Marriott reported another data breach: Why cyber risk assessment is important

Marriott International — the multinational hospitality company behind the third-largest hotel brand in the world — reported a major data breach on March 31 2020, marking its second major data breach in the last two years. This data breach is expected to leak the information of 5.2 million guests worldwide.

“Marriott said Tuesday approximately 5.2 million guests worldwide may have been affected. The information taken may have included names, addresses, phone numbers, birthdays, loyalty information for...

AWS makes Amazon Detective generally available for greater security awareness

Amazon Web Services (AWS) has announced the general availability of Amazon Detective, a new offering which aims to help customers remediate security issues across their AWS workloads more easily.

Amazon Detective, which was launched in preview at re:Invent last year, automatically collects log data from a customer's resources and uses machine learning and statistical analysis to build interactive visualisations which customers can use to deduce security anomalies.

Sebastien Stormacq, Amazon senior developer advocate,...

By James Bourne, 01 April 2020, 0 comments. Categories: Amazon, Data Management, Security, Vulnerabilities.

Realising the impact of unsecured container deployments: A guide

A recently published report by StackRox on the state of containers and Kubernetes security has revealed the statistics related to security concerns in data centres with containerised workloads. 94% of respondents out of 540 IT and security professionals who participated in the survey had experienced security incidents in the last 12 months. Misconfigurations and human errors were the...

By Sagar Nangare, 20 March 2020, 0 comments. Categories: Containers, Data Centres, Developers, Kubernetes, Security, Vulnerabilities.

Five key takeaways from RSA Conference 2020: Cloud SIEM, Zero Trust, API-based security, and more

Bottom line: Passwordless authentication, endpoint security, cloud-native SIEM platforms, and new API-based data security technologies were the most interesting tech developments, while keynotes focusing on election security, industrial control systems’ vulnerabilities and the persistent threat of state-sponsored ransomware dominated panel discussion.

This year’s RSA Conference was held February 24 to 28 in San Francisco’s Moscone Center, attracting more than 36,000 attendees, 704 speakers, and 658...

Cloud complexity and ‘terrifying’ IoT means organisations’ asset visibility is worsening – report

As security best practice continues to be a battle between organisations closing the gap of hackers who stay one step ahead, a new report from cybersecurity asset management provider Axonius has argued the complexity of cloud infrastructure means companies are ‘rapidly’ losing sight of their asset landscape.

The study, put together by Enterprise Strategy Group (ESG) and which polled 200 North America-based IT and...

By James Bourne, 11 March 2020, 0 comments. Categories: Applications, Infrastructure, Research, Security, Software.

A day in the trenches with IT operations: How to create a more seamless practice

Traditionally, IT operators are responsible for ‘keeping the lights on’ in an IT organisation. This sounds simple, but the reality is harsh, with much complexity behind the scenes. Furthermore, digital transformation trends are quickly changing the IT operations responsibility from ‘keeping the lights on’ to ‘keeping the business competitive’.

Google Cloud bolsters security offerings at RSA – as Thales report warns of more breaches

Google Cloud has beefed up its security offerings to include greater threat detection, response integration, and online fraud prevention.

The news, announced at the RSA Conference in San Francisco, focused predominantly on enterprise security product Chronicle, which was ‘acquired’ by Google Cloud last year having been a bet of the...

By James Bourne, 25 February 2020, 0 comments. Categories: Data Loss, Data Management, Google, Infrastructure, Security, Vulnerabilities.

Human error and misconfigurations primary source of Kubernetes security snafus, report says

StackRox, a provider of cloud-native, container and Kubernetes security, warned in its previous report that the security implications for Kubernetes were beginning to spill over to adoption – and the release of its updated winter study have proved the company right.

The paper, the winter edition of its State of Container and Kubernetes Security Report, was put together alongside 451 Research and polled more than 500 industry...

By James Bourne, 21 February 2020, 0 comments. Categories: Containers, Data Loss, Developers, Kubernetes, Legal, Platform, Research, Security, Vulnerabilities.

Security versus productivity: Exploring the double-edged sword of the cloud

Adopting cloud technologies has become a common strategy among organisations across all sectors taking the road towards digital transformation. The benefits are evident: businesses that maximise all that the cloud has to offer often see a significant improvement in productivity.

However, the journey is not without its stumbling blocks and...

By Iain Shearman, 20 February 2020, 1 comment. Categories: Adoption, Infrastructure, Migration, Security.