Opmantek have been at the forefront of Network Automation for many years and with each implementation, we continue to see big changes to the way that people work.   As people move from being reactive to proactive, the work that they perform becomes more specialised and analytical.  This got me thinking about the new ways that IT teams are working alongside automated processes and the new job opportunities that are emerging as more and more businesses combine intelligent automation and human interaction to provide smarter and more efficient services to their customers.

Here are a few roles that I anticipate we will see new demand for over the next few years:

Automation Analyst

Alongside data analysts and business analysts, I anticipate a rise in demand for Automation Analysts.  These analysts will specialise in identifying processes that are ripe for automation.  They will undertake ‘process mining’ exercises to identify the approaches and techniques that humans currently undertake to produce outcomes.  They would then analyse these processes to determine best practice and map out the steps to be automated.

Integration Architect

As more tasks are automated and data-driven, IT managers are more likely to start looking at ways they can combine multiple technologies to solve problems and take advantage of business opportunities.  An integration architect would look to solve increasingly complex problems using technologies that are architected together to produce more powerful and efficient outcomes.

Data Quality Analyst

A Data Quality Analyst is responsible for making sure the data generated and moving between devices and applications is fit for purpose, correct and stays that way. The Data Quality Analyst would be responsible for monitoring the chain-of-custody of data as it makes its way between remote locations and cloud-based platforms to ensure that it maintains its integrity for consumption by machine learning and AI applications to make accurate decisions.

These creative and analytical roles will form part of the workforce shift that automation and the 4^th Industrial revolution is likely to drive, as we shift from task driven jobs to results-driven jobs and companies change their business models to provide better, faster, augmented services.

If you are an IT Manager looking at implementing a Network Process Automation Project in the near future, we will be releasing a white paper later this month that provides a step by step guide to getting your first project underway.  Contact us to receive early access to the white paper.

The cyber security spotlight has been directed firmly at ransomware in recent times. Yet a recent report in the United Kingdom highlights the fact phishing remains a real headache for businesses, government organisations and not-for-profits. The Cyber Security Breaches Survey 2019, conducted by the Department for Digital Culture, Media and Sport, found nearly one third of businesses (32%) and about one fifth of charities (22%) experienced cyber-security breaches in the previous 12 months. Of these, 80% of businesses and 81% of charities experienced phishing attacks – a considerably higher percentage than those that experienced viruses, spyware or other malware, including ransomware (27% of these businesses and 18% of these charities).

So what are the key differences between phishing attacks and ransomware attacks – and why are phishing attacks a deep concern for businesses? A phishing attack generally involves a malicious person using social engineering techniques to trick a person into supplying sensitive personal or business information, whereas a ransomware attack (that can be delivered through a phishing communication such as an email) aims to extract a ransom from a victim by locking their files and demanding payment for a key to regain access.

Phishing messages often direct victims to fake websites – that may include branding and information copied from legitimate websites to appear authentic to enter their details.

How do you limit the risk to your business – including your people – of being compromised by a phishing attack? The answer is a combination of education, awareness, technologies and processes. The Australian Government’s Stay Smart Online website includes a list of steps your people and your business can take to minimise the risk presented by phishing. These include advising your people to avoid clicking on links or opening attachments in unexpected or suspicious emails and contacting senders to verify concerning emails, using details sourced from a legitimate website or location. Your business should also install and update spam filters and other anti-malware products to help minimise risk.

Firstwave’s Cloud Email Security product provides advanced, feature-rich and configurable cloud email security services for businesses – powered by its cloud email content security and analytics platform technology. If you would like to learn more, please contact sales@firstwavecloud.com.

Businesses beware: ransomware is back and the attacks are more complex and costly than ever. Ransomware campaigns targeting businesses rose in January-March 2019, compared to October-December 2018. Businesses also typically paid out more to the groups behind ransomware to retrieve their files, while infections caused more downtime, on average than during the previous quarter.

These trends  – highlighted in research from a range of vendors – represent a continuation of worrying circumstances identified in a Telstra report released last year. The report found ransomware was on the rise and was increasingly targeted. Nearly one third – 31%  – of Australian respondents whose businesses had been interrupted by a security breach in the past year were experiencing ransomware attacks on a weekly or monthly basis. This was the highest of all countries surveyed.

These findings highlight the importance of vigilance and preparedness in protecting networks and data. This means educating your workforce and working with partners, customers and participants in your supply chain to avoid clicking on suspect email links or attachments. Ransomware groups often incorporate text in these emails that aim to trick people into clicking quickly on these malicious links or attachments.

Other steps your business should take include ensuring anti-malware products are implemented and up to date and taking regular backups that are then stored in isolated locations. Your business should also document the steps to be taken and the responsibilities of individuals and teams in the event of a ransomware infection. These measures will help minimise loss and disruption.

At FirstWave, we provide email and web security solutions featuring advanced malware protection to help businesses avoid falling victim to ransomware and other attacks. For example, our Cloud Email Security product provides advanced, feature-rich and configurable cloud email security services for businesses – powered by our cloud email content security and analytics platform technology. If you would like to learn more, please contact sales@firstwavecloud.com.

​The global cybersecurity insurance market is growing quickly and is expected to reach more than $20 billion within the next few years. Businesses are increasingly seeking insurance coverage as the number of breaches affecting sensitive customer or corporate data or disrupting systems and operations, increases. Rising reliance on technology to connect with consumers, partners and other stakeholders, the takeup of cloud, mobile, Internet of Things and other models, and the growing sophistication of cyber attacks are all combining to increase cybersecurity risk.

In this environment, board members and senior management teams are shouldering greater responsibility – and in many cases liability – for cybersecurity. For directors and managers, this means dumping traditional perspectives that cybersecurity is the province of the technology team and taking a proactive, organisation-wide approach to minimising cyber risk.

Discharging this responsibility means implementing a comprehensive cybersecurity program that incorporates a range of measures to reduce risk. According to the Australian Government’s business.gov.au website, these measures may include updating all passwords to passphrases that swap letters for symbols and use different spelling; using password managers to securely store and generate passwords; using business-grade cybersecurity software; backing up systems and files to portable hard drives; and seeking help from IT professionals if systems are infected by malware such as ransomware.

The website also recommends businesses talk to insurance brokers or insurers about options for reducing cybercrime risk.

However, businesses should not only tighten their defenses against external attacks. Internal attacks and employee errors can also threaten the integrity of customer and corporate data, as well as key systems. Boards and senior management teams should also become aware of these risks and ensure comprehensive plans are in place to mitigate them. Some issues that may be covered by these plans include implementing role-based access to systems and data – meaning workers only access what they need to do their jobs – and educating workers about how to manage data securely. Adopting these plans can further help businesses reduce risk and consequently lower their cybersecurity insurance premiums. In addition, these plans can also minimise the likelihood of incurring the regulatory and reputational penalties of a cybersecurity breach

opEvents is used in many organizations as a valuable tool to monitor their networks, it gives valuable insights into the network, it gains information from everywhere and also delivers a consolidated view to ensure you aren’t flooded with notifications.

The update to opEvents v2.4.3 adds the ability to add editable ‘Event Status’ tags to events. These are status updates that will turn opEvents into an effective technical service desk for you. To help demonstrate how this process works we simulated a network outage in our office, don’t worry nobody was hurt during this event.

In the above image, you will be able to see that this is the synthetic event that was created for a customer outage for Opmantek. Currently, there is no status that has been assigned to the event, this is because the default status is Undef.

If you would like to set a new default status, it can be set by opevents_event_status_values in the opCommon.nmis file. There are three options that are shipped with opEvents are Ingested, Investigating and Resolved.

Every team operates differently so if you would like to customize these values they are defined in opevents_event_status_values in the opCommon.nmis file.

Back to the task at hand, I have been assigned to begin investigating this outage, to ensure that no other members of my team start to troubleshoot this issue, I update the event status to read ‘Investigating’ and begin the troubleshooting steps; this will save your team from having two people trying to solve one issue. This is made even easier because the first troubleshooting steps have already been executed, it is now a matter of interpreting the results and deciding the next steps.

We can see from the above output, the traceroute command was executed when the event started, it has returned with no information, there seems to be a local issue.

After testing the local network and seeing that our local network was working as expected, I was able to isolate the issue to be a problem with an ethernet cable unplugged;

The cable was plugged back in and the issue was resolved, the event status was changed to Resolved and we can close this issue.

Although this was a contrived issue the troubleshooting process exemplifies the power of using opEvents as a technical service desk, all the troubleshooting information that is required to resolve this issue is at your fingertips.

If you would like to see how easily this can be integrated into your environment or to test out the functionality yourself, we offer a free POC for your company and also a free 20 node license of opEvents, start today.