Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Hi Alea....
I hadn't thought about that aspect!
thanks
Wavxmaster,
Exactly. WorkingCapital has no way of knowing if anything has closed.
I remember last January when I reviewed the pdf slides from the Needham conference...I was amazed to see on slide 11 the disclosure of Blue Cross, Georgetown Univ, Mazda, L3 Communications, Diebold, Raytheon, Lufthansa, Boston Medical, and other new names as CUSTOMERS! I didn't recall seeing any announcement from Wave.
Just because it isn't being disclosed doesn't mean it's not happening.
FM
So glad you're posting again....somewhere!!!
Game Changers Pushing EHRs Forward (Wave mention!)
Greg Gillespie
Health Data Management Magazine, 01/01/2011
http://www.healthdatamanagement.com/issues/19_1/game-changers-pushing-ehrs-forward-41625-1.html?zkPrintable=true
(See bolded section below)
Health Data Management launched the EHR Game Changers Awards program to identify and honor individuals who have been true game changers in the design, advocacy, deployment and development of electronic health records technology.
Like what you see? Click here to sign up for Health Data Management's daily newsletter to get the latest news in health care I.T.
Nominations came in from the across the spectrum of the health care information technology industry: vendors, hospitals, group practices, payers, not-for-profit associations, and federal and state governments. HDM's editorial staff-Greg Gillespie, Joseph Goedert and Gary Baldwin-teamed with two industry veterans to judge the awards: Vince Ciotti, principal and co-founder of H.I.S. Professionals Inc., a Santa Fe, N.M.-based consulting firm; and Becky Quammen, CEO of Quammen Health Care Consultants, Shelbyville, Tenn.
Advertisement
Following are profiles of the six award recipients:
Restless Innovation
Vivek Reddy, M.D., medical director of hospital information technology at the University of Pittsburgh Medical Center
In 2002 when he was an internist just starting his career at University of Pittsburgh Medical Center, Vivek Reddy recalls that he complained loudly about a cumbersome system he was forced to use. That, of course, set him on course for a career in informatics. "I had an interest in computers as just a hobby. But when I got recruited into the technology development here, I realized that each and every decision made was going to have a huge impact on clinical care, and that really got me going," he says. "When we first embarked on this project, electronic records were used in the pejorative-physicians perceived that all the technology was doing was taking away time from their physician/patient relationship. It's been exciting to see how that attitude has changed over the years, to the point where physicians are asking for the technology now."
Reddy has spent his time at UPMC neck-deep in the eRecords project, and particularly in the ongoing rollout of computerized physician order entry technology across the health system's sprawling enterprise.
Reddy feels that he's spent the past nine years walking that sometimes sliver-thin line between ease of use and patient safety. The mantra at UPMC has been to never create an extra step in an I.T.-driven process unless it adds clinical value and therefore increases patient safety.
The trick, he says, is to ensure that the electronic processes make doing the right process-the safest and most cost-effective and clinically-sound process-the easiest to do.
"We have standard protocols, and when they want to deviate from those, they can do so, but it will take extra work and we have to ask you additional questions to ensure there's a justification for it."
Reddy doesn't sleep much, maybe four hours a night. Instead of passing those hours reading books, watching TV or working on his Facebook page, he's combing his thoughts for I.T. inspiration or popping up at emergency departments, checking out how the software infrastructure that's become his passion is supporting patient care. "I spend a lot of time thinking about how we can improve."
Singing a New Song
John Mattison, M.D., chief medical information officer at Kaiser Permanente
Mattison, in his own words, is an "accidental informaticist" who was very happy being a fourth-generation California doctor. But after implementing an electronic record at his family practice, he was drafted into the effort to create an enterprise electronic medical record at Kaiser Permanente. "In 1992 I took a two-year sabbatical from my practice to join the effort, and I assumed that by 1994 we would have everything implemented and I could go back to practicing medicine. After 18 years on the project, I still don't recall making a conscious decision to stay in informatics, but here I am."
In the early days of Kaiser's HealthConnect project, scalability was the issue. "I was naïve in thinking we could build an EHR and simply scale it up ... nothing on the market could do it. So we decided to co-develop a scalable EHR with Epic Systems, but it wasn't even technologically possible to scale our system up until about 10 years ago."
But technology was not the only scalability issue, Mattison says. Kaiser also had to take teamwork to new levels by involving more than 2,000 people in the design of HealthConnect for KP's Southern California Region, which encompasses 5,000 physicians at 13 hospitals and 140 clinics.
One innovation was borne from Mattison and his team's love for music. In the early days of the project, he and some team members would write lyrics about what they were doing and do a show in front of the entire HealthConnect team. When faced with the prospect of training 55,000 users on hundreds of EHR modules, and not enough training space in the region, they hit on a training innovation. "We were familiar with packing up our instruments in big boxes, so we hit on the idea of using those boxes to pack up dozens of PCs and a server and making them training rooms in a box that we could use wherever we needed them. We estimated we saved $20 million during the deployment by using conference rooms in instead of renting training facilities."
Mattison's mission now is to create the next generation of clinical documentation architecture. He made a serendipitous discovery in the early 1990s after reading about Charles Goldfarb, the developer of SGML, or Standard Generalized Markup Language, on which both XML and HTML are based. "I realized that the genius of what he had done was to create a structure where all information has a context, which is exactly how everything on health care exists. The value of representing clinical information in context became very apparent to me."
His and his team's efforts have borne the Convergent Medical Terminology, which includes more than 75,000 concepts. It is incorporated in the underlying architecture of Kaiser's health I.T. systems to support data flow between health care providers. It provides uniform concept definitions so that systems used for labs, vaccines, observations, and other medical data can communicate with each other in a common language, making data transferable between Kaiser Permanente systems and among care teams.
Kaiser has donated the terminology to the International Healthcare Terminology Standards Development Organization in Copenhagen, which owns SNOMED and will distribute CMT across the United States through the Department of Health and Human Services. "I never feel we're finished: seemingly every day the opportunities to use I.T. to improve care seem to expand as the technology does."
Speaking a New Language
Doug Fridsma, M.D., acting director, Office of Interoperability and Standards in the Office of the National Coordinator for Health Information Technology
Fridsma is one of the architects of the ongoing, massive overhaul of the U.S. health care system, but to him his mission at ONC is straightforward: "We are trying to modernize the ways physicians communicate."
But he is the first to admit the execution of that mission is anywhere close to being easy. As the point person on the federal government's Nationwide Health Information Network, and its latest effort, the Direct Project, he understands there is still a long road to travel. "Our goal is to solve real problems by providing real solutions in the form of a platform that enables focused collaboration, and gives the industry tools and resources and direction so the market can come up with solutions. We want to let innovation occur and let 'a thousand flowers bloom' as the saying goes."
Fridsma's and ONC's goal is nothing less than creating the language-comprising standards, services and policies-to enable every care facility in the U.S. to "speak" to their colleagues. Until January 2010, Fridsma continued to practice at Mayo Clinic Scottsdale (Ariz.) and served in the Department of Biomedical Informatics at Arizona State University. But the commute between Arizona and Washington D.C. became too much, so he took a leave to devote himself full-time to ONC's efforts.
His greatest satisfaction, he says, is when he witnesses the "Aha!" moments of physicians using the NHIN framework in the field and understanding the benefits of communicating in a common framework.
"In the first phase of meaningful use we adopted a series of standards that enables people to create a clinical summary that not only can the patient read, but it's in a machine-readable format that conveys that information as well and enables it to be used for decision support and other methods that benefit the patient. The HITECH Act didn't focus much on technology, but on the outcomes. And our goal is not technology for technology's sake, but technology to better the lives of patients. It's a big challenge that we're tackling one piece at a time and getting our hands and heads around each step.
"At ONC, our job is to make sure that value exists in everything we do, that what we're asking physicians to do provides higher quality care and fits in to a logical workflow. If we haven't done that, then we're not doing our job. "
Selling Connections
Glen Tullman, CEO at Allscripts Inc.
When Glen Tullman signed on to be Allscripts' CEO in 1997, the company was focused on medication management and selling e-prescription technology to small practices. Fourteen years and two major acquisitions (Misys PLC and Eclipsys) later, the company is a major player in the electronic health records market with annual revenue approaching $1 billion. And Tullman has spent those years being a relentless advocate of the use of open source architecture for health I.T. software and pushed his company to develop tool sets to connect its EHR software with virtually any device or software on the market.
However, Tullman doesn't think that his company, or the industry, has really delivered on the promise of EHRs. "Health care is fundamentally an information business, and we are not there yet in terms of delivering all that information about best treatments, best medications, etc. EHRs are just one part of what we need to do. We are focused on creating a community of health. Look at Facebook with its 50 million users and you can see what can happen if we truly connect the entire health care community." To that end, his company's mantra is to "design software that plays across any platform."
Allscripts plans to be a force in that evolution, Tullman says, and the driving force will be innovation. "An expression we use around here is that every day the world turns upside down, and someone who thought they were on top ends up on the bottom. And that can happen to any company that loses that hands-on focus on their client needs.
"Today we're in a market undergoing the single fastest transformation of a major sector of the economy in the history of the United States. You have $30 billion in public funding for EHR incentives, and 70 percent of that money is going to be spent in the next three years. And the way I see it, the entire ambulatory sector has disappeared and we're already in a post-acute world. There's no reason anymore for anyone to buy an ambulatory record when the name of the game is connectivity. The new world is accountable care organizations and medical homes and connectivity, and I feel the world is getting turned upside down for a lot of people in this market."
Government incentive programs have taken the EHR market to new heights, but Tullman says his company is still focused on its fundamental mission of improving health care. Allscripts, along with Dell, since 2006 has spearheaded the National ePrescribing Patient Safety Initiative (NEPSI), a $100 million campaign to deliver free electronic prescribing to every physician in the United States. "We know that initiative is saving lives, and I do consider that our ultimate mission. We don't take ourselves too seriously, but we do take that mission seriously."
Small Miracles
Ted Matthews, CEO, Anson (Texas) General Hospital
Anson General Hospital is a small, rural facility that seemed destined to be bringing up the rear in the race for electronic health records. The 45-bed hospital, with three physicians on staff and a miniscule I.T. budget, doesn't seem a likely candidate for I.T. innovation.
But CEO Ted Matthews pored over the EHR meaningful use incentive program and saw things differently. One of his first moves was to contact 11 hospitals in his area that were using EHRs and asking them how much the technology cost. And that was a discouraging exercise. "Even at the low-end, there's no way we could have afforded an EHR," Matthews says. "But the benefits of being able to work electronically were too good to pass up, as were the incentive payments. So we had to seize the opportunity."
Matthews hit upon the idea of a regional health information organization that would provide economies of scale to acquire an EHR. He percolated the idea then reached out to the Texas Department of Rural Affairs, which Matthews considers a "great friend" of rural facilities in Texas, to see if it would support his vision. The TDRA quickly approved a grant of $500,000 in seed money to Matthews for the project, who then reached out to three competing hospitals to pitch his idea.
"If there was ever a group of hospitals that didn't have the resources to install an EHR, it was our group," Matthews says. Nonetheless, 25-bed Stamford (Texas) Memorial Hospital, 20-bed Stonewall Memorial Hospital, Aspermont, Texas, and 14-bed Throckmorton (Texas) County Memorial Hospital all signed on for the RHIO, which purchased the Web-based ChartAccess Comprehensive EHR from Houston-based Prognosis Health Information Systems. "To a certain extent we share the same pool of patients and we offer similar services, but we're spread across our region. To improve patient outcomes, we needed to share what we're doing."
Though everyone agreed a common EHR made sense, that didn't stop the partners from engaging in grueling months of discussions on virtually every aspect of the shared system. "I'll tell you we had some very intense discussions, especially on the clinical side," he recalls. "Every aspect was a debate, and we had quite a few issues to work out. But it was a situation where we really decided to roll up our sleeves and get it done."
The EHR integrates with the billing, laboratory, pharmacy, radiology and other ancillary systems at each hospital, and serves as a shared repository for all clinical data generated by the facilities. The next step for the RHIO is to extend the EHR into local outpatient facilities; in addition, Matthews says four other hospitals in the region have expressed interest in joining the project.
The partners ran the numbers and expect to qualify for $3.7 million to $3.9 million in meaningful use incentive payments. With the hardware, software, maintenance and additional I.T. support, Matthews says that number represents a break-even point for the RHIO. "We could have sat out here and done nothing, or implement four different EHRs. But with all the benefits we're achieving, I'm surprised more small hospitals haven't followed through on the idea of a RHIO."
New Lines of Defense
Mark Mulvaney, network security engineer, information technology services at Boston Medical Center
Mark Mulvaney started doing desktop support not long after high school with the intention of moving toward a career in network/system administration.
But he found the security landscape intriguing, and over time made a shift to focus on the ever-evolving threats to patient data.
"I wanted to satisfy my desire to understand the big picture but also focus on a specific area," says Mulvaney, whose responsibilities include virtual private network security, malware defenses, two-factor authentication, wireless security and hardware encryption.
Boston Medical, a 639-bed teaching hospital, has more than 10,000 mobile devices in the field. Asked what represents the biggest risks associated with using mobile devices, Mulvaney is blunt: the users themselves. "There are not a lot of users who are really aware of the risks involved with laptops, connecting to unsecured wireless networks, leaving things logged on, being aware of surroundings, etc.," according to Mulvaney.
But security professionals can compound the problem by installing software and policies that interfere with the productivity of end-users and tempt many to turn off encryption and other security measures that they perceive to interfere with their work. Mulvaney's response to security threats posed by end-users and malicious outsiders has been to look beyond traditional encryption solutions and move Boston Medical to self-encrypting laptop drives, which move the actual encryption into the hardware devices themselves. By making the encryption invisible to end-users, encryption keys never leave the hard drives and user authentication is performed on the hardware level.
The medical center has deployed the encryption solution on Dell machines with Seagate encrypting drives and Wave Systems management software. The management application ensures that Boston Medical can prove that data was encrypted if a laptop is lost or stolen.
Mulvaney also is concerned about the rise in targeted attacks. "The random viri and malware that users come across is definitely something to take care of, but it's nothing compared with a targeted attack, where the target is studied and analyzed, and specific actions are taken to fine tune an attack. You always have to be on your toes, since the attacker just has to wait for one opportunity."
For more information on related topics, visit the following channels:
Business Intelligence
Data Security
Electronic Health Records
Health Information Exchange
Policies/Regulation
Stimulus
Hospitals
Group Practices
AA,1260, and DaBears, thanks e/
HP Clinches $2.5B NASA Deal for PCs
By Aliya Sternstein 12/28/10 04:07 pm ET
Hewlett Packard has nabbed a 10-year NASA megadeal potentially worth $2.5 billion to manage employees' and personal computers peripheral technology, space agency officials announced on Monday.
The job entails providing, securing and servicing most staff computers, agency software, mobile technology services, printers and other supporting infrastructure. Herndon, Va.-based HP Enterprise Services, formerly EDS, will be responsible for outsourcing some of the tasks to other commercial vendors under the contract known as "ACES," for Agency Consolidated End-user Services.
The fixed-price pact covers four base years of work, with two three-year option periods. Program managers will be based at NASA's shared services center in Mississippi.
ACES is part of a larger NASA effort, the IT Infrastructure Integration Program, intended to save money by consolidating procurements and centralizing information technology services. The new HP deal will replace an older long-term contract currently held by Lockheed Martin Corp. called the Outsourced Desktop Initiative (ODIN).
In February, Lockheed, one of the most established NASA business partners, announced the space agency had awarded the company a $230 contract extension for ODIN that ends in Oct. 2011.
The Mississippi facility where ACES will be managed -- operated by NASA, Computer Sciences Corp. and the states of Mississippi and Louisiana -- supports operations at all 10 NASA space centers.
Interesting comment:
Boehner taps Thornberry to lead cybersecurity initiative
December 27, 2010
http://www.federalnewsradio.com/index.php?nid=15&sid=2213727
As the new GOP-led House prepares to be seated, the incoming speaker has designated new leadership on a new cybersecurity effort.
Incoming Speaker of the House John Boehner (R-Ohio) has tapped Republican Rep. Mac Thornberry (R-Texas) to lead an initiative on cybersecurity that Boehner says cuts across committee lines.
InfoSecurity.com reports the initiative will focus on uniting the Congress's multiple cybersecurity efforts.
Cybersecurity issues in the House have been plagued by jurisdictional disputes, as multiple committees each have a part of the cybersecurity pie.
Thornberry will also become the vice chairman of the House Armed Services Committee when the 112th Congress is seated next month.
RWK....there's more: How about $30?
Sorry I don't have a link:
Intermediate term: The weekly chart shows a strong uptrend and a potential new high. Over the past three years (WAVX) has made three decisive moves up. If history is a guide then $5.60, $7.00 and $10 could be reasonable expectations for this rally.
Long term:
The long tern chart shows (WAVX) could break above important resistance at $4.75. A move through this level is very bullish, confirming a long term $15 price target. The long term chart shows a very large base in the process of being completed. (WAVX) has a unique business model that addressee a very large market. The long term (WAVX) chart has potential to $30 and beyond.[/b
Dvorak Technical Research, Inc. Recommendation. 12-20-2010
Wave Systems Inc (WAVX) $3.85 is a leading provider of client and server software for hardware-based digital security, enabling organizations to know who is connecting to their critical IT infrastructure, protect corporate data, and strengthen the boundaries of their networks. Wave’s Embassy suite is embedded in all of Intel’s motherboards where it receives some revenue, later if the system is activated by the end user WAVX gets paid a significantly higher license fee.
Disclosure: Dvorak Technical Research has recommended Wave Systems (WAVX) to its clients and its principles have made personal investments in (WAVX) shares.
Wave Systems Inc (WAVX) trades at 13 x sales and has grown its revenues from $5 million are per quarter to its recent quarter of $6.4 million, while managing its losses to around 1 cent per quarter.
Short term: The daily chart shows a strong breakout at $2.65 in late November. (WAVX) has overcome resistance at $3.75 today with strong volume, over one million shares. The next important level is $4.25 and then $4.75, the high for 2010. A move to new highs for (WAVX) is a very bullish signal longer term. Support is at $3.25 to $3.35
(WAVX) has a price target of $8
Wave Systems Corp. (NASDAQ:WAVX) zoomed 9.91% to $3.84.
http://www.efreepressrelease.com/201012205564/stock-gainers/top-tech-stocks-surging-high-idcc-motr-lscc-wavx/
The stock has been moving within a range of $1.26-$4.75 over the past 52-weeks. Wave Systems Corp. (Wave) develops, produces and markets products for hardware-based digital security, including security applications and services that are complementary to and work with the specifications of the Trusted Computing Group (TCG).
Cloud Security
http://www.trustedcomputinggroup.org/solutions/cloud_security
Already a number of TCG technologies and standards - the Trusted Platform Module, Network Security and Self-encrypting Drives - today secure data, systems and networks, and all of these are relevant to the Trusted Multi-Tenant Infrastructure (TMI) effort. These technologies will be used to establish trust, exchange information and apply policy. The new TMI Work Group will focus on how we can interface various technical standards to create an end-to-end enterprise solution that is tailored to meet mission and business needs and comply with security policies within public and private business sectors.
In Cloud Security, the challenge is to:
Establish trust in the provider of IT services
Establish and monitor compliance to changing IT policy
Assess and monitor compliance to cost, policy and performance objectives
Do this in a multi-sourced, multi-supplier ecosystem
Provide a complete end-to-end set of standards to enable seamless security
Cloud Security and Trusted Multi-tenant Infrastructure (TMI) Benefits:
Assess: Enable consumers to assess the trustworthiness of supplier systems
Enable: Real-time assessment of compliance as part of the provisioning process
Monitor: Support real-time monitoring
Guidance: Provide implementation guidance
Standardize: Identify and address gaps in standards landscape to enable trust
Taxi Vader's find is HUGE!!!!!
See message #20300.....here's an excerpt:
"There is a way to detect devices that are lying about their capabilities. Google is using it in the forthcoming Chrome OS laptops: an encrypted hardware module that can't be hacked. The technology, called Trusted Platform Module (TPM), has been around for years and is used in some laptops -- particularly those in the defense industry. In order to work, device management software needs to have access to the device's read-only status through the operating system, to compare the safeguarded actual state against the device's software-reported state."
"Conceivably, all the mobile device makers could agree to implement TPM in some common way, providing an API-level tool that could not be hacked to lie. That's unlikely -- and it hasn't happened in the world of laptops, which are much more widely deployed and tend to hold gobs of potentially sensitive information."
This author is essentially calling for TPMs to be inside all cell phones!
NSA Speaks Out on WikiLeaks, Cybersecurity
http://www.foxnews.com/scitech/2010/12/17/nsa-speaks-wikileaks/
The U.S. government's main code-making and code-cracking agency now works on the assumption that foes may have pierced even the most sensitive national security computer networks under its guard.
"There's no such thing as 'secure' any more," Debora Plunkett of the National Security Agency said on Thursday amid U.S. anger and embarrassment over disclosure of sensitive diplomatic cables by the web site WikiLeaks.
"The most sophisticated adversaries are going to go unnoticed on our networks," she said.
Plunkett heads the NSA's Information Assurance Directorate, which is responsible for protecting national security information and networks from the foxhole to the White House.
"We have to build our systems on the assumption that adversaries will get in," she told a cyber security forum sponsored by the Atlantic and Government Executive media organizations.
The United States can't put its trust "in different components of the system that might have already been violated," Plunkett added in a rare public airing of NSA's view on the issue. "We have to, again, assume that all the components of our system are not safe, and make sure we're adjusting accordingly."
The NSA must constantly fine tune its approach, she said, adding that there was no such thing as a "static state of security."
More than 100 foreign intelligence organizations are trying to break into U.S. networks, Deputy Defense Secretary William Lynn wrote in the September/October issue of the journal Foreign Affairs. Some already have the capacity to disrupt U.S. information infrastructure, he said.
Plunkett declined to comment on WikiLeaks, which has started releasing a cache of 250,000 diplomatic cables, including details of overseas installations that officials regard as vital to U.S. security.
Official have focused publicly on Army Private Bradley Manning, who is being detained at a Marine Corps base in Quantico, Virginia, as the source of the leak.
NSA, a secretive Defense Department arm that also intercepts foreign communications, conceives of the problem as maintaining the availability and assuring the integrity of the systems it guards, rather than their "security," she said.
NSA -- which insiders jokingly used to say referred to "No Such Agency" -- also focuses on standardization and auditing to hunt for any intrusions, Plunkett said. She referred to the development of sensors for eventual deployment "in appropriate places within our infrastructure" to detect threats and take action against them.
Mike McConnell, a retired Navy vice admiral who headed the NSA from 1992 to 1996, told the forum he believed no U.S. government network was safe from penetration.
A third-party inspection of major computer systems found there was none of consequence "that is not penetrated by some adversary that allows the adversary, the outsider, to bleed all the information at will," said McConnell, director of national intelligence from 2007 to 2009 and now leader of the intelligence business for the Booz Allen Hamilton consultancy.
Group aims to help secure the technology supply chain
http://gcn.com/articles/2010/12/15/supply-chain-security.aspx
Targeted threats underscore importance of protecting infrastrucure
By William Jackson
Dec 15, 2010
A working group of government, commercial and academic organizations has been formed to identify and promote best practices for securing the global technology supply chain from malicious activity.
The Trusted Technology Forum is a product of the Acquisition Cybersecurity Initiative sponsored by the Defense Department and supported by the Open Group, an industry open standards body, to help define trustworthy acquisition policies and practices.
“We’ve defined a Trusted Technology Provider Framework based on existing open standards and best practices,” said Andras Szakal, distinguished engineer at IBM and an Open Group board member. One of the requirements of the framework is that it be “grounded in reality” and based on practices already in use by organizations with mature supply chain security programs, he said.
An initial version of the framework has been developed but not released. The forum’s first product is expected to be a white paper based on the framework outlining current best practices.
The forum has defined supply a supply chain threat or attack as the subversion of hardware or software prior to delivery in order to put in a vulnerability for later exploit.
Technology supply chain security is emerging as an area of concern as cyber threats become more targeted and sophisticated. Although random attacks exploiting flaws in software remain a major cybersecurity risk, stealthy and advanced attacks targeting high-value resources and systems are becoming more common – or at least now are being discovered.
Several high-profile examples, including the Google Aurora breach reported early this year and the Stuxnet worm targeting industrial control systems, exploit zero-day software vulnerabilities that were not known of before the exploits were discovered. The next step in this escalation of exploits is the intentional introduction of vulnerabilities in software and hardware products by insiders in the supply chain.
The Homeland Security Department, which is charged with overseeing the security of the nation’s critical infrastructure, has identified 18 Critical Infrastructure and Key Resources (CIKR) sectors that are vital to the nation’s security and economy:
Agriculture and food.
Defense industrial base.
Energy.
Health care and public health.
National monuments and icons.
Banking and finance
Water.
Chemical.
Designated commercial facilities.
Critical manufacturing.
Dams.
Emergency services.
Nuclear reactors, materials and waste.
Information technology.
Communications.
Postal and shipping.
Transportation systems.
Government facilities.
A recent study by the Enterprise Strategy Group, sponsored by Hewlett-Packard and Microsoft, two of the forum’s founding members, concluded that there is a lot of room for improvement by the industries operating the nation’s critical infrastructure in ensuring that their supply chains are reliable. “Few organizations are doing thorough due diligence on their IT vendors’ security, so CIKR firms may be buying hardware and software with security vulnerabilities ‘baked-in,’” the report states.
“Many critical infrastructure organizations are employing some types of secure software development programs, but these are often instituted haphazardly. Finally, CIKR companies are sharing IT systems with business partner employees and systems, but most lack formal cyber supply chain governance and oversight. As a result, secure CIKR organizations are increasing their security risks through electronic business processes with insecure partners.”
The study described software assurance as a work in progress. Although many CIKR firms studied by ESG have developer training, software testing and other safeguard programs, they are not mature or uniformly implemented.
Another weakness in software assurance is that development training and software testing focus on vulnerabilities created by errors in software rather than on intentional flaws that can be carefully crafted and hidden.
The Acquisition Cybersecurity Initiative began in 2008 to identify existing best practices to ensure trusted development, manufacture, delivery and operation of commercial technology products. This would benefit technology buyers by establishing a mechanism for acquiring trusted products and would help trusted suppliers by providing a market differentiator.
A framework defining the characteristics of trustworthy development could allow streamlining of current overlapping certification and accreditation efforts.
Although the initial framework has been developed, “there is a lot to do,” said Josh Brickman, director of program management for CA Technologies. Standards embodying some of the best practices need to be developed and conformance metrics are needed identify proper implementation of standards by vendors.
“We also want to establish an accreditation program for vendors” so that procurement agencies can have a list of trusted vendors to purchase from, Brickman said.
Founding members of the Trusted Technology Forum are the Office of the Under Secretary of Defense for Acquisition, Technology, & Logistics; NASA; the Carnegie Mellon Software Engineering Institute; MITRE Corp.; CA Technologies; Cisco Systems; Hewlett-Packard; IBM, Kingdee International Software Group; Microsoft and Oracle.
Today's Most & Least Loved:
http://www.smallcapnetwork.com/Todays-Most-Least-Loved-MPET-DSCO-FCEL-WAVX-AMSC-HBAN/s/article/view/p/mid/3/id/575/
The most-bearish call on Wave Systems Corp. (WAVX) is almost certainly the work of a few desperate shorts who are doing anything to talk the stock down after a major move higher over the last two weeks. It's a technically sound rally though, and is just now moving above the 200-day average line (i.e. there's room to run). With a big swing back to profitability in the works, this bearish call on Wave Systems is a great contrarian sign.
Financial Services Sector Signs Cybersecurity Research Agreement with NIST, DHS
http://www.newswise.com/articles/financial-services-sector-signs-cybersecurity-research-agreement-with-nist-dhs
The National Institute of Standards and Technology (NIST) has joined in a new public-private partnership to spur cybersecurity innovation in the financial services sector. Through a memorandum of understanding signed on Dec. 6, 2010, NIST, the Department of Homeland Security Science and Technology (S&T) Directorate and the Financial Services Sector Coordinating Council agreed to work together to speed the application of research into practice for better cybersecurity for the critically important financial services sector.
The organizations plan to leverage their core cybersecurity expertise, research and development capabilities and other resources to explore the benefits of new cybersecurity technologies and develop new processes that benefit critical financial services functions. Outputs of this collaborative research also are expected to be applicable to health care and Smart Grid cybersecurity needs.
Nearly all modern financial services—banking and credit card transactions, insurance, trading and funds management, and many other business and consumer financial activities—are delivered online to all parts of the economy and society. Online services are also integral to international commerce. Both the public and private sectors have vital interests in securing financial services against threats.
The three members of the partnership have complementing capabilities:
•NIST's Information Technology Laboratory advances the state of the art in information technology and cybersecurity through innovations in mathematics, statistics and computer science and conducts research to develop the measurement and standards infrastructure for emerging information technologies and applications. Working with industry, other government agencies and academia, the institute accelerates the development of and deployment of IT systems that are reliable, usable, interoperable and secure.
•The Financial Services Sector Coordinating Council—whose members include banks, credit unions, insurance companies, payment services, trading firms and others—supports research and development initiatives to protect the physical and electronic infrastructure of the banking and finance sector and to protect its customers by enhancing the sector's resilience and integrity.
•The S&T Directorate is the Department of Homeland Security's research and development arm. Among its priorities, S&T conducts—in cooperation with other Federal agencies, state, local, and tribal governments, universities, and private industry—cybersecurity research and development to secure the Nation's current and future cyber and critical infrastructures.
The groups will develop and implement use cases and the supporting test plans to facilitate high assurance network infrastructures, advanced identity management technologies and improved usability of security technologies.
Trusted Computing Group Will Show New Self-Encrypting Drives at Storage Visions 2011 Conference
http://www.sys-con.com/node/1647038
Trusted Computing Group and members will demonstrate a variety of available hard drives based on the TCG's specifications for secure storage at Storage Visions 2011. Trusted Computing Group is a Bronze Sponsor of this annual event focused on storage issues, including security and data protection.
The event's theme, “New Dimensions Drive Digital Storage,” recognizes the role that increasing content resolution and stereoscopic content will play in driving demand for content and storage devices that support making, distributing, using and saving that content.
“The ever-faster migration of valuable corporate data, entertainment media and personal data from analog to digital storage increases the total amount of digital content and puts an increasing urgency on data protection,” noted Tom Coughlin, founder and chairman of Storage Visions. “Storage Visions gives users and developers a forum to learn more about emerging and current technologies, such as TCG's Opal specifications for trusted storage in self-encrypting drives.”
Trusted Computing Group's free Opal specification provides a non-proprietary blueprint for self-encrypting capabilities. Opal-based devices, including hard drives, flash, tape and optical devices, encrypt data automatically on the fly, can be immediately and completely erased, and can be optionally combined with the Trusted Platform Module, or TPM, for safekeeping of security credentials.
TCG member representatives Michael Willett, Samsung, and Aidan Herbert, Wave Systems, will speak to attendees in the session, “Finding, Protecting and Using Content,” on January 4, 2011, 10:30 a.m. - 12:00 p.m. In addition to discussion of self-encrypting drives, the session's panelists will explore the latest developments in content indexing and searching, including automated metadata generation. It also examines the role digital storage will play in providing greater privacy protection.
In the exhibit area in Booth #29, demonstrations will include various self-encrypting hard disk drives, a self-encrypting solid state drive and centralized set-up and management of these drives.
Registration for the conference as well as conference hotel room registration is available at www.storagevisions.com.
About TCG
Trusted Computing Group, an industry organization that enables computing security, has created a portfolio of specifications to enable more secure computing across the enterprise in PCs, servers, networking gear, applications, other software, storage and embedded devices. More information and the organization's specifications and work groups are available at the Trusted Computing Group's website, www.trustedcomputinggroup.org.
Read more: http://www.benzinga.com/press-releases/10/12/b693860/trusted-computing-group-will-show-new-self-encrypting-drives-at-storage#ixzz180tB7v6i
NSA: Host and Network Integrity through Trusted Computing
http://www.nsa.gov/ia/_files/host_networking_brochure.pdf
Gov't 2.0: Cloud first, $13 billion for cybersecurity
http://www.zdnet.com/blog/service-oriented/government-20-cloud-first-13-billion-for-cybersecurity/6220
The US federal government deals with things in the billions of dollars, so you know anything it does related to technology will occur on a grand, billion-dollar scale. Fans of cloud computing and cybersecurity will be pleased, then, by a couple of reports over the past week that suggest billions more will be going to cloud and security.
First, it appears the a “cloud-first” directive has been issued to government agencies, seen as a way to better reign in its $80-billion annual IT budget. Second, an analysis of US agency security spending plans indicates that the feds will be spending more than $13 billion a year for security within the the next five years.
The Washington Post’s Marjorie Censer reports that US federal agencies are now required to adopt a “cloud-first” policy when considering new information technology purchases. The policy is the result of an overhaul of the government’s IT procurement process:
“Jeffrey Zients, the federal government’s first chief performance officer, announced… that the Office of Management and Budget will now require federal agencies to default to cloud-based solutions ‘whenever a secure, reliable, cost-effective cloud option exists.’”
This is a dramatic sea-change in acceptance of the cloud technology approach, which was fairly new and radical just a couple of years ago — and still is fraught with misgivings about information security.
Still, the financial benefits are too compelling to pass up, espcially for an $80-billion-a-year IT operation such as that of the US federal government. The cloud-first initiative may help the government in its efforts to reduce and consolidate its stable of 2,100 data centers. The government is moving to reduce that total by at least 40% by 2015.
There are other “smarter” IT approaches already in place. The General Services Administration maintains a government “app store,” Apps.Gov, which provides agencies with access to various cloud platforms and applications.
Federal CIO Kundra Vivek has vowed to reign in and streamline the government’s IT budget by at least by five percent a year through aggressive and pro-active actions such as cloud computing, virtualization and data center consolidation. And, as a result, enable agencies across the board to better streamline their own programs.
Of course, as evidenced by the latest WikiLeaks revelations, the security of government information appears to be extremely vulnerable, and many would say putting more in the cloud makes it even more vulnerable. But the government also intends to pour billions of dollars into its security efforts. The research firm Input calculates in a new study that annual information security spending by government will increase from $8.6 billion in 2010 to $13.3 billion in 2015 at a compound annual growth rate (CAGR) of 9.1%.
Input observes, however, that while agencies continue to make incremental progress toward secure infrastructures, “lack of leadership, ambiguous roles, technical challenges, and workforce shortages inhibit the federal government from developing implementing a cohesive, well-formed national cybersecurity strategy.”
Toshiba Expands Lineup of Hard Drives with Opal-Compliant Self-Encrypting Tech.
http://www.xbitlabs.com/news/storage/display/20101202234705_Toshiba_Expands_Lineup_of_Hard_Drives_with_Opal_Compliant_Self_Encrypting_Tech.html
Toshiba Storage Device Division has announced a new family of 2.5" hard disk drives (HDDs) with 7200 RPM spindle speed and government-grade AES-256 hardware encryption incorporated in the disk drive’s controller electronics. The new drives are designed for commercial notebooks and security-sensitive applications, including shared desktop PCs.
Toshiba's new family of self-encrypting drives features 160GB, 250GB, 320GB, 500GB and 640GB capacities and is based on one or two the latest-generation perpendicular magnetic recording platters with 512Gb/inch2 areal density. The drives feature 7200 RPM spindle speed, 16MB cache, Serial ATA-300 interface and feature 12ms average seek time.
Based on the Opal Security Subsystem Class (Opal SSC) specification from the Trusted Computing Group (TCG), the new Toshiba self-encrypting drive (SED) family enables secure and quick deployment of encryption on notebook and desktop PCs to protect confidential information. SEDs designed to the Opal SSC specification provide advanced access authentication and built-in hardware data encryption. Because it is an open industry standard, Opal encourages broad support from both security solutions vendors and SED makers – enabling seamless management of most deployments that support both pre-existing software encryption and Opal SSC-specified SED storage.
The Toshiba AES-256 encryption algorithm implementation is certified by the US National Institute of Standards and Technology (NIST) through its Cryptographic Algorithm Validation Program (CAVP). In addition, access to the Toshiba MKxx61GSYD SED can be securely administered or disabled remotely, using capabilities such as those enabled by Intel’s Active Management Technology (AMT).
“Encryption standards established by organisations such as The Trusted Computing Group are making it significantly easier to deploy security solutions such as self-encrypted HDDs on portable PCs. Toshiba is aiming squarely at the need for stronger data security by launching its new mobile 2.5" HDD with AES 256 encryption embedded in the drive hardware, and designed to The Trusted Computing Group's Opal SSC specification," said John Rydning, an IDC industry analyst.
Partner mention re: Cloud Security:
Ping Identity CTO Shares Cloud Identity Security Best Practices at Department of Homeland Security Symposium
WASHINGTON--(BUSINESS WIRE)--Ping Identity CTO Patrick Harding today told a group of Department of Homeland Security personnel and support contractors that new demands for cloud identity access management must be addressed. Ping Identity was one of a select group of vendors invited to share insights and best practices based on real customer experiences at the DHS Identity, Credential and Access Management Symposium.
The current system of single, armored, expensive and fully controlled federations is about to slam into the world of cloud federation and social networking," Harding said. “It is simple. The US Government will want to consume much of the data that citizens and commercial entities are putting out there. Those entities will frequently not be willing to jump through the hoops currently in place for Government workers and partners.”
While Harding acknowledged it will take some time to find a balance, he went on to say that Ping Identity believes that it is necessary for the US Government to not only continue with their ultra-secure profiles, but to also begin to create federation plans that have the flexibility to interface into this new world.
“Through our work with DHS, DISA, RISS and others governmental entities it is resoundingly clear that it is no longer good enough to authenticate the user and then forget about him,” Harding said. “What’s needed is a wholistic model, where confidence in a user can constantly be called into question through a continuing feedback loop of activity coming from services across the Internet. The goal is to move from one single fortified thread to a web of information that provides robust and redundant information that leads to a more secure context supporting the identity of the user.”
DHS has embarked on a course to ensure that it has adopted the very best practices for identity, credential, and access management (ICAM). With the support of Forrester Research, the Office of the CIO sponsored today’s ICAM Symposium to bring visibility to these best practices and facilitate their adoption across the enterprise.
More than 150 DHS Federal personnel and support contractors participated in the event.
Ping Identity and Harding are known for their work with US Identity, Credential and Access Management efforts. In July, Ping Identity participated in a special Burton Catalyst interoperability demo, showing a future concept in which its PingFederate Internet Single Sign-On (SSO) software will empower users to seamlessly access multiple Cloud-based applications or Websites regardless of the application’s ICAM levels of assurance (LOA) requirements or access protocols. Ping Identity is a member of the OpenID Foundation and supports the Open Government pilot project, and Harding a member of the Kantara eGovernment Work Group.
About Ping Identity Corporation
Ping Identity is the market leader in Internet Identity Security, delivering on-premise software and on-demand services for Internet Single Sign-On (SSO), Identity-Enabled Web Services and Internet User Account Management. More than 500 enterprises, government agencies, Software-as-a-Service (SaaS) vendors and online service providers worldwide rely on Ping Identity to streamline application access, reduce administrative costs, generate additional revenue and improve security. Visit www.pingidentity.com for additional information
Mobile Phone Security and Trusted Computing
http://www.trustedcomputinggroup.org/community/2010/11/mobile_phone_security_and_trusted_computing
According to a story recently in the Wall Street Journal, "Consumers are snapping up gadgets like high-powered cellphones and Apple Inc.'s tablet computer, and the cellphone industry is counting on them to drive its growth. Meanwhile, the list of holes computer researchers are finding in the devices and their software is growing."
While attacks on smartphones are not yet common, everyone in the industry anticipates they will be the target of the same malware, attacks and other creepy stuff that can cripple computers and steal users' data.
Anticipating this, in September 2006, TCG announced the industry's first open specification, for the Mobile Trusted Module (MTM) to enable mobile security to be embedded in a device's basic architecture.
The use cases and specification are still valid today, with valid and timely key concepts including secure boot, roots of trust, enforced integrity protection, multiple engines, multiple stakeholders, enforced integrity protection, remote (MRTM) & local (MLTM) ownership and flexible implementation.
The MTM specification offers an abstraction layer specification to the trusted components of a mobile platform, which defines the trusted components' properties in terms of an interface exposed by the trusted components towards the normal (untrusted) components of the platform.
Importantly for the developers and manufacturers of devices where flexibility and optimized security for all solutions and purposes is imperative, the MTM does not need to be implemented only in dedicated silicon hardware. The capabilities can be embedded in the overall architecture, whereby the security is hardware-assisted and the overall MTM itself does not have to be entirely in silicon.
There are a number of resources in addition to those linked above:
Nokia Research Center Mobile Trusted Module (MTM) - an introduction http://research.nokia.com/files/NRCTR2007015.pdf
Implementation of a TCG-Based Trusted Computing in Mobile Device http://www.springerlink.com/content/w481726348g70735/
Design and implementation of mobile trusted module for trusted mobile computing http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=5439136
A Trusted Mobile Phone Prototype http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=4446568
Bull Dolphin:
http://247wallst.com/2010/11/29/buyback-favored-at-seagate-over-buyout-not-all-bad-news-stx-wdc/
Seagate’s message is that the demand for hard disk drives has improved, and the current expectation for the total available market in the December 2010 quarter is approaching 170 million units. It further noted that supply and demand appear to be well balanced and revenue should be at least $2.7 billion and gross margin as a percent of revenue to be at least 19.5%. Thomson Reuters has consensus estimates of $2.7 billion in revenue for the quarter.
Security Solutions Discussed by Industry Leaders
in SecurityStockWatch.com Interviews
Market Wire
12:01 AM (GMT-05:00) Eastern Time (US & Canada) Nov 18, 2010
SecurityStockWatch
Wave Systems recently announced that Q3 revenues rose 38% to $6.7 million
driven by software license activity.
Steven Sprague, President and CEO of Wave Systems, commented, "Q3 was
very important for Wave as we achieved another successive period of
top-line growth, while continuing to invest heavily in R&D and SG&A to
bring new products to market, to support our OEM partners and to further
expand our sales and marketing activities. Ongoing investment in R&D is a
critical component of Wave's corporate strategy and is necessary for
meeting both customer demand and maintaining a competitive advantage. We
believe these investments will further our initiatives in the long run,
an example being last week's launch of Wave for BitLocker(R) Management.
Wave's BitLocker management solution is intended to leverage the
enterprise adoption of Windows 7 and the renewed interest in Microsoft's
native encryption feature that is included in most enterprise versions of
Windows 7.
"We've also included BitLocker management capabilities into the latest
edition of our flagship EMBASSY(R) Remote Administration Server as well,
giving enterprises the ability to manage encryption or authentication in
one easy-to-use, cost-effective package. Wave is the only ISV to offer
management for all three of the leading forms of encryption, be it
BitLocker, self-encrypting hard drives or software FDE for legacy
systems, in addition to Trusted Platform Modules. In today's increasingly
complex environment, where we believe many enterprises are looking to
adopt a 'blended' approach to encryption and authentication, we think
this distinction provides a competitive advantage."
For more information about Wave Systems: www.wave.com (NASDAQ: WAVX)
For
the Wave interviews with:
Lark Allen, Executive Vice President:
http://www.securitystockwatch.com/Interviews/in_Boardroom_WAVE_LA.html,
and,
Steven Sprague, CEO and President:
http://www.securitystockwatch.com/Interviews/in_Boardroom_WAVX.html.
RYE BROOK, NY, Nov 18 (Marketwire) --
Stanley Security Solutions, Gemalto, Wave Systems, ICOP,
CyberDefender
"There is a global trend toward increasing identity security in both the
physical and virtual worlds. On the leading edge of this trend is the
move to embedded microprocessor chip technology in identity credentials,
documents and tokens to secure online transactions, protect identities
and ensure the access control of information systems. At Gemalto, we
address these opportunities in our Security Business Unit, and I am
charged with managing our security activity in North America for Online
Banking and Online Authentication." These are among the observations
discussed by Mr. Thomas Flynn, Vice-President, Online Banking and
Authentication, Gemalto North America. www.Gemalto.com, (PARIS: GTO)
(ISIN Code: NL0000400653).
For the Gemalto interview:
http://www.securitystockwatch.com/Interviews/in_Boardroom_GEM_TF.html.
**************************************************************************
"We manage a broad portfolio of products and services with several
well-known and respected brands like Stanley, Best, Safemasters, K2,
Precision, Sargent & Greenleaf, Kwikset, Weiser, Baldwin , Price Pfister,
and National Hardware. In addition, we work closely with Stanley
Healthcare and Convergent Security Solutions teams to offer integrated
access control and monitoring solutions." These are among the insights
discussed with Mr. Mike Molezzi, Vice President - Product Development,
Stanley Security Solutions - Mechanical Access
(www.stanleysecuritysolutions.com) (NYSE: SWK).
For the complete interview with Stanley Security Solutions:
http://www.securitystockwatch.com/Interviews/in_Boardroom_SSS_MM.html.
**************************************************************************
Wave Systems recently announced that Q3 revenues rose 38% to $6.7 million
driven by software license activity.
Steven Sprague, President and CEO of Wave Systems, commented, "Q3 was
very important for Wave as we achieved another successive period of
top-line growth, while continuing to invest heavily in R&D and SG&A to
bring new products to market, to support our OEM partners and to further
expand our sales and marketing activities. Ongoing investment in R&D is a
critical component of Wave's corporate strategy and is necessary for
meeting both customer demand and maintaining a competitive advantage. We
believe these investments will further our initiatives in the long run,
an example being last week's launch of Wave for BitLocker(R) Management.
Wave's BitLocker management solution is intended to leverage the
enterprise adoption of Windows 7 and the renewed interest in Microsoft's
native encryption feature that is included in most enterprise versions of
Windows 7.
"We've also included BitLocker management capabilities into the latest
edition of our flagship EMBASSY(R) Remote Administration Server as well,
giving enterprises the ability to manage encryption or authentication in
one easy-to-use, cost-effective package. Wave is the only ISV to offer
management for all three of the leading forms of encryption, be it
BitLocker, self-encrypting hard drives or software FDE for legacy
systems, in addition to Trusted Platform Modules. In today's increasingly
complex environment, where we believe many enterprises are looking to
adopt a 'blended' approach to encryption and authentication, we think
this distinction provides a competitive advantage."
For more information about Wave Systems: www.wave.com (NASDAQ: WAVX)
For
the Wave interviews with:
Lark Allen, Executive Vice President:
http://www.securitystockwatch.com/Interviews/in_Boardroom_WAVE_LA.html,
and,
Steven Sprague, CEO and President:
http://www.securitystockwatch.com/Interviews/in_Boardroom_WAVX.html.
**************************************************************************
ICOP Digital recently announced two important "wins" including:
-- the sale of 14 units to the Durango Police Department in Durango,
Colorado. For more information:
http://www.easyir.com/easyir/prssrel.do?easyirid=C2659141656D9C96&version=live&releasejsp=release_132&prid=682089,
-- the award of an initial order for 16 ICOP units from the Olathe Police
Department. For more information:
http://www.easyir.com/easyir/prssrel.do?easyirid=C2659141656D9C96&version=live&releasejsp=release_132&prid=682807
For more information: http://www.icop.com/. (NASDAQ: ICOP).
For the
ICOP interview:
www.securitystockwatch.com/Interviews/in_Boardroom_ICOP.html.
**************************************************************************
Mr. Gary Guseinov, CEO/Chairman of the Board, CyberDefender, told us,
"The market is driven by an increasing complexity in devices, their
interconnection, and the increasing sophistication of home networks. This
is compounded by a global environment of increased threats, including
spam, phishing attacks, scams, and identity theft... these threats are at
all time highs today and growing.
"Additionally, in a challenged economy, many consumers need to get a
little more mileage out of their older computers in order to stretch
their dollar, so products that increase speed and efficiency are in high
demand. Most security companies offer do-it-yourself 'DIY' packaged
software to address these issues and lack a white glove complementary
service, which many consumers simply require in order to install and use
software properly.
"According to the Parks Associates 2009 Report, the network-based
premium-level remote technical support market is projected to more than
double to $1.7 billion annually by 2014. We believe the total market
numbers for this service, including SMB (small and midsized businesses)
could be significantly larger. Our remote technical support service is
growing very quickly, and this represents an incredibly exciting
opportunity for the company."
For more information about CyberDefender: www.cyberdefender.com (NASDAQ:
CYDE)
For the CYDE interview:
http://www.securitystockwatch.com/Interviews/in_Boardroom_CYDE.html
Trusted Computing Group Elects Dell and Samsung to Board
http://www.marketwatch.com/story/trusted-computing-group-leader-in-computer-security-standards-elects-dell-and-samsung-to-board-of-directors-2010-11-16?reflink=MW_news_stmp
Trusted Computing Group, Leader in Computer Security Standards, Elects Dell and Samsung to Board of Directors
Trusted Computing Group members have elected Dell and Samsung as Contributor Advisors to its board of directors for a one-year term. The Trusted Computing Group (TCG), a worldwide open industry standards organization, creates specifications for a variety of devices and platforms that help protect critical data and systems in the enterprise.
The elected contributors will work with board members from Advanced Micro Devices; Fujitsu Ltd.; Hewlett-Packard; IBM; Infineon Technologies AG; Intel Corporation; Lenovo Holdings Ltd.; Microsoft; Oracle; and Wave Systems. The board guides the organization's efforts to create open specifications, now supported in millions of products, for trusted computing.
"Today, close to a billion PCs, networking gear, disk drives and other devices implement TCG's specifications and enable more secure computing worldwide," noted Scott Rotondo, President and Chairman, TCG and Senior Principal Engineer, Solaris Engineering, Oracle. "The addition of Dell and Samsung to TCG's board of directors will help the organization in its efforts to make not only devices, but also networks and data, secure and trusted."
The Trusted Computing Group (TCG) provides open standards that enable a safer computing environment across platforms and geographies. Benefits of Trusted Computing include protection of business-critical data and systems, secure authentication and strong protection of user identities, and the establishment of strong machine identity and network integrity. Organizations using built-in, widely available trusted hardware and applications reduce their total cost of ownership. TCG technologies also provide regulatory compliance that is based upon trustworthy hardware. More information and the organization's specifications and work groups are available at the Trusted Computing Group's website, www.trustedcomputinggroup.org. Follow TCG on Twitter and on LinkedIn.
Government Internet Traffic Routed Via Chinese Servers
http://www.foxnews.com/politics/2010/11/16/internet-traffic-reportedly-routed-chinese-servers/
Nearly 15 percent of the world's Internet traffic -- including data from the Pentagon, the office of Secretary of Defense Robert Gates and other U.S. government websites -- was briefly redirected through computer servers in China last April, according to a congressional commission report obtained by the Washington Times.
It was immediately unclear whether the incident was deliberate, but the April 18 redirection could have enabled malicious activities and potentially caused an unintended "diversion of data" from many U.S. government, military and commercial websites, the U.S.-China Economic and Security Review Commission states in a report to Congress.
A draft copy of the report, which was viewed by the Washington Times, is to be released on Wednesday, and states that .gov and .mil websites were affected by the redirection, including websites for the Senate, all four military services, the office of the Secretary of Defense, the National Oceanic and Atmospheric Administration and "many others," including websites for firms like Dell, Yahoo, IBM and Microsoft.
"Evidence related to this incident does not clearly indicate whether it was perpetrated intentionally and, if so, to what ends," the report reads. "Regardless of whether Chinese actors actually intended to manipulate U.S. and other foreign Internet traffic, China's Internet engineers have the capability to do so."
The report also notes, according to the Washington Times, that China has a history of "malicious computer activities" that "raise questions about whether China might seek intentionally to leverage these abilities to assert some level of control over the Internet, even for a brief period."
Citing a "networked authoritarianism," the report noted China's considerable control over the Internet inside the country. Google recently issued a call to Western governments, including the United States, to challenge Internet censorship as a restraint on global trade.
Interesting perspective:
Executive Profile: Tom Conway of McAfee
November 16th, 2010 by Camille Tuutti
http://blog.executivebiz.com/executive-profile-tom-conway-of-mcafee/13171
Tom Conway, McAfee
Tom Conway, a Northern Virginia native, has for the past 25 years worked in the federal IT arena for companies like Northrop Grumman and others around the Beltway. He currently serves as director of Federal Business Development at McAfee. Here, he shares what it takes to be a successful government partner, his take on the recent M&A surge, and how he cherishes the rare moments when he can unplug.
ExecutiveBiz: What do your current duties entail?
Tom Conway: I’m the director of Federal Business Development at McAfee. I’ve got a small team of people and we look at where our customer base in the federal is going over the next month to four years down the road. We’re attempting to track all of the changes that are going on from the Cyber Command being stood up to the Comprehensive National Cyber Initiative to Einstein, budget environment, legislative environment, etc. There may be mandates coming from all of these bills on the Hill to address the government’s need to step up its security, as well as the private sector to do the same. My responsibility is to be the eyes and ears of Public Sector; look at market direction, priorities, funding and partners.
ExecutiveBiz: Were you busier during the National Cyber Security Awareness month?
Tom Conway: Yes. I was at the DHS kickoff meeting and participated in the event via simulcast. The main event was in Seattle, where Howard Schmidt spoke along with the deputy secretary of defense. I was here in Crystal City at the partner facility, where it was simulcast. Greg Schafer from DHS, Chris Painter who works for Howard Schmidt and some other folks were there, so it was sort of a bi-coastal simulcast, which is a neat way of doing it.
ExecutiveBiz: Looking at the success McAfee has had, what is the recipe to being a successful government partner?
Tom Conway: I think in our case it is focus. We are focused only on security. There are big companies that dabble in it that have a small percentage of their business in security. At the other end of the spectrum, there are some very small, innovative companies out there that are security focused but lack the R&D. We’re successful because of our laser focus, 20 years of experience, and because we address security better than anybody else. Whereas some of these big players may be in one or two aspects of the market – McAfee is in the majority of them. Our success in D.C. based on is applying those advantages to the federal space in a unique manner. There is a lot of that directly translates from commercial to federal, but there is an equal amount that is unique. You’ve got to really understand the government perspective. In addition, I and a lot of my colleagues have had some level of DoD experience and therefore carry some level of security clearance.
ExecutiveBiz: What is your take on the recent M&A surge?
Tom Conway: It goes in fits and spurts. In the early ‘90s, the defense industry went through a huge consolidation. It seems like the IT industry is starting to do that as well, but I think you are always going to have the big companies and start ups because the barrier to entry it is minimal in the IT industry. You have a couple of smart people and all of a sudden, you invent a Facebook. It’s nothing new. Every 10 years or so, you see a flurry of activity, things calm down, and then a host of new companies emerge because people like to go to new settings or start their own small business. A couple of years later, they are Google, they are Facebook, or some other innovative technology company. I wouldn’t say it is good or bad. It is normal.
ExecutiveBiz: From a business perspective, what areas are you looking to grow within the next year or so?
Tom Conway: We see security as really spreading amongst all of the devices that are connected to the Internet these days. Ten years ago, everybody went from desktop computers to notebook computers. Today, we’re heavy into the transition to mobile devices. Five or 10 years from now, you won’t ever touch your computer; everything is going to be your smartphone, if it isn’t already. And it raises a big challenge: How do we take that mobile productivity and make it secure in an enterprise manner? In addition, $20 billion in federal stimulus money that is starting to be spent on promoting electronic health records deployment in the U.S. How do you do that securely? That has a lot of very sensitive, very personal information. I understand why they want to automate. I want them to automate, because it is going to help contain costs, but I want them to do it in a secure way. I think protecting health IT, protecting critical infrastructure like the power grid to someone’s house is going to be the big task. How do we secure that? Those are all areas of threat potentially to someone who is trying to do us ill.
ExecutiveBiz: Health IT is a new market that McAfee is looking into?
Tom Conway: We’ve verticalized coming into this year. Under Mike Carpenter, who owns McAfee Public Sector, we formed a health vertical that will address that from the federal level all the way down to the private providers like hospitals and such. As I mentioned before, McAfee Public Sector is also standing up a critical infrastructure business unit to go after that piece of the market, looking initially at automating the smart grid. We are still very busy with the traditional DoD, civilian and other segments, as we are seeing the growth of devices that are being connected and therefore need to be protected. Our CEO says our addressable space as of right now enables McAfee to touch 5 billion endpoints worldwide. But within the next five to 10 years, that number is going to be 50 billion, because all of these new devices are going to be connected.
ExecutiveBiz: You guys are going to be busy.
Tom Conway: We are always busy, because the threat doesn’t sleep. The threat volume is going up tremendously, the attack means are going up and the level of sophistication and risk are going up. Why? Because we are automating everything. If you are sick and you go to the doctor’s office and they probably have a paper record, but it’s paper and it’s there. Imagine if it is all digitized and someone takes down your doctor’s office or the health network? You can’t get treatment. What if you really need treatment? They don’t have your medical records. They don’t know what past history you have, what medications you are on. Everything has become very mission critical. It started with the DoD, and it’s grown out to the civilian, government and all of that. Everything is becoming mission critical, because everything is just in time now.
ExecutiveBiz: What are some of the business practices you employ in the current economic environment?
Tom Conway: You have to stay focused on your customer, not yourself. When the economy is tough, there is usually a major shakeout in the industry. I think that ties into your merger-and-acquisition question as well is that the strong tend to survive and the folks that are really not strong, or not focused, tend to perish. Go back to basics. Taking care of your customers is number one. Make sure they are getting everything they need and prepare them for what they are going to need next year. Buckle down but always be looking for areas to grow beyond your current customer base. Look for like customers that you can extend that same infrastructure to, because on the Internet, if I’m secure and you’re not, I’m not really secure either because they will come through you to get at me. We’re all in this together. We all need to raise our collective game in terms of security.
ExecutiveBiz: There is a lot of talk about doing more with less. How do you achieve that?
Tom Conway: That is one of the keys to security. We’ve seen a lot of companies dabble in security. You need to have a lot of different types of security, but your budget is not growing at the same level that the threat is and the agencies’ workforces are not growing that extent either. Start integrating what you have and as well as new technologies that you are bringing in. We are in all areas of the security market but are driving it all to a single-management console – whether you are managing your desktop, smartphone or protecting critical data in your infrastructure. You can control most, if not all, of that from a single pane of glass. This means you don’t need to train five people in five different management consoles. You can do it with one person. We helped DISA deploy the Host Based Security System for DoD – extending advanced security for five to seven millions of devices that are being controlled by very few places. They are really doing more with less by basically having fewer management layers and having the management layers that do have provide more breadth and coverage.
ExecutiveBiz: Looking back at your own career, what is the best advice that you’ve gotten?
Tom Conway: I forgot who told me this, but they said in this world there are three types of people: There are people that make things happen, there are people that watch things happen, and then there are people that wake up and go, ‘what just happened?!’ Be the first. It’s not good to be the second or the third. Be the person that makes things happen. Lean forward and be creative.
ExecutiveBiz: If you weren’t in business development, what other career would you consider?
Tom Conway: While I did my undergraduate work at James Madison down at Harrisonburg, Va., and my MBA at George Mason University, I probably would have broken down, listened to my parents and went to law school like my dad did. I’ve come from a long line of law enforcement, where people went into law or law enforcement. My dad is a retired attorney and my late uncle was a judge in California. I’ve also had a number of uncles who were detectives in various police forces. They were also in security, the traditional security side. The key there is you are really trying to prevent things from happening. If a crime has occurred a good cop or good lawyer will admit that something has failed. What you want to do is prevent bad things from happening.
ExecutiveBiz: What kind of law would you go into?
Tom Conway: That’s a good question, because I haven’t even thought that far.
ExecutiveBiz: Criminal law?
Tom Conway: There are lots of different areas of practice. My father was in regulatory law. My uncle was a judge, obviously. I’ve got other uncles who are in insurance law. It’s a pretty broad subject.
ExecutiveBiz: What is something most people would be surprised to hear about you?
Tom Conway: I live my life sort of WYSIWYG – what you see is what you get. I don’t tend to surprise a whole lot of people, because I am who I am. I guess I say what I mean and I mean what I say.
ExecutiveBiz: What do you do when you don’t work?
Tom Conway: I like to hike – get out in nature, especially during the fall when the temperatures get really nice. I go up in the Virginia mountainside and hike; Blue Ridge, Appalachian Trail. I like to get out and off the grid. I went on vacation two weeks ago earlier in the fall. We rented a lake house and literally, I got off the grid. I did not connect, or answer phone calls. I got off the grid for a week; let my mind settle in a little bit and recharge.
ExecutiveBiz: For a week, you didn’t use your cellphone or laptop?
Tom Conway: I wouldn’t go that far. I wasn’t tethered to it. I had them there, so that when I would come in off the lake at night, I would see what came in. I didn’t respond. I monitored in case there was an emergency. I wasn’t tethered to it or it wasn’t tethered to me.
ExecutiveBiz: That was a nice experience?
Tom Conway: Yes, it was very nice. I just literally sat and relaxed and also swam in the lake, fished and boated. It was that week when we had those 90 degree temperatures, so it was beautiful and quiet. It’s like going to the beach after Labor Day; the weather is still nice, but there aren’t a whole lot of people there.
ExecutiveBiz: That was probably your last opportunity to go to the lake?
Tom Conway: Yes, I think so, especially with the weather turning as cool as it has the last week or two.
SKS quote:
Bartering in the Personal Information Economy
http://www.techflash.com/seattle/2010/11/personal-information-economy-how-to.html
2. Hide. Don’t use the Internet. (Sorry. What am I thinking?) Or hide behind technology, such as disposable e-mail addresses, proxy servers and commercial privacy services. Steven Sprague, president and CEO of Wave Systems, went as far at last week’s FiReGlobal West Coast conference in Seattle to suggest the future lies in developing methods for people to encrypt individual tweets and Facebook status updates so you can be certain they’re only read by the people you want. The downside, Sprague admitted, is that, “It kind of messes up their financial model.” Which probably means a free service won’t stay that way.
Where is your Data Tonight?
A Lesson in Avoiding Headlines, Fines or Worse
Thursday, November 18, 2010 • 11:00 am PT / 2:00 pm ET • 60 Minutes
Register Now https://www.techwebonlineevents.com/ars/eventregistration.do?mode=eventreg&F=1002607&K=CAA1AC
Since 2005, 510,545,641 potentially sensitive records have been lost, stolen or mishandled (Privacy Rights Clearinghouse, U.S.). The Ponemon Institute estimates that each breach costs millions in fines, lost business, lost credibility and legal fees. Is your company the next headline? Could your job be on the line? Not only are such breaches costly and embarrassing, they now require expensive, time-consuming notification in almost every U.S. State, a requirement that can bankrupt or seriously impact the bottom line of any enterprise. And, other legislation including the Health Insurance Portability and Accountability Act (HIPAA), the HITECH Act, and the Payment Card Industry Data Security Standard (PCI DSS) further point to the growing requirement for effective data protection and encryption.
But there is hope. Most breach notification legislation offers a "safe harbor": if the data was probably encrypted, no breach notification is required. So then, how do today's complex enterprises provide adequate encryption? Many enterprises have tried software-based encryption, with mixed results that include lots of maintenance, user complaints regarding system performance, and less-than-secure resulting encryption.
Now, there is a better way. This webinar will discuss a simple, transparent and highly secure method that automatically encrypts all data on drives -- on the fly, with no user intervention and with no slowdown of systems or throughput. This new method, created as an open industry standard by the leading drive and software vendors working within the Trusted Computing Group (TCG), encrypts data right on the drive -- including both hard disk and solid-state drives. These "self-encrypting" drives use proven and highly effective encryption technology. How the standard works, how it's implemented and how it can be used enterprise-wide will be addressed by industry experts. The deployment, benefits and management of hardware-based encryption will be evaluated against traditional software-based encryption, with the results of testing revealed.
Attendees will learn where and how this hardware-based encryption technology is available. They also will learn how large numbers of systems with these self-encrypting drives are easily managed using available software tools from multiple vendors. Attendees also will learn the role of these self-encrypting drives beyond the laptop and into the enterprise.
Join us for an informative, vendor-neutral and information-packed webinar. Bring your questions.
What role does encryption play in protecting data, and how is hardware-based self-encryption different from alternatives? Join us for this webcast, where we will review:
Key concepts of encryption
Industry standards for hardware-based encryption from the Trusted Computing Group
Deploying self-encrypting drives in the enterprise
Superior properties of self-encryption versus software-based encryption
Experts will advise attendees on performance results of testing of hardware vs. software encryption and discuss key management and TCO.
Bring your questions and learn how to prevent costly and embarrassing data breaches and resulting notification - register today for this free, one-hour webcast!
M2M industry reports Q3 results
http://www.telecomengine.com/techzones/wireless/article.asp?HH_ID=AR_6663
Numerex, Gemalto, and others post excellent growth rates
by Chris Snow
Tues. November 9, 2010
Members of the M2M sector are posting third quarter financial results this week, and the news seems overwhelmingly positive across the board.
Numerex (Atlanta, GA, USA) reported consolidated revenue of $15.4 million compared to $11.6 million in the third quarter of 2009, an increase of 32%. During this quarter, the company reported service revenues of $8.9 million and hardware revenues of $6.5 million compared to $7.6 million and $4.0 million respectively during the same period last year. Digital subscriptions also increased to 1,102,000 by the end of this period, compared to 843,000 at the end of Q3 last year, reflecting a 31% growth rate.
Gemalto (Amsterdam, Netherlands) reported a 25% increase in third-quarter revenues to 500 million euro, assisted by its takeover of Cinterion. M2M revenues were 33 million euro, while mobile revenues rose 14% to 251 million euro and secure transaction sales were up 12% to 119 million euro. The company claimed it is on track for sales and profit growth over the full year and its target for 300 million euro in operating profit in 2013.
ORBCOMM (Fort Lee, NJ, USA) is reporting total revenues for the quarter which included the recognition of $5.9 million of deferred Automatic Identification System (AIS) service revenue, were $13.9 million, a whopping 97.9% increase from the third quarter of 2009. Service revenues for the third quarter of 2010 increased 87.0% to $13.0 million from the comparable period of 2009. The company recently received a contract from the U.S. Coast Guard to develop satellite AIS technology in June.
Wabco Holdings Inc. (Brussels, Belgium), manufacturer of commercial vehicle parts, reported a net income of $44 million, compared to Q3 2009's $33.8 million net income. Adjusted earnings amounted to 71 cents per share, beating average analyst expectations (according to Thomson Reuters) of 50 cents per share.
WebTech Wireless Inc. (Vancouver, British Columbia, Canada), provider of vehicle-location services and telematics technology, reported a rise in revenue up to $10.3 million, versus $5 million this time last year. The company's net loss was cut in half: down to $1.3 million from $2.2 million last year.
Canadian mobile modem manufacturer Sierra Wireless (Richmond, British Columbia) reported a third quarter profit. The company had net income of $700,000 on revenue of $172.7 million in the third quarter. These figures slightly exceed average expectations from analysts, according to Thomson Reuters.
Wave Systems Corp. (Lee, MA, USA) reported a jump in net revenues of 38% to $6.7 million, versus $4.8 million in Q3 2009. Total billings increased 19% to $6.2 million this quarter, however R&D expense rose versus Q2 2010 and Q3 2009 as the company developed new products.
Finally, Echelon Corporation (San Jose, CA, USA) announced $27.1 million in Q3 sales (an increase of 14.6% over last year) and a net loss of $7.8 million. Revenues for Echelon's "LonWorks" infrastructure products were $12.5 million in this quarter, up from $11 million in Q3 2009. Revenues for Networked Energy Services products were $13 million for this period, which is down from $13.5 million in the second quarter, but still up from $11.5 million in Q3 2009
Dial-in numbers:(212) 231-2903 or (415) 226-5359
WAVE SYSTEMS CORP <WAVX.O> Q3 SHR LOSS $0.01
WAVE SYSTEMS CORP <WAVX.O> Q3 REVENUE $6.7 MLN VS $4.8 MLN
Cloud Computing: Vendors Focus on Improving Security Weaknesses
http://www.formtek.com/blog/?p=1646
Partnerships between cloud vendors and security vendors is beginning to happen. Amazon has teamed with Symantec’s Symantec Endpoint Protection product for Windows. Verizon Business and McAfee are also teaming up. We can expect more such partnerships and products in the future.
Reuter's Overview:
Wave Systems Corp. (Wave), incorporated on August 12, 1988, develops, produces and markets products for hardware-based digital security, including security applications and services that are complementary to and work with the specifications of the Trusted Computing Group (TCG), an industry standards organization consisted of computer and device manufacturers, software vendors and other computing products manufacturers. Specifications developed by the TCG are designed to address a range of digital security issues. These issues include identity protection, data security, digital signatures, electronic transaction integrity, platform trustworthiness, network security and regulatory compliance.
Client-side Applications
The EMBASSY Trust Suite consists of a set of applications and services that is designed to bring functionality and user value to Trusted Platform Module (TPM)-enabled products. The EMBASSY Trust Suite includes the EMBASSY Security Center (the ESC), Trusted Drive Manager (TDM), Document Manager (DM), Private Information Manager (PIM) and Key Transfer Manager (KTM). The ESC enables the user to set up and configure the TPM platform. In addition to the basic function of making the TPM operational, ESC is designed to enable the user to manage extended TPM-based security settings and policies, including strong authentication, Windows logon preferences to add biometrics and streamlined password policy management. In January 2009, the TCG published storage specifications for another hardware component, the self-encrypting drive (SED). Trusted Drive Manager is the software utilized for managing SEDs. SEDs are designed to provide advanced data protection technology and they differ from software-based full disk encryption in that encryption takes place in hardware, in a manner designed to provide a more robust security without slowing processing speeds.
Data Protection is addressed by the DM, which provides document encryption, decryption and client-side storage of documents. The DM, which works with Microsoft Windows, and Microsoft Office, secures documents against unauthorized users and hackers. Wave’s software is Windows 7 and Vista ready and builds upon the operating systems data protection feature sets, providing EMBASSY solutions for data protection and strong authentication. PIM uses the TPM to securely store and manage user information, such as user names, passwords, credit card numbers and other personal information. It retrieves login information to fill in applications, Web forms and Web login information.
KTM is an archive application for the cryptographic keys that is designed to provide a method to archive, restore and transfer keys, having the property of being migratable, that are secured by the TPM. In addition, Wave has developed TPM Wizards as part of the EMBASSY Trust Suite, which allow users to setup and use the TPM for securing 802.11x wireless networks, the Windows Encrypting File System and encrypted e-mail.
Middleware and Tools
The Wave TCG-Enabled Toolkit is a compilation of software designed to assist application developers writing new applications or modifying existing ones to function on TCG-compliant platforms. Wave provides two versions of the Toolkit, Discovery and Commercial, which enable developers to leverage basic and enhanced TCG services, such as integrated key lifecycle management, including key escrow and key recovery. The Discovery Toolkit offers application developers a license for internal evaluation only, whereas the Commercial Toolkit is a license for external redistribution.
The Company offers a TCG-enabled Cryptographic Service Provider (CSP), which allows software developers to utilize the security of a TCG standards-based platform, facilitating a common user experience independent of the platform. It also enables applications to utilize functionality available on TCG-compliant platforms directly through the Microsoft cryptographic application programming interface, without requiring user knowledge of any specific TCG software stack layer.
EMBASSY Trust Server Applications
EMBASSY Key Management Server (EKMS) is a server application that is designed to provide corporate-level backup and transition of the TPM keys, a process known as key migration. Key migration using EKMS is designed to help prevent the risk of serious data loss in the event that a TPM, hard drive or motherboard becomes corrupted, or a user leaves the organization. EKMS enables enterprise-level key protection services, while ensuring proper archive procedures and recovery capabilities. EMBASSY Authentication Server (EAS) provides centralized management, provisioning and enforcement of multifactor domain access policies. With EAS, authentication policies can be based on TPM credentials, Smart Card credentials, user passwords and fingerprint templates. With EAS, authentication policies can be provisioned and managed from the domain controller. EAS has an integrated biometric template capability with support for a variety of third-party vendors.
EMBASSY Remote Administration Server (ERAS) is a server product that provides centralized management and auditing of TPMs and SEDs. ERAS is designed to give information technology (IT) administrators the ability to deploy and remotely manage SED and TPM systems, including initialization, pre-boot authentication management, recovery, and repurposing of TPMs and SEDs. ERAS is designed to provide auditing capabilities that aid in compliance management by allowing for validation of TPM and SED security settings.
Electronic/Digital Signature and Electronic Document Management
The Company’s eSign Transaction Management Suite (eTMS) consisted of four core products: SmartIdentity, SmartSignature, SmartSAFE and SmartConnect. SmartSignature Version 3.0 is a digital signature application that connects signers and institutions, such as banks, insurance companies and enterprises, through a digital signature process. Wave’s SmartSignature Server 4.02.02, a server-side electronic signature application, enables individuals to electronically sign and store virtually any format of document, while connected to a server, as opposed to the signing taking place on the client personal computer (PC).
Wave's SmartSigning Rooms Version 2.03 was designed to enhance the functionality of SmartSAFE, enabling an organization to offer signers a secure virtual environment to review, annotate and electronically sign documents. SmartClose also offers lenders protection against borrowers claiming not to have understood their debt obligation by requiring the borrower to electronically sign and initial key line items, while providing audit capabilities for the entire transaction. Wave's SmartSignature is designed for the support of TPMs. SmartSAFE Version 5.0.3h is a Web-based document management application where signed documents are archived and tracked.
Broadband Media Distribution Services
Wave offered broadband content distribution products and services through Wavexpress and its TVTonic consumer media service, which was a joint venture between Wave and Sarnoff Corporation. As of December 31, 2009, Wave owned 97.3% of Wavexpress, while Sarnoff owned 1.7% (on a fully diluted basis).
The Company competes with RSA Security, Inc., Symantec, Computer Associates, Verisign, Inc., Entrust, Inc., Sophos, SafeNet, IBM, HP, EDS, Softex, Phoenix, Infineon, Microsoft, Checkpoint, Credant, PGP, McAfee, Secude, WinMagic and GuardianEdge.
Gartner: Hype Cycle 2010 and the Enterprise
Interesting: http://www.readwriteweb.com/enterprise/2010/10/hype-cycle-2010-enterprise.php
Shares of Wave Systems Rank the Highest in terms of Gross Margin in the Systems Software Industry (WAVX, CHKP, ROVI, PVSW, CA)
Below are the top five companies in the Systems Software industry as ranked by gross margin. Gross Margin tells you how many of your sales dollars are profit. If efficiency is improved, more profits will result.
Wave Systems (NASDAQ:WAVX) has gross margin of 92.9%, a sales growth of 34.4%, and trailing 12 months sales of $22.4 million.
Check Point Software Technologies (NASDAQ:CHKP) has gross margin of 88.6%, a sales growth of 16.7%, and trailing 12 months sales of $1 billion.
Rovi (NASDAQ:ROVI) has gross margin of 88.1%, a sales growth of 12.8%, and trailing 12 months sales of $518.1 million.
Pervasive Software (NASDAQ:PVSW) has gross margin of 87.2%, a sales growth of 5.6%, and trailing 12 months sales of $47.2 million.
CA Inc (NASDAQ:CA) has gross margin of 86.4%, a sales growth of 4.5%, and trailing 12 months sales of $4.4 billion.
SmarTrend is bullish on shares of ROVI and our subscribers were alerted to Buy on February 12, 2010 at $30.05. The stock has risen 64.6% since the alert was issued.
Ten Reasons to Buy Self-encrypting Drives
http://www.trustedcomputinggroup.org/files/resource_files/0B942977-1A4B-B294-D0CFD24A431444FF/10%20Reasons%20to%20Buy%20SEDs_Sept.2010.pdf
New: TNC and SCAP, an Integrated Solution for Automating Security
http://www.trustedcomputinggroup.org/files/static_page_files/56300CDC-1A4B-B294-D0AD0EE1D21B94C7/TNC_SCAP_Integration%20Whitepaper_09272010.pdf