Cloud Hosting

Professional Video camera operator working with his equipment, blue background

Media and entertainment storage drivers and demand are discussed in the latest report from Coughlin Associates onDigital Storage in Media and Entertainment.The 251 page report offers in depth analysis of the role of digital storage in all aspects of professional media and entertainment.

Projections are given out to 2025 for digital storage demand in content capture, post-production, content distribution and content archiving are provided in 62 tables and 129 figures.

The sixteenth annual report includes results from a 2020 survey of Coughlin Associates, Digital Production Buzz, HPA and SMPTE members on their digital storage needs in these target segments (comparing the results to similar 2009, 2010 and 2012-2019 surveys).These surveys were used to refine the current report analysis from previous editions and track industry trends.The pie chart below, from the report, shows the breakdown of media for long term archives for the survey participants.

Breakdown of media used for M&E archiving from Survey

As a result of changes in the economics of storage devices higher performance solid-state storage will play a bigger role in the future.The cloud and hybrid storage including the cloud have assumed a new importance for many workflows during the Covid-19 pandemic.When the pandemic passes, use of cloud storage will continue to grow in the media and entertainment storage market going forward.

Some highlights from the report:

The Covid-19 pandemic in 2020 will have a big impact on content creation in 2020 and likely into 2021, except for broadcast acquisition.The figure below shows the impact on storage for M&E content acquisition in 2020 and 2021.

Growth in new digital storage for content acquistion

Spending for digital cinema in 2020 and 2021 will also be impacted by the pandemic

Creation, Distribution & Conversion of video content creates a huge demand driver for storage device and systems manufacturers

As image resolution increases and as stereoscopic VR video becomes more common, storage requirements explode

The development of 4K TV and other high-resolution venues in the home and in mobile devices will drive the demand for digital content (especially enabled by high HEVC (H.265) and VVC (H.266) compression and even greater standards for compression to enable 8K and higher resolution and frame rate workflows.

HDD areal density increases are slower but flash memory growth has increased and the price declined.This, plus the growth in higher resolution and higher frame rate content, is causing more applications to use flash memory

Activity to create capture and display devices for 8K X 4K content is occurring with planned implementation in common media systems in this decade

Active archiving will drive increased use of HDD storage for archiving applications, supplementing tape for long term archives

Optical storage developments for higher capacity write-once Blu-ray optical cartridges will create higher capacity discs and this may help slow the reduction in optical disc archiving

Flash memory dominates cameras and is finding wider use in post-production and content distribution systems

From 2019 to 2025 entertainment and media digital storage TAM (without archiving and preservation) will increase by about 1.8 X from $7.3B to $13.3 B

The growth in storage capacities will result in a total media and entertainment storage revenue growth of about 1.6 X between 2019 and 2025 (from $10.3 B to $16.5B)

Overall annual storage capacity demand for non-archival applications is expected to increase over the period from 2019 to 2025 by 5.0X from 24.3 EB to 122.4 EB

Between 2019 and 2025 we expect about a 3.0 X increase in the required digital storage capacity used in the entertainment industry and about a 3.4 X increase in storage capacity shipped per year (from 70.8EB to 241EB

In 2019 content distribution is estimate at 31% of total storage revenue followed by archiving and preservation at 29%, post-production at 22% and content acquisition at 18%.

In 2025 the projected revenue distribution is 33% content distribution, 25% post production, 23% content acquisition and 19% archiving and preservation.

By 2025 we expect about 56% of archived content to be in near-line and object storage, up from 48% in 2019

In 2019 we estimate that 74.7% of the total storage media capacity shipped for all the digital entertainment content segments was in HDDs with digital tape at 19.0%, 2.7% optical discs and flash at 3.5%

By 2025 tape capacity shipment share has been reduced to 13.0%, HDDs shipped capacity is 76.4%, optical disc capacity is down to about 0.5% and flash capacity percentage is at 10.1%

Media revenue is expected to increase about 1.2X from 2019 to 2025 ($1.8B to $2.2B).

The single biggest application (by storage capacity) for digital storage in the next several years as well as one of the most challenging is the digital conversion of film, video tape and other analog formats and its long-term digital preservation

Over116 Exabytes of new digital storage will be used for digital archiving and content conversion and preservation by 2025

Storage in remote clouds is playing an important role in enabling collaborative workflows, content distribution and in archiving

Overall cloud storage capacity for media and entertainment is expected to grow over 13X between 2019 and 2025 (2.2 EB to 29.0 EB)

Overall object storage capacity for media and entertainment is expected to grow about 3.7 X between 2019 and 2025 (14.3 EB to 52.7 EB)

Cloud storage revenue will be about $3.7 B by 2025

By our estimates, professional media and entertainment storage capacity represents about 5.8% of total shipped storage capacity in 2019.

Professional media and entertainment consume about 28% of all tape capacity shipments, 4.9% of all hard disk drive shipments and 2.3% of all flash memory shipments in 2019.We estimate that media and entertainment spending was about 9% of total storage revenue in 2019.

As a result of the Covid-19 epidemic, M&E content acquisition storage will suffer loses in 2020 and 2021, except for broadcast.This will also impact post production storage.Cloud storage will assume a new importance for remote work.The latest M&E storage report projects out to 2025.

See the rest here:
Media And Entertainment Storage TAM To Exceed $16B By 2025 - Forbes

Transport for NSW is yet to alert up to tens of thousands of people whose full driver's licence details were mistakenly left exposed in an open cloud storage.

The cache was discovered last week by Ukrainian security consultant Bob Diachenko who stumbled upon the directory while investigating another data breach.

The storage folder, which he said was easily discoverable, contained back-and-front scans of NSW licences alongside tolling notices hosted on Amazon's cloud service.

The total number of images inside the directory was 108,535, or about 54,000 licences.

The documents revealed names, photos, dates of birth and addresses of drivers, which Mr Diachenko labelled a "dangerous exposure".

He said it wasn't clear how long the files had been accessible online, but given how unprotected it was, it probably had been viewed by "malicious actors" who could have made a copy of the files already.

"A malicious actor can impersonate somebody and apply for credit, or do something on behalf of that person," he said.

"For example, you take one licence and connect the dots with one owner of this licence, with his or her emails exposed in another data breach and you've got more information on that person," he said.

He said personal information like this would also commonly be traded through online black markets once it made its way into the hands of a criminal.

A spokeswoman for Transport for NSW said the collection of files was not related to any government system.

"Transport for NSW does not retain, nor collect tolling data in the manner described," she said.

"Transport for NSW is however working with Cyber Security NSW to investigate the alleged data issue relating to an Amazon Web Services S3 bucket containing personal information including driver licences."

The Amazon Web Services S3 bucket is the open cloud storage provider.

The office of the NSW Privacy Commissioner, which is delegated to monitor data breaches within State Government departments, said the data appeared to be linked to an unnamed private business.

"The NSW Privacy Commissioner is aware of the breach and has received a preliminary briefing on the breach from Cyber Security NSW," a spokeswoman said.

"The Privacy Commissioner understands that a commercial business, unconnected to the NSW Government, was responsible for the breach.

"The breach is not associated with a NSW Government agency or any NSW Government system or process."

The Australian Cyber Security Centre has also been alerted and it is understood it contacted Amazon, who ensured the cache was taken offline within hours after it was alerted.

The Transport for NSW spokeswoman said some drivers request a new licence in a case when they believe they've been impacted by identity fraud.

Leading cyber expert and founder of data breach tool Have I Been Pwned, Troy Hunt, said this was an unusual and uncommon kind of breach and it might be too little, too late.

Mr Hunt said even if Transport NSW was not culpable, it had a responsibility to disclose the potentially "high risk" leak to protect its customers.

"I think there should have been a notice," Mr Hunt said.

"I would be pushing for a disclosure on this, because it's something that's quite important."

Even if the licence details, such as the card number, weren't used directly there was "powerful information" on there and it was enough to commit identity theft.

One example he provided would be using it for "social engineering", such as creating a fake Facebook account to solicit relatives for money.

He was concerned about the toll notices having emails and passwords, which are almost always compromised eventually because regular users have poor security hygiene.

Once a malicious actor had a person's email and password, he said, their "ability to go on and do damage is massive".

Read the original:
Data breach exposes tens of thousands of NSW drivers licences online - ABC News

NetApp Building Its Cloud Business, Thriving Despite COVID-19

NetApp on Wednesday reported a very surprisingly successful first fiscal quarter 2021. And it was a surprise, both because NetApps last few fiscal quarters have suffered from falling sales and because the IT industry along with the rest of the economy has taken a big hit from the COVID-19 coronavirus pandemic.

However, NetApp saw total revenue for its first fiscal 2021 quarter rise 5 percent to $1.3 billion, revenue for its all-flash array business increase 34 percent on an annual net revenue basis, and annual recurring revenue grow 192 percent.

NetApp CEO George Kurian used his prepared remarks and analyst questions during the companys quarterly financial conference call to talk about the growth of its cloud and all-flash storage business, its competitive environment including a look at Dells new PowerStore, the impact of the pandemic, and more as a way to provide insight into both what happened during the quarter and what to expect going forward.

With the ongoing pandemic, the near future remains uncertain for many companies, and no one knows when we will return to a more normal and predictable environment, he said. Despite the uncertainties, one thing is clear: Data is growing in scale and importance. We help the worlds leading organizations solve the challenge of managing their most critical data.

For a look at what is impacting NetApp and the IT industry, turn the page.

Excerpt from:
10 Key Takeaways From NetApp CEO George Kurian: Cloud, Coronavirus And Growth - CRN: Technology news for channel partners and solution providers

Few things can boil the blood of a security professional quite like the unforced error. It is a common term used in tennis, referencing a mistake attributed to a players own failure versus the skill or effort of their opponent.

In cybersecurity, the unforced error is better known as the misconfiguration. This occurs when security settings, typically involving a server or web application, are set up improperly or left insecure.

This leaves the system vulnerable to attack and furthers the path of least resistance for the bad guys. Considering the increasing sophistication of cyber threats and the ever-expanding attack surface available to your foes, you need not be an infosec veteran to know that your adversaries require no additional help accomplishing their goals.

Webinar Demand: Automate Adversarial Testing and Response Simulations Against AWS Misconfigurations

Security misconfigurations rank No. 6 on OWASPs Top 10 Web Application Security Risks list and are commonly a result of insecure default configurations, incomplete or ad hoc configurations, open cloud storage, misconfigured HTTP headers, and verbose error messages containing sensitive information.

The misconfiguration risk is only rising, especially amid the rise in public cloud computing adoption, whose benefits have become especially stark during the COVID-19 crisis and the subsequent work-from-home binge. Cloud demand has risen across Amazon Web Services (AWS) which controls roughly half the market share as well as Microsoft Azure and Google Cloud Platform (GCP), through the rapid adoption of online collaboration tools and other cloud resources.

A recent survey by Check Point determined that misconfigurations are the top threat to cloud security, with three-quarters of respondents saying they are very or extremely concerned about cloud security and 68% naming misconfigurations as their biggest cloud worry. Their concerns are not unfounded.

Cloud misconfigurations were responsible for potentially exposing an estimated 33.4 billion records in 2018 and 2019, victimizing high-profile organizations and costing organizations some $5 trillion. Considering many misconfigurations go unreported, the figures are likely significantly larger. And not only are misconfigurations obvious harbingers of data exposure, they also can present the ideal foothold to launch a more complex (and potentially more devastating) attack on an organization.

This is by no means an exhaustive list, but can serve as a reliable encapsulation of agreed-upon advice among experts:

At the end of the day, the stats do not lie. Misconfigurations are inevitably going to happen, so the key will be limiting their time of exposure and reducing mean time to detect and respond (MTTD/MTTR). This can be accomplished with the help of automated remediation in concert with security orchestration, automation and response (SOAR).

For example, Check Point CloudGuard Dome9 users gain visibility, control, and compliance across all cloud assets to manage cloud security posture and detect and remediate misconfigurations from a single source of network authority. Meanwhile, the Siemplify SOAR platform integrates with CloudGuard Dome9 to enable enrichment of alerts by integrating data from other Check Point tools, such as ThreatCloud and data from third-party tools such as Azure Active Directory. This integration allows analysts to investigate alerts from CloudGuard Dome9 and implement playbooks that automate remediation from a single console, saving your team time and effort.

Learn more about remote security operations and how Siemplify can help with A Technical Guide to Remote Security Operations, or begin test driving the SOAR platform today through a free trial or by downloading the Siemplify Community Edition.

Dan Kaplan is director of content at Siemplify.

The post Responding to Cloud Misconfigurations with Security Automation and Common-Sense Tips appeared first on Siemplify.

Recent Articles By Author

*** This is a Security Bloggers Network syndicated blog from Siemplify authored by Dan Kaplan. Read the original post at: https://www.siemplify.co/blog/responding-to-cloud-misconfigurations-with-security-automation-and-common-sense-tips/

Read the original post:
Responding to Cloud Misconfigurations with Security Automation and Common-Sense Tips - Security Boulevard