Monday, December 30, 2013

Gartner predicts rise in unemployment as machines replace humans

Gartner predicts rise in unemployment as machines replace humans
In the "Digital Industrial Revolution," Gartner predicts the rise of new technologies will allow machines to take the place of middle-class workers. As a result, Gartner says U.S. unemployment rates will rise. Gartner sees smart machines replacing humans in industries such as transportation, construction and health care. The company warns of social unrest by 2020 as people lose jobs to machines, and it urges companies to structure teams now to address the issue.

Thursday, December 26, 2013

U.S. universities look for niche in cybersecurity education

U.S. universities look for niche in cybersecurity education
There are now nearly 200 U.S. colleges and universities offering National Security Agency-certified degrees in cybersecurity, thanks in part to a federal government effort to tackle rising global cyber-risks by investing in the next generation of front-line professionals. In lieu of broad, generalized degree programs, experts say many schools are choosing to design specialized cybersecurity tracks to focus on niche threats and industries while experimenting with a variety of learning models

Friday, December 20, 2013

3D printing, SDN as emerging technologies to watch

Gartner forecasts 3D printing, SDN as emerging technologies to watch
Software-defined networking and 3D printing are joining cloud computing and machine-to-machine technology on the list of hot IT trends that will be on analysts' radars in 2014. In a new report exploring the emerging technologies most likely to disrupt the status quo next year, Gartner says a push for SDN standards by groups such as OpenStack and OpenFlow will propel a move away from purely appliance-based networking solutions and predicts a 75% increase in 3D printer shipments, as well as the rise of smart machines and the hybrid cloud.

Monday, December 16, 2013

How the future of technology will determine the future of channel services

How the future of technology will determine the future of channel services
As major trends like cloud computing, mobility and Big Data continue to dominate technology headlines and channel discussions, there are a number of interesting developments taking place at other levels of the technology universe. Improvements to the most basic building blocks of IT have enabled today's trends, and tomorrow's trends will be fueled by the pioneering improvements currently underway. Learn more here.

Monday, December 9, 2013

CompTIA adds cloud certifications to accreditation list

CompTIA adds cloud certifications to accreditation list
CompTIA is adding a cloud-focused certification, called CompTIA Cloud+, to its portfolio of industry accreditations. "As cloud-based applications proliferate and network architectures become more diverse, networking and technical sales professionals must become proficient in new skills," said CompTIA's Terry Erdle. IT PRO (London)

Wednesday, December 4, 2013

Getting ahead in IT requires proactive learning

Getting ahead in IT requires proactive learningIn the rapidly changing world of technology, the most successful workers no longer rely on formal training alone to get the knowledge they need to stay ahead -- instead, they figure things out themselves, says Ian Brooks, the European head of innovation at Hewlett-Packard. Speaking to a group of young IT apprentices, Brooks said that unlike university training, "applied learning" lets students learn by doing and exercises non-technical "soft skills" such as communication and problem-solving

Wednesday, November 27, 2013

U.K. to build a cybersecurity military unit

U.K. to build a cybersecurity military unit
The U.K. government says it plans to develop a military unit that will work to protect networks and data from cyberattacks. One official reportedly termed the unit a "laptop army" and predicted that future combat could be tech-driven. "People think of military as land, sea and air. We long ago recognized a fourth domain -- space. Now there's a fifth -- cyber," defense secretary Philip Hammond said.

Friday, November 22, 2013

CompTIA Cloud+ Certification Now Available Worldwide

CompTIA Cloud+ Certification Now Available Worldwide
 A new professional-level skills certification for IT workers immersed in the fast-growing environment of cloud computing was launched this week by CompTIA. CompTIA Cloud+ certification validates the knowledge and best practices required of IT practitioners who must understand and deliver cloud infrastructure solutions. “As cloud-based applications proliferate and network architectures become more diverse, networking and technical sales professionals must become proficient in new skills,” said Terry Erdle, executive vice president, skills certification, CompTIA.

Sunday, November 17, 2013

Feds retool national cybersecurity education guidelines

Feds retool national cybersecurity education guidelines
The federal government is updating the criteria it uses to certify cybersecurity programs at U.S. colleges and universities in an effort to better address the modern threat environment. Changes to the National Centers of Academic Excellence program include the replacement of rigid standards with more flexible "knowledge units" and will likely affect the 181 schools in the program. The Chronicle of Higher Education (free content)

Tuesday, November 12, 2013

Tech industry faces massive readjustment tied to mobility, cloud

Tech industry faces massive readjustment tied to mobility, cloud
Emerging mobile, virtualization and software-defined networking technologies are fueling the most significant disruption the IT industry has experienced in nearly three decades, Michael Friedenberg writes. IDC says the sector is entering a "third platform" of existence -- characterized by the ascendency of mobile and cloud-based Big Data and social-networking architectures -- that Cisco Systems CEO John Chambers says could leave one-third of tech companies in the dust. CIO.com

Wednesday, November 6, 2013

Researcher: Malware can reside in peripheral components

Researcher: Malware can reside in peripheral components
Malware writers are developing sophisticated bugs that attack a computer's direct memory access from within peripheral components, including graphics and network cards, researcher Patrick Stewin says. Stewin says he has developed a way to root out one such virus, dubbed DAGGER, that targets 32- and 64-bit Windows and Linux systems. "DMA-based attacks launched from peripherals are capable of compromising the host without exploiting vulnerabilities present in the operating system running on the host," Stewin wrote in a paper. "Therefore they present a highly critical threat to system security and integrity."

Friday, November 1, 2013

Cisco touts new "Internet of Everything" products

Cisco touts new "Internet of Everything" products
Cisco Systems is touting network-fabric offerings that run on its new nPower X1 chip. The products are part of the company's Network Convergence System, which Cisco hopes will become the standard platform as things take root in what the company calls the "Internet of Everything."

Thursday, October 31, 2013

Study: U.S. cybercrime costs are up $2.6M this year

Study: U.S. cybercrime costs are up $2.6M this year
Enterprise costs related to cybercrime incidents at businesses are up $2.6 million this year, hitting $11.6 million on average, according to a Ponemon Institute study that describes cyberattacks as "common occurrences." The costs include lost revenue, theft of information and property, and equipment destruction. The study says the most expensive cybercrime activity is from denial-of-service attacks. "The evidence suggests that things are getting worse instead of better, despite all the resources that companies are spending on cybercrime," the study says.

Tuesday, October 29, 2013

App development leads as top IT jobs prospect

It's a programmer's world: App development leads as top IT jobs prospect
Information technology professionals with skills that are in high demand are virtually assured employment in 2014, according to analysts who say companies are aggressively competing for experts in areas such as application development and tech support. A new report from Computerworld finds that roughly a third of companies plan to boost their IT staff in 2014, with software developers the most in-demand talent within the IT workforce.

Wednesday, August 21, 2013

2013 IT Salary Survey Results



CIO is the highest paid IT role, with a salary range of $195,000 to $230,000, followed by: CTO ($145,000 - $208,000); CSO ($145,000 - $208,000); IT security manager with 10+ years of experience ($145,000 - $177,000); software architect ($144,000 - $170,000); and application architect with 10+ years of experience ($136,000 - $185,000).

Looking ahead to 2014, Mondo predicts a spike in demand for HTML5 developers with salaries to range from $97,000 to $135,000.

Starting salaries for tech pros in the U.S. are on the rise, says Michael Kirven, founder and CEO of Mondo. “The trends that I’m seeing today are very, very optimistic,” Kirven says. Midway through 2013, “the rate of IT hiring and the rate of IT salaries is accelerating” compared to the first half of the year, he says.

There’s strong demand for tech pros with expertise in areas such as mobile, big data, cloud computing, and user experience, and that demand is in turn driving salary increases.

“Everybody wants big data business analysts. Not database developers or programmers, but business analysts, people who can look at a big data architecture and help translate how that would be valuable to the business,” Kirven says.

Another role that’s in high demand is user interface analyst, with expertise in optimizing the user experience. “Everybody wants those skill sets -- marketing departments, IT departments, you name it, across every single vertical,” Kirven says.

Mondo singled out a number of jobs that saw big pay gains, percentage-wise, in 2013. The largest increase in base compensation went to seasoned IT security managers (from $90,000 in 2012 to $145,000 in 2013) and systems analysts (from $65,000 to $83,000).

Other big gains went to: data analysts (base salaries increased 18.3% from $60,000 to $71,000); Amazon Elastic Compute Cloud (EC2) engineers (18% increase from $100,000 to $118,000); senior help desk staffers (15.4% increase from $65,000 to $75,000 for candidates with 7-10 years of experience); technical writers (14.3% increase from $70,000 to $80,000); and Android developers (8.3% increase from $120,000 to $130,000).

At the other end of the spectrum, Mondo identified IT roles with the lowest salaries: help desk staffer with 1-3 years of experience ($40,000 - $65,000); hardware technician ($43,000 - $70,000); help desk staffer with 3-5 years of experience ($55,000 - $74,000); desktop virtualization specialist ($55,000 - $70,000); desktop support analyst ($70,000 - $90,000); and system administrator with 1-5 years of experience ($71,000 - $120,000).

In a separate study, Robert Half Technology (RHT) reports that 12% of U.S. CIOs plan to expand their IT teams in the third quarter of 2013 (compared to 14% in the previous quarter). In addition, 56% plan to hire for open IT roles, 26% expect to put hiring plans on hold, and 6% plan to reduce their IT staff in the third quarter.

Friday, August 16, 2013

Mobile devices continue to reign as new ultramobiles gain ground


Shipments of smartphones -- most of them powered by Android -- will outnumber PCs by a factor of six in 2013, according to a new report from Gartner that finds demand for mobility will help drive a 5.9% overall increase in shipments of computing devices this year. The report predicts that advancements in processing technology -- led by Intel's Bay Trail and Haswell chips -- will cut a path for thin, lightweight notebooks such as Google's Chromebook, with shipments of "ultramobiles" expected to nearly double to 20.3 million by year's end.

Sunday, August 11, 2013

Energy firms face major cyberattack exposure, report says


A report says natural gas and oil companies are facing heightened exposure risks to cyberattacks and that the industry was hit with more malware in six months last year than any other industry. The Council on Foreign Relations report cites cyberespionage and activity that aims to disrupt business operations as the two prime dangers to these companies.

Tuesday, August 6, 2013

Google revamps Earth and Maps with new features, clearer view


Google has refreshed its Earth and Maps services with a simpler interface, better directions information and a Street View option that lets users "fly" to a chosen spot, Trevor Mogg writes. The company has also installed satellite images that magically erase clouds blocking the view.

Saturday, August 3, 2013

Survey: Cyberattacks considered the top global threat


Tech and business leaders view cyberattacks as the No. 1 threat, according to a Cyber Ark survey. Fifty-one percent of those polled said a potential cyberattacker has been on their IT systems in the past year. "Businesses are realizing how important these threats are. Their concern reflects the government's concern about the threats," said Cyber Ark's John Worrall.

Friday, July 26, 2013

U.S. updating cyberattack "playbook" amid rising security concerns


The U.S. is updating what the country's top military officer calls a "playbook" relating to cyberattacks and federal agency roles and responsibilities in such scenarios, and it will soon begin talks with China on cybersecurity concerns and rules of conduct. Army Gen. Martin Dempsey, chairman of the Joint Chiefs of Staff, also discussed steps to reduce the leaking of government secrets such as decreasing the number of employees who need access to critical information and conducting more in-depth background checks

Sunday, July 21, 2013

Survey: Increasing risks are not prompting better security


A State of Cybercrime survey blames weak IT security on enterprises' failure to understand the villains behind the threats and where hackers are coming from. Despite increasing security threats, companies are not taking any new protective action, the survey says. "Possibly the most alarming theme that came out of this year's survey results was that U.S. organizations are misjudging the severity of risks they face from cyberattacks from a financial, reputational and regulatory perspective," said Bob Bragdon, publisher of CSO

Tuesday, July 16, 2013

U.S. steps up efforts to prosecute corporate cyberspies


Recent changes to U.S. laws on corporate spying could pave the way for a renewed effort to bring Chinese companies accused of cyberespionage to justice, legal experts say. An amendment to the U.S. Economic Espionage Act, signed by President Barack Obama in December, expands the definition of "trade secrets" to include services as well as products, offering new legal remedies for firms who lose valuable inside information to foreign cyberspying.

Saturday, July 13, 2013

When should you train and when should you hire for new skills?


Tech leaders are consistently faced with the question of whether to train staff on new skills or bring on new employees. There are several factors to assess, such as time requirements, resource demands and the extent of the training effort. "If it's a small gap you've got to go the training route. That is what motivates and inspires your people and lets them know that you see where they are at, you support their career efforts and support them as an organization," 

Thursday, July 11, 2013

Official sounds alarm over inadequate cybersecurity at U.S. ports


America's commercial shipping industry has failed to keep pace with rising threats in cyberspace, according to a new report that finds major conduits such as the ports of Los Angeles and Baltimore are inadequately prepared for a potential cyberattack. The study -- which looked at six of the nation's most heavily used ports -- was conducted by Coast Guard Cmdr. Joseph Kramek. It found that "the level of cybersecurity awareness and culture in U.S. port facilities is relatively low."

Wednesday, May 8, 2013

Health care providers expanding use of mobile devices and apps

Health care providers expanding use of mobile devices and apps

Mobile technology is expanding its presence in the day-to-day delivery of patient care and practice management by health care providers, according to CompTIA's Fourth Annual Healthcare IT Insights and Opportunities study. It reveals that many health care providers are on the cusp of greatly expanding their use of smart mobile devices from routine business activities, such as e-mail and scheduling to care-specific uses. One in five physicians with a mobile device already uses health- or medical-related applications on a daily basis.

Friday, May 3, 2013

Analysis: Talent shortage hinders health IT deployments

Analysis: Talent shortage hinders health IT deployments

Health IT deployments are being hindered by a shortage of tech skills, a PricewaterhouseCoopers report says. The analysis cites a survey that indicated 67% of health IT leaders said they lack staff, and 59% say the staffing issue is a challenge in meeting federal requirements for electronic health records. "It's also a shortage of people with the skills to marry technological savvy with business strategy as health care becomes more connected, coordinated and accountable," PwC's Daniel Garrett says.

Tuesday, April 30, 2013

Computer science enrollments soared last year


Computer science enrollments soared last year, rising 30%

Tech studies are cool again as students see degrees leading to jobs in many fields; Ph.D. enrollment reaches new high, survey finds


The number of new undergraduate computer science majors at Ph.D.-granting U.S. universities rose by more than 29% last year, an increase that the Computing Research Association called "astonishing."

It was the fifth straight year in which the number of students enrolled in computer-related degree programs increased, according to the CRA's annual survey of computer science, computer engineering or information departments at Ph.D.-granting institutions.

Each year, the CRA report includes the change in enrollment numbers at schools that also participated in the survey in the previous year. In the latest survey, number of new undergraduate computer science majors at schools in that category grew nearly 23% from the 2010-11 academic year to the 2011-12 academic year.
The 2011-12 academic year also marked the third straight year in which the percentage increase in bachelor's degrees awarded hit double digits. In U.S. computer science departments, the year-over-year increases were 19.8% overall and 16.6% among those departments that participated in the survey this year and last year, according to the CRA.

Computer science enrollments "are somewhat cyclical based on the perceived strength of the IT sector," said Peter Harsha, the CRA's director of government affairs.

He noted that CRA members have said that the recent upward trend is due at least in part to the fact that "students are much more aware of the importance of computational thinking in just about every other field of science and technology."

Harsha said that many fields "are increasingly data-driven and computationally-driven, and students see that a degree in computer science gives them access to a wide range of well-paying careers."

In 1999, with the rise of e-commerce, enrollments hit new highs; that year, the survey found that the average computer science department had an enrollment of about 400 students. But with the dot-com crash, enrollments started to fall and hit bottom around 2007, at 200 per department.
The average enrollment per department today is just over 300 students.

Women remain underrepresented in computer science, but latest survey did show an uptick in new female graduates.

In the 2011-12 academic year, women accounted for 12.9% of the students graduating with bachelor's degrees in computer science, up from 11.7% in the 2010-11 academic year. But in computer engineering, the percentage of female recipients of bachelor's degrees decreased from 11.8% to 10.6% during the same time frame.





Friday, April 26, 2013

Why the IT skills shortage may really be about compensation

Why the IT skills shortage may really be about compensation

Some IT industry watchers claim there is a critical talent shortage, while others feel it's more of a pay/wage issue and that companies advocating for more immigrant visas and green cards to acquire needed skills just want to pay less compensation. Peter Cappelli, professor of management and director of the Center for Human Resources at the Wharton School, said the talent crunch is more an affordability issue than an actual shortage of skilled IT workers. 

Sunday, April 21, 2013

Study: U.S. not prepared for cybersecurity battles

Study: U.S. not prepared for cybersecurity battles

The U.S. military is not prepared to battle a full-scale cyberattack and needs to shore up its tactics, according to a Defense Science Board study, which recommends a revised strategy, revamping priorities and boosting both defensive and offensive measures. 
The Washington Post

Tuesday, April 16, 2013

Former President Clinton: Technology is key to improving health care

Former President Clinton: Technology is key to improving health care

Technology is essential for gaining efficiencies and saving money in the health care sector, and price transparency is a must, according to former President Bill Clinton. "The absence of technology, in part, means consumers have no way of knowing what they're going to be charged, what their options are, in place after place in America," Clinton said.

Wednesday, April 10, 2013

Dell, Intel, Red Hat, VMware Team on Linux for Health Care

Dell, Intel, Red Hat, VMware Team on Linux for Health Care


Saturday, April 6, 2013

Yahoo bans telecommuting ahead of Telework Week

Yahoo bans telecommuting ahead of Telework Week

The trending workplace story late last month was Yahoo CEO Marissa Mayer's decision to discontinue the company's telecommuting option. The news was oddly timed, as last week was Telework Week, an annual initiative -- endorsed by Rep. John Sarbanes, D-Md., author of the Telework Enhancement Act of 2010 -- that encourages government agencies, businesses and individuals to pledge to telework.

Friday, April 5, 2013

Tips for Doing Business in the Healthcare Sector


Four Tips for Doing Business in the Healthcare Sector

For just about everyone on the outside looking in, the healthcare sector can be a strange and puzzling place. It raises big picture questions, such as how can the U.S. spend twice as much as other countries on healthcare and yet do worse on key metrics such as average life expectancy? There are also practical questions, such as why are so many paper forms still in use? Then there are head-scratchers, such as why do some hospitals that treat heart disease have a McDonald’s in lieu of a cafeteria? So many questions.

Nonetheless, for IT solution providers willing to invest some time and energy, the healthcare sector can provide a wealth of opportunities. CompTIA recently published its 4th Annual Healthcare IT Insights and Opportunities research study to take the pulse of the small- and mid-size physician practice to better understand where opportunities may lie. A few key takeaways include:

1. Connect the Dots Between Technology Solutions and Healthcare Provider Needs.

The importance of information technology to healthcare providers continues to trend upwards – a net 89 percent of physicians and other providers now rate IT as important/very important to their practice. And yet, when asked about key strategic priorities for the year ahead, technology initiatives do not make the top five. Healthcare providers cite needs such as controlling operational costs, improving workflow efficiencies, enhancing staff productivity and implementing better risk management/compliance safeguards at the top of the list. The takeaway: It’s imperative to connect the dots between technology solutions and business objectives.

2. Satisfaction with IT is Good, but Not Great…Which Means Opportunity.

Healthcare providers give generally satisfactory marks for the core IT in use at their practice. Sixty-six percent report being very or mostly satisfied. These are solid marks. However, it does mean one in three healthcare providers are at least somewhat dissatisfied with some aspect of the technology in use at their practice. Areas of greatest frustration include: EMR/EHR systems, computers (general), billing and collection systems, fax machines, networks / slow Internet / downtime and printers.

IT solution providers able to deliver superior reliability, performance, customer service or cost savings can capitalize on the segment of customer most receptive to improvement.

3. Recognize the Two Primary Types of EMR/EHR Customer…and Target Accordingly.

The transition to electronic medical records ) remains a critical step in modernizing the U.S. healthcare system, as does the broader concept of electronic health records. Several years into the transition, significant progress has been made on many fronts. The data suggests there are now two primary types of customer:

Customer Type A: Healthcare practices in this category have deployed some form of EMR/EHR system. According to CompTIA data, 43 percent of practices report having a comprehensive system in place, while 20 percent have a partial system or modules in place. Many adopters in this segment are now in the phase of optimization and working towards stage 1 or possibly stage 2 of meaningful use. According to the research, one of the most challenging aspects of achieving meaningful use stems from interoperability requirements, such as information exchange or integration with outside systems like an e-prescribing application. Targeting this customer segment may entail focusing on troubleshooting, end-user training, integration work, refining compliance and security protocols and adding capabilities such as mobile access.

Customer Type B: Practices that have not yet adopted EMR/EHR tend to be very small – often one or two physicians. They tend to be classified as independents – the segment of approximately 39 percent of practices unaffiliated with a hospital or health system. And, demographically, they tend to skew towards older physicians, according to the CDC. Many practices are not fully prepared for an EMR/EHR deployment – two-thirds of healthcare providers acknowledge this. Additionally, 40 percent indicate EMR/EHR implementation was worse than expected. Keeping in mind the next wave of EMR/EHR customer will be even less tech-savvy, IT solutions providers should be prepared to spend plenty of time explaining the implementation process, keeping technical complexity behind-the-scenes, proactively troubleshooting and building in time for end-user training.

4. Managed Services is a Good Fit for Many Healthcare Providers, but Awareness is Low.

In the healthcare sector, like most industry sectors, management of the IT function is highly correlated with size. Small healthcare practices, without the resources for full-time IT staff, tend to manage IT with a do-it-yourself approach, occasionally calling in an IT solution provider for more sophisticated work. Despite approximately one in five healthcare providers reporting utilizing some form of managed IT services, the research suggests awareness and understanding of the managed services model is on the low side. In some cases, there is even a slight negative perception of the term managed services because of its similarity to managed care, which is viewed unfavorably by some healthcare providers.

While the managed services model may not be suited for everyone, it does address a few key requirements of healthcare providers: The need to maximize system/software reliability and uptime, security, predictable costs and defined customer support. Unfortunately, there is no easy path to raising awareness of the managed services model other than investing the time in customer education and relationship building. MSPs taking these steps improve their odds of success.

For many more insights from the research, CompTIA members can access the full report at no cost by logging into the CompTIA member resource center and visiting the research page.

Friday, March 22, 2013

Cloud computing is less taxing for some


  • Cloud computing is less taxing for some
    Software vendors using cloud computing to provide services are finding the technology offers fiscal benefits as well. Cloud tools enable offshore delivery, which is saving some companies substantial amounts of money in taxes. VMware, for example, has seen its federal tax rate decrease to 4%, even as its revenue and pretax profit increased.

Tuesday, March 12, 2013

VMware restructuring will reduce workforce


  • VMware restructuring will reduce workforce by 7%
    VMware plans to cut 7% of its workforce, about 900 positions, in a restructuring, and it's taking a cautious view amid a drop in federal IT contract work. The company reported higher profits for the fourth quarter, but its revenue projections for 2013 were seen as conservative. "Generally speaking, we saw weakness across the U.S. as a whole," Chief Operating Officer Carl Eschenbach said of the 2013 forecast.

Thursday, March 7, 2013

Network gear flaw puts millions of devices at risk


U.S. government warns of hack threat to network gear


  • Network-gear flaw puts millions of devices at risk, U.S. says
    Tens of millions of computing devices are at risk because of a network gear flaw with Universal Plug and Play functionality, the Department of Homeland Security's Computer Emergency Readiness Team says. "This is the most pervasive bug I've ever seen," said HD Moore of computer-security firm Rapid7.


(Reuters) - The Department of Homeland Security urged computer users on Tuesday to disable a common networking technology feature, after researchers warned that hackers could exploit flaws to gain access to tens of millions of vulnerable devices.

The U.S. government's Computer Emergency Readiness Team, on its website, advised consumers and businesses to disable a feature known as Universal Plug and Play or UPnP, and some other related features that make devices from computers to printers accessible over the open Internet.

UPnP, a communications protocol, is designed to let networks identify and communicate with equipment, reducing the amount of work it takes to set up networks. Dave Marcus, chief architect of advanced research and threat intelligence with Intel's McAfee unit, said hackers would have a "field day" once the vulnerability in network devices is exposed.

"Historically, these are amongst the last to be updated and protected properly which makes them a gold mine for potential abuse and exploitation," said Marcus, who advises government agencies and corporations on protections against sophisticated attacks.

Disabling UPnP once networks have already been set up, will have little impact on the operation of the devices.

The new security bugs were initially brought to the attention of the government by computer security company Rapid7, in Boston, which released a report on the problem on Tuesday. The company said it discovered between 40 million and 50 million devices that were vulnerable to attack due to three separate sets of problems that the firm's researchers have identified with the UPnP standard.

The flaws could allow hackers to access confidential files, steal passwords, take full control over PCs as well as remotely access devices such as webcams, printers and security systems, according to Rapid7.

Rapid7 has alerted electronics makers about the problem through the CERT Coordination Center, a group at the Carnegie Mellon Software Engineering Institute that helps researchers report vulnerabilities to affected companies.

"This is the most pervasive bug I've ever seen," said HD Moore, chief technology officer for Rapid7. He discussed the research with Reuters late on Monday.

CERT in turn has tried to contact the more than 200 companies whose products Rapid7 have identified as being vulnerable to attack, including Belkin, D-Link, Cisco Systems Inc's Linksys division and Netgear.

Linksys said it is aware of the problem. "We recommend Linksys customers visit our website to understand if their home router is affected, and learn how to disable UPnP through the user interface to avoid being impacted," Linksys said in a statement.

Belkin, D-Link and Netgear did not respond to requests for comment.

Chris Wysopal, chief technology officer of security software firm Veracode, said he believed that publication of Rapid7's findings would draw widespread attention to the still emerging area of UPnP security, prompting other security researchers to search for more bugs in UPnP.

"This definitely falls into the scary category," said Wysopal, who reviewed Rapid7's findings ahead of their publication. "There is going to be a lot more research on this. And the follow-on research could be a lot scarier."

Andres Andreu, chief architect at networking security company Bayshore Networks said they expect an increase in cybercrime as hackers begin to figure out ways to take advantage of the newly identified vulnerabilities.

"Simple targets such as home routers now become targets of greater interest," he said.

TAKING CONTROL

Moore said that there were bugs in most of the devices that Rapid7 tested and that device manufacturers will need to release software updates to remedy the problems.

He said that was unlikely to happen quickly.

In the meantime, he advised computer users to quickly use a free tool released by Rapid7 to identify vulnerable gear, then disable the UPnP functionality in that equipment.

Moore said hackers have not widely exploited the UPnP vulnerabilities to launch attacks, but both Moore and Wysopal expected they may start to do so after the findings are publicized.

Still, Moore said he decided to disclose the flaws in a bid to pressure equipment makers to fix the bugs and generally pay more attention to security.

People who own devices with UPnP enabled may not be aware of it because new routers, printers, media servers, Web cameras, storage drives and "smart" or Web-connected TVs are often shipped with that functionality turned on by default.

"You can't stay silent about something like this," he said. "These devices seem to have had the same level of core security for decades. Nobody seems to really care about them."

Veracode's Wysopal said that some hackers have likely already exploited the flaws to launch attacks, but in relatively small numbers, choosing victims one at a time.

"If they are going after executives and government officials, then they will probably look for their home networks and exploit this vulnerability," he said.

Rapid7 has released a tool to help identify those devices on its website

Saturday, March 2, 2013

CompTIA Healthcare IT Technician


Monday, February 25, 2013

5 career mistakes that cause the most regret

5 career mistakes that cause the most regret

Taking a job only for the money, staying in a position instead of quitting to pursue a passion and not acting on career hunches are among the top career regrets of professionals interviewed. Career regrets "should hold a privileged place in your emotional repertoire" because research shows "regret can be a powerful catalyst for change, far outweighing the short-term emotional downsides".

Thursday, February 21, 2013

List of top careers for 2013 includes several IT jobs

List of top careers for 2013 includes several IT jobs

Database administrators, Web and software developers, and system analysts represent some of the top jobs for 2013, according to a ranking of the 100 best careers published by U.S. News and World Report. Other IT professions on the list's top 25 include computer programmer and IT manager.

Saturday, February 16, 2013

Communication skills trump appearance, top leaders say

Communication skills trump appearance, top leaders say

A leader's ability to look the part matters less than their ability to communicate effectively, top executives say. Some 28% of senior bosses say that communication skills predict a worker's leadership potential, but only 5% say that looking "polished and put together" is "a key factor" for future leaders.

Monday, February 11, 2013

Security will be front and center next year and beyond, IBM says

Security will be front and center next year and beyond, IBM says

Steve Robinson, IBM's vice president of worldwide development for strategy, expects enterprise IT security to be a major focus for IT leaders as well as legal and business development teams within the enterprise. Looking ahead to 2013 and beyond, IBM predicts cloud computing security will become more routine and mobile devices will overshadow laptops in terms of how secure they have become.

Thursday, February 7, 2013

Piracy, IP rules aren't major agenda items for lawmakers

Piracy, IP rules aren't major agenda items for lawmakers

 Lawmakers are unlikely to do much about online piracy or protecting intellectual property because most are still stunned by the public pushback on two bills proposed in the past two years, Grant Gross writes. "That was an avalanche they've never seen," said Ed Black, CEO of the Computer and Communications Industry Association. "They're going to tiptoe in this area very carefully.

Sunday, February 3, 2013

Demand for cloud services helps drive expansion of data centers

Demand for cloud services helps drive expansion of data centers

 Enterprises in financial services and health care are making greater use of cloud computing services, helping drive demand for expanding data centers in leading markets. The space for commercial data centers is growing by 9% a year on average, with Northern Virginia's data center space annually increasing by 12%, according to 451 Research. "In most areas, demand is really rising and growing faster than supply.


Sounds like jobs.

Saturday, January 26, 2013

NSA releases details about Perfect Citizen security program

NSA releases details about Perfect Citizen security program

New details have emerged about a U.S. government program, now in its fourth year, designed to strengthen cybersecurity and protect critical infrastructure. Perfect Citizen -- which is administered by the National Security Agency and has raised concerns about domestic spying -- uses technology by Raytheon as well as "penetration testers" to probe vulnerabilities in the power grid.

Tuesday, January 22, 2013

How to find a career mentor

How to find a career mentor

When looking for a mentor, don't limit your search to your workplace, Lisa Quast writes. Look to professional associations, community groups or even your family. "Once you find a person who agrees to be your mentor, first and foremost, make sure you share the same commitment to your expectations 

Friday, January 18, 2013

CompTIA Security+ exam code is

About the Security+ objectives certification




The CompTIA Security+ certification (SY0-301) designates knowledgeable professionals in the field of security, one of the fastest-growing fields in IT. Security threats are increasing in number and severity, and the gap between the need for security professionals and qualified IT personnel is the largest of any IT specialty, according to a 2008 CompTIA study. Even in a troubled economy, most businesses plan to maintain or increase their investment in security. 

CompTIA Security+ is an international, vendor-neutral certification that proves competency in system security, network infrastructure, access control and organizational security. Although not a prerequisite, it is recommended that CompTIA Security+ candidates have at least two years of technical networking experience, with an emphasis on security. The CompTIA Network+ certification is also recommended.

The new CompTIA Security+ exam code is SY0-301 (2010 objectives) launched in May, 2011– It is the responsibility of the candidate to check the CompTIA website regularly for updates and current information. The corresponding educational version JK0-018 – is an exam code exclusively used by our E2C members and their students. 
Over 100,000 IT professionals are CompTIA Security+ certified. • Jobs for security administrators are expected to increase by 18%. The skill set required for these types of jobs map to CompTIA Security+ certification.
CIOs believe a certified IT security staff can better protect networks. The CompTIA Security+ exam covers systems security knowledge and skills, including network infrastructure, access control and audits.
Network Security Administrators can earn as much as $106,000 per year. CompTIA Security+ is the first step in starting your career as a Network Security Administrator or Systems Security Administrator.
Major organizations that employ CompTIA Security+ certified professionals include Booz Allen Hamilton, Hewlett-Packard, IBM, Motorola, Symantec, Telstra, Hitachi, Ricoh, Lockheed Martin, Unisys, Hilton Hotels Corp., General Mills, the U.S. Navy, Army, Air Force and Marines.
Department of Defense (DOD) approves CompTIA Security+ to fulfill certification requirements for Management Level 1 positions.
CIOs believe certified IT security staff can better protect networks. The CompTIA Security+ exam covers systems security knowledge and skills, including network infrastructure, access control and audits.
CompTIA Security+ creates best practices and uniform security processes. Security training is a requirement for IT staff at nearly 60% of U.S. organizations.
FISMA - CompTIA Security+ certification can help demonstrate your compliance with government regulations under FISMA (the Federal Information Security Management Act).
Three CompTIA certifications fulfill the U.S. Department of Defense’s Directive 8570.1: CompTIA A+®, Network+®, and Security+™.
CompTIA Security+ certifications is certified by ISO and accredited by the American National Standards Institute (ANSI).
The CompTIA Security+ certification may be kept current through the CompTIA CE Program. Visit our Certification website for information and FAQ's about CompTIA's Continuing Education (ce) program.

CompTIA Certification FAST FACTS:

Is there a minimum age: NO, but thirteen is the recommended starting point.
Identification requirements: See our article under Testing & training questions "About Identification requirements"
Rescheduling exams: MUST be done through your test provider a minimum 24hrs. in advance of your appointment to avoid forfeiture of exam & fee.
Exam Code 2010 objectives: SY0-301, JK0-018 (JK0-exam codes are exclusive to Capp Academy (E2C version) members and their students.
Exam Retirement date: SY0-301 N/A (appx. 3 yrs from release date).
Retired Exam Code 2008 objectives: SY0-201, which retired on December 31, 2011. The corresponding educational JK0-015 – is an exam code exclusively used by our Capp Academy (E2C version) members and their students, is also retired December 31, 2011.  

Wednesday, January 16, 2013

Cybersecurity rules spur encryption in the cloud

Cybersecurity rules spur encryption in the cloud

Enterprises are encrypting data before storing it in a cloud environment as a means to meet government rules, and at least one vendor is reaping rewards. CipherCloud chief Pravin Kothari said demand isn't coming just from the U.S. "We're seeing a lot of interest outside the United States," Kothari said. "They want the ability and, in some cases, need the ability to maintain a level of control, and encryption helps them do that."



Sunday, January 13, 2013

Intel takes aim at value-smartphone market

Intel takes aim at value-smartphone market with "Lexington"

Intel debuted its "Lexington" platform this week at the Consumer Electronics Show, touting the low-cost, low-power Atom Z2420 processor aimed at the value smartphone marketplace. Devices may be forthcoming from firms such as Acer, Lava International and Safaricom. "The addition of the low-power Atom platform enables Intel to address new market segments and further rounds out our expanding portfolio of smartphone offerings," Intel's Mike Bell says.

Thursday, January 10, 2013

Health tech sector got $1.4 billion from investors last year

Health tech sector got $1.4 billion from investors last year

The health technology sector drew $1.4 billion in investments last year, up 45% from 2011, a report from Rock Health says. Consumer tools, tracking technology and electronic medical records applications were key sectors, and QualComm Ventures and Aberdare Ventures were the most active investors.

Tuesday, January 8, 2013

Cisco CCNA to CCIE in 5 Weeks

Ring in 2013 by increasing your pay and job security!
Limited seats are still available for the Todd Lammle authorized
Cisco certification courses listed below.

Todd Lammle Guaranteed to run classes
Upcoming Courses
Cisco Certified Entry Network Technician (ICND1 Exam) (4 Days)
1/09 - 1/12/2013Dallas/Fort WorthTodd Lammle InstructsDetails / Get Quote
2/27 - 3/02/2013Dallas/Fort WorthTodd Lammle Instructs Details / Get Quote


CCNA Training Boot Camp (6 Days)
1/14 - 1/19/2013Dallas/Fort WorthTodd Lammle Instructs Details / Get Quote
1/28 - 2/01/2013San FranciscoTodd Lammle Instructs Details / Get Quote
3/04 - 3/09/2013Dallas/Fort WorthTodd Lammle Instructs Details / Get Quote
3/11 - 3/15/2013San FranciscoTodd Lammle Instructs Details / Get Quote


CCNA Data Center Bootcamp (6 Days)
2/11 - 2/16/2013Dallas/Fort WorthTodd Lammle Instructs Details / Get Quote
3/04 - 3/09/2013Dallas/Fort WorthTriple-CCIE Narbik! Details / Get Quote
3/18 - 3/23/2013San FranciscoTodd Lammle Instructs Details / Get Quote
3/25 - 3/30/2013Dallas/Fort WorthTodd Lammle Instructs Details / Get Quote


CCNA Wireless Training Boot Camp (4 Days)
2/05 - 2/08/2013Dallas/Fort WorthTodd Lammle Instructs Details / Get Quote


CCNA Security Training Boot Camp (4 Days)
2/12 - 2/15/2013Dallas/Fort Worth Details / Get Quote


ASA / Firewall Specialist Training Boot Camp (6 Days)
2/18 - 2/23/2013Dallas/Fort WorthDetails / Get Quote


CCNP Training Boot Camp (12 Days)
1/21 - 2/01/2013Dallas/Fort WorthAll tests onsite! Details / Get Quote
3/18 - 3/29/2013Dallas/Fort WorthTests provided onsiteDetails / Get Quote


CCNA Voice / CVoice Training Boot Camp (5 Days)
3/04 - 3/08/2013Dallas/Fort WorthTest onsite! Includes Bonus CVoice exam! Details / Get Quote


CCNP Security Training Boot Camp (12 Days)
2/25 - 3/08/2013Dallas/Fort WorthDetails / Get Quote


DCUCD/DCUCI - Data Center Unified Computing (6 Days)
2/18 - 2/23/2013Dallas/Fort WorthTodd Lammle InstructsDetails / Get Quote
3/11 - 3/16/2013Dallas/Fort WorthTriple-CCIE Narbik! Details / Get Quote
4/01 - 4/06/2013Dallas/Fort WorthTodd Lammle InstructsDetails / Get Quote


CCIE Security 5-Day Written Training Boot Camp Course (5 Days)
1/14 - 1/18/2013Dallas/Fort WorthDetails / Get Quote


CCIE R&S Written 5-Day Training Boot Camp (5 Days)
2/04 - 2/08/2013Dallas/Fort WorthDetails / Get Quote
4/01 - 4/05/2013Dallas/Fort WorthDetails / Get Quote


CCIE R&S Practical 5-Day Training Boot Camp (5 Days)
2/04 - 2/08/2013Dallas/Fort WorthTriple-CCIE Narbik! Details / Get Quote

CompTIA SmartBrief