attacks
– Actions organisations can take to prevent or stop attacks and how to mitigate their impact.
We are also keen to include details of recent attacks, and any up to date research on the topic.

The deadline for submission of ideas, leads or content is 1700, on Thursday 21st November.

As ever email is the best way to reach me.

Posted on

Upcoming articles: Disaster recovery planning, and Disaster Recovery as a Service

For Computer Weekly I am writing two linked articles on DR. The first is a top level overview on disaster recovery planning. The second looks more deeply at Disaster Recovery as a Service – a market analysts say is growing rapidly, and could soon outstrip conventional DR tools.

Essentials of disaster recovery planning

This article will cover the key points organisations need to consider when developing a disaster recovery plan. This will include:

Identifying the risks to of the organisation – this is about more than just IT. It will include physical, human and (cyber) security risks.

Identifying the key components of the IT system and the potential damage downtime or failure could mean to the organisation.

Determining RTOs and RPOs for each component of the IT system.

Developing a response strategy, which can comprise elements that range from premises and people to technology.

How disaster recovery can be provisioned in house, off site and in the cloud

Maintaining the DR plan. How is the plan validated, tested and updated?

Key DRaaS options

This is a drill-down into the key as-a-service options available for DR.

Why is DRaaS changing and how is the cloud influencing this?

What are the key features of:

  • managed,
  • assisted,
  • and self-service DR options

How does each work in terms of infrastructure, data transfer, and recovery etc and which types of use cases, size of organisation etc they are best suited to?

Finally, the piece might add pointers to help IT directors choose the right provision for their business.

Deadlines:

Customer case studies, research reports, technical information and white papers only please for these articles. For the Essentials, the deadline is 1700hrs, London time, Friday 15th November. For DRaaS, the deadline is 1700hrs, London time, Thursday 21st November. Please send information by by email in the first instance.

Posted on

Upcoming article: SME disaster recovery: Hyper-converged or the cloud

In this follow up piece for Computer Weekly, we’ll be looking more deeply at disaster recovery for the SME sector. The piece will cover:

• The key requirements for disaster recovery

o Why is it simpler than ever for SMEs to achieve effective DR

o What are the key choices (platforms, hardware and software)?

• Plus:

What are the key characteristics of disaster recovery using hyper-converged infrastructure? Who plays in the space and what doing they offer?

• What are the key attributes of the use of the cloud for DR?

• What are the pros and cons of each for SME customers?

For this piece I am open to input from analysts and systems integrators and consultants. We will also consider input from vendors, especially customer examples – but they must be SME, private sector projects.

The deadline for leads is Friday 18 October, 12 noon London time. Please contact me by by email, as ever.

Posted on

Upcoming article: can the cloud replace tape?

My next article for Computer Weekly will look at whether the cloud will finally see off tape, as the enterprise’s main backup medium.

For years analysts and vendors have predicted the demise of tape, but it lives on. Compared to disk-based backup, tape retains some advantages. And recent ransomware attacks have also caused organisations to look again at tape.

Could the cloud, though, finally see off tape backup? This article will examine the key cloud alternatives as organisations seek to move away from tape, and consider what they mean storage architecture. We will discuss:

  • Tiers of storage are there and how do they relate to each other
  • Difficulties in the (continued) use of tape
  • The key types of cloud products that can be seen as tape replacements
  • How do tape replacement cloud offerings fit with on-premises architectures?
  • Who are they key vendors of cloud tape replacement products and what do they offer

The deadline for submitting spokespeople’s names is 1700 London time, Wednesday 09th October. The deadline for submitting comment is 1700 London time, Monday 14th October. However please do not submit comments without contacting me first.

We welcome input from analysts, consultants and also senior end user IT architects, business continuity or archiving specialists.

Please contact me by by email in the first instance.

Posted on

Speaking opportunity: Security Culture TV

I am looking for guests to appear on a new series of Security Culture TV.

The show welcomes guests from both the IT and cyber security industries, as well as experts in related fields, such as physical security and data privacy. In fact, security convergence is one of our themes for the shows.

The first episodes will be filmed at a studio near London on September 25th and 26th. If you are interested in taking part, contact me via email with some background info and some ideas you would like to talk about on the show.

Please note that guests will need to appear in the studio in person, there is no option to dial in for the next series.

More information about SCTV below:

About Security Culture TV 


Security Culture TV is a regular video show and podcast hosted by industry expert, author and keynote speaker Kai Roer.

In the show, Kai asks guests from around the world to share their perspectives, ideas and experiences on building and maintaining security culture. Kai welcomes CISOs, practitioners and experts on security, to discuss topics including how to engage employees in security, best and worst practices, measuring security culture, and much more.

With his experience, deep knowledge and evidence-based approach, Kai explores and challenges the industry status quo. 

The show’s producer is security journalist and broadcaster, Stephen Pritchard.

About Kai Roer

Over the past 25 years, Kai has become the global go-to-guy on security culture. In 2012 he created the Security Culture Framework, which was adopted by ENISA as their Cybersecurity Culture framework. In 2015, Kai created the innovative company CLTRe (culture), where he researched and built a measurement instrument for security culture. In 2019, CLTRe was acquired by KnowBe4, the global leader in phishing assessment and security awareness trainings. Kai is currently focusing on his security culture research, and on sharing his knowledge around the world.

Posted on

Upcoming article: the top 5 storage deployment pitfalls

For Computer Weekly I am investigating the greatest pitfalls for deploying on-premises storage hardware.

The piece can cover flash storage, storage arrays, hyper-converged, or software-defined storage but it needs to be in house, not cloud based.

I am looking for examples from CIOs and IT directors and experienced analysts and consultants – but not vendors.

If you would like to comment for the article please email me with a brief description of your (or your client’s) credentials in this area, and I will reply with some questions.

The deadline for initial approaches is September 9th.

Posted on

Upcoming article: why it pays to think about data stewardship

Can organisations benefit from a proactive approach to data stewardship? And are there financial or other advantages to staying ahead of regulations and legislation, and ‘doing the right thing’?

I am looking for examples of organisations that have gone beyond tick box data security and privacy, and taken a best practice approach. What have they done beyond the basics, what has it cost, and what has it done to boost the business?

We are looking at policies but also practical approaches, such as checking users’ security settings, and promoting education and awareness. This really should showcase security at its best.

I am open to comments from vendors, consultants and end user organisations. For the reputation part of the story, I’d like to speak to PR professionals or lawyers with direct experience in the field.

My deadline for leads is 1700, Wednesday 21st August, by email. No calls please.

The piece will appear in The Daily Swig.

Posted on

Upcoming article: Who needs object storage?

This article, for Computer Weekly, will be an explainer on on-premises object storage. It will set out the key differences between object and block and file, and their pros and cons.

The article will ask:

  • What is object storage?
  • What are its key use cases?
  • What workloads need object storage?

The second half of the article will be a product section giving a vendor-by-vendor run-down on whether they provide hardware or software products, their architecture, scaling, speeds and feeds, data protection methods and other notable features.

There will also be a box out on cloud-based object storage.

Please submit background information such as white papers and case studies, product information, and suggested interviewees/experts, by 0900hrs Friday 19th July by by email in the first instance.

Please do not submit pre-written commentary or quotes.