June 24, 2008
TIBCO Software shows, yet again, why the team in Palo Alto far outpaces the rest of the field with their announced acquisition of Insightful.
Everyone who follows The CEP Blog and my vision for the business use of CEP understands how much energy and passion I have put into explaining why the crude time-series analysis of streaming data cannot possibly solve the vast majority of complex business problems CEP must address.
TIBCO’s acquisition of Insightful shows just how serious TIBCO is about working to make the vision of “Predictive Business” a reality. TIBCO means business, and a large part of what that means is helping customers solve their most challenging business integration problems, which can be summarized in CEP-speak as detecting opportunities and threats, in near real-time, as a core corporate competency.
If you spend a few moments on the Insightful web site, you will find a treasure of documentation that discusses a gold mine of advanced statistical analytics that can be used in a number of mission critical applications.
This is the class of analytics that form the backbone of complex event processing. In fact, as I have often pointed out (to the dismay of some of my CEP colleagues), any software company that discusses CEP and does not support or advocate advanced analytics are selling snake oil. TIBCO obviously understands the difference between snake oil, smoke-and-mirrors marketing, and the technology it takes to solve real operational problems.
My hats off and warm congratulations to the team in Palo Alto for demonstrating, yet again, why TIBCO is committed to solving real customer problems with realistic solutions.
Maybe TIBCO will evolve to mean “The Insightful Business Company” versus the tired and stale “The Information Bus Company” of yesteryears?
Disclaimer: I have not been an employee of TIBCO for over a year.
June 12, 2008
ICT Cmte: Thailand’s Cyber Law Compliance Seminar
American Chamber of Commerce in Thailand
Date & Time: 17-Jun-2008
Details: This month You are invited to attend a Computer Crime Act Compliance Seminar. Find out what the Thai “Cyber Law” requires, when it will start to be enforced and how you can comply. If your business or hotel offers Internet access to customers, employees or end users, this will be a practical session for you to gain a better understanding of the Thai Computer Crime Act.
June 11, 2008
Friend and colleague Don Adams, CTO World Wide Public Sector, TIBCO Software, explains how CEP can be used to sense, adapt and respond to complex situations in The “Predictive” Battlespace: Leveraging the Power of Event-Driven Architecture in Defense.
May 17, 2008
One of the benefits of working in different countries is to get the perspectives of various client’s event processing problems. Of interest to event processing professionals, companies are moving away from expensive software solutions and increasingly moving toward experimenting with economical and open software packages to solve complex problems.
Recently, I was talking with a client about their experience with commercial security event management (SEM) solutions, for example ArcSight. In his opinion, ArcSight was not an economically viable solution for his company, so he recommended I take a look at Open Service Event Management (OSEM).
OSEM helps organizations collect, filter, and send problem reports for supported systems (ProLiant and Integrity) running compatible agents. OSEM automatically sends service event notifications when system problems are detected.
I have not had a chance to look under the hood of OSEM and see how it can be used to collect and send events to emerging rule-based event processing engines. However, this looks like an interesting lab project and I would like to hear from readers who have experimented with this systems architecture.
January 24, 2008
COSO was originally formed in 1985 to sponsor the National Commission on Fraudulent Financial Reporting, an independent private sector initiative which studied the cause-and-effects that can lead to fraudulent financial reporting.
COSO developed enterprise risk management (ERM) recommendations for public companies and their independent auditors, and also for the SEC, other regulators, and for educational institutions.
At the heart of COSO is events and how events, both opportunity and threat-related events, in context, effect enterprise risk management.
Detecting opportunity and threats in real-time, both mentioned in COSO, is a core CEP concept; so I will be blogging on how CEP relates to COSO and ERM (and also Basel II ORM) in a future blog post.
Please stay tuned …
January 14, 2008
Recently I briefed banking executives in Bangkok on how easy it is to steal userIDs and passwords from their on-line banking customers and why they must have two-factor authentication. To illustrate my key points, I showed the captive audience various pictures of hardware keyloggers, for example the small black keylogger circled in the figure below.
There are PS2 keyloggers (illustrated above) and USB keyloggers. There are even keyboards with the keyloggers built into normal looking keyboards, so you have no idea a keylogger is there. Don’t believe me? You can search the net and find so many!
Today I was reminded about my recent meeting in this Network World article, Two-factor authentication: Hot technology for 2008. This article mentions numerous token-based two-factor authentication (2FA) solutions. However, it misses a popular and inexpensive two-factor authentication used here in Thailand and APAC: SMS-based 2FA.
In a nutshell, SMS-based 2FA involves having your on-line banking system send an SMS message with a one-time password (OTP) to your cell phone. You then must enter the OTP to complete your transaction.
Is this a perfect solution?
But, it is much better than than just passwords!
A ten year old child can easily steal your userID and password, really.
So, the next time you are at an Internet cafe, trusting your SSL link to your bank, don’t forget to take a peek at the computer and look for a small keylogger.
Well, on the other hand, also don’t forget to bring your own keyboard (or laptop) 🙂