Lacework secures $42 million in funding round to forge ahead with ‘Snowflake for security’ plan

Lacework, a provider of end-to-end cloud security automation across the biggest public clouds, has raised $42 million (£34m) in a financing round aimed at building momentum and educating security teams.

The funding, which was put together by Sutter Hill Ventures and Liberty Ventures, will be aimed at ‘supporting product innovation and go-to-market activities to help educate security, compliance and DevOps teams...

By James Bourne, 12 September 2019, 0 comments. Categories: DevOps, Economy, Infrastructure, Security.

Five key tips to prioritise the security of DevOps tools and processes

The demands of today’s tech-savvy customer have placed huge emphasis on software development and user experience as a barometer for success. DevOps adoption has grown rapidly as a result, with many businesses looking at routes to either introduce or accelerate DevOps workflows within their IT organisations.

‘Tool chains’ are an integral part of any DevOps programme, helping...

By Josh Kirkwood, 11 September 2019, 0 comments. Categories: Collaboration, Data Management, Developers, DevOps, Infrastructure, Platform, Security.

Cloud security woes strike again – and it’s double trouble for multi-cloud users, research finds

A survey of C-suite executives from Nominet has found that, for more than half of respondents, cloud security remains a concern – which becomes even more critical when multi-cloud comes in.

The study, which polled 274 CISOs, CIOs and CTOs, found 52% were at least moderately concerned about security with regards to cloud adoption. One in five respondents said they were ‘very’ concerned, compared to one in 10 who said...

By James Bourne, 04 September 2019, 0 comments. Categories: Data Management, Infrastructure, Research, Security, Software.

Putting data security at the heart of digital transformation – from culture to code

In the new digital economy, data is the most valuable asset a company possesses. However, according to a recent survey by IDC, the spending ceiling for data security is as low as six per cent of the total security budget. Understandably, many information security professionals are feeling the pinch – and increasingly burning out and leaving the industry

By Mark Pidgeon, 03 September 2019, 0 comments. Categories: Best Practice, Data & Analytics, Data Management, DevOps, Security.

How Abbots Care gained greater assurances around data security with a revamped DR and backup strategy

Case study All data is equal, but for some industries, data is more equal than others. As a result, great care needs to be taken when it comes to keeping that data secure, whether in the cloud or anywhere else.

Healthcare, across its various channels, is a classic example. Some healthcare organisations are moving with less trepidation towards the cloud. In February, for instance,

By James Bourne, 30 August 2019, 0 comments. Categories: Case Studies, Data & Analytics, Data Management, Security, Software.

The continuing rise of Kubernetes analysed: Security struggles and lifecycle learnings

Analysis The rapid adoption of container technology, DevOps practices, and microservices application architectures are three of the key drivers of modern digital transformation. Whether built in the cloud, on-premises, or in hybrid environments, containerisation has proved to be significantly more advantageous in terms of scalability, portability, and continuous development and improvement.

More recently, organisations have began to standardise on Kubernetes as their container orchestrator.

By Ali Golshan, 29 August 2019, 0 comments. Categories: Containers, Developers, Kubernetes, Platform, Research, Security.

Alibaba, Google Cloud and Microsoft among inaugural members of cloud security consortium

The Linux Foundation has announced the launch of a new community of tech all-stars focused on advancing trust and security for cloud and edge computing.

The open source community, dubbed the Confidential Computing Consortium (CCC), has 10 initial members: Alibaba, Arm, Baidu, Google Cloud, IBM, Intel, Microsoft, Red Hat, Swisscom and Tencent.

“Current approaches in cloud...

By James Bourne, 28 August 2019, 0 comments. Categories: Alibaba, Google, Infrastructure, Microsoft, OpenSource, Security.

How does privileged access security work on AWS and other public clouds?

Bottom line: Amazon’s Identity and Access Management (IAM) centralises identity roles, policies and Config Rules yet doesn’t go far enough to provide a Zero Trust-based approach to Privileged Access Management (PAM) that enterprises need today.

AWS provides a baseline level of support for Identity and Access Management at no charge as part of their AWS instances, as do other public cloud providers. Designed to provide customers with...

By Louis Columbus, 27 August 2019, 0 comments. Categories: Amazon, Data Management, Infrastructure, Public, Security, Vulnerabilities.

VMware stokes VMworld fires with Pivotal and Carbon Black acquisitions

Next week is going to be a busy one for VMware as the company’s VMworld event kicks off in San Francisco. There will be plenty of talking points – and the virtualisation and end user computing provider has opted to add two more with the acquisitions of Pivotal Software and Carbon Black for a combined $4.8 billion (£3.93bn).

Pivotal, at $2.7bn, edged out endpoint security provider Carbon Black ($2.1bn) in...

By James Bourne, 23 August 2019, 0 comments. Categories: M&A, Security, Software, Virtualisation, VMware.

Cloud Security Alliance publishes ‘egregious 11’ list of top threats to the cloud

If one other thing besides death and taxes is certain, it is that cloud security will remain a key talking point. Whose responsibility is it exactly – and why does the shared responsibility model continue to cause havoc?

Some areas however can be nailed down much more solidly. The Cloud Security Alliance (CSA) has issued what it calls the ‘egregious 11’ in its latest report, giving organisations an up-to-date...

By James Bourne, 19 August 2019, 0 comments. Categories: Architecture, Infrastructure, Research, Security, Vulnerabilities.

How the rise of 5G will disrupt cloud computing as we know it

The rollout of 5G has begun in earnest. Verizon and other US carriers have already unveiled the tech and its groundbreaking speeds in a few key markets, and across the pond in the UK, some major carriers are widely expected to deploy 5G later this summer. Many expect 5G to be equally as disruptive – if not more so – than cloud computing has been over the past few years.

All of this raises questions when it comes to...

By Marty Puranik, 19 August 2019, 0 comments. Categories: Collaboration, Developers, Security, Software.

What’s in your cloud? Key lessons to learn after the Capital One breach

The lack of visibility into the expanded cloud attack surface is a fast-growing problem that is only getting worse. Although we have seen misconfigurations in the cloud before, the Capital One breach is a sobering reality check for the security industry. We need to vastly improve threat detection and response in cloud environments.

The attack behaviours associated with the Capital One breach that occurred in March 2019 are...

By Chris Morales, 16 August 2019, 0 comments. Categories: Amazon, Data Management, Security, Vulnerabilities.

How public cloud will become the driving force for connected cars

Opinion The cars we drive today are very different to the first models introduced in the late 1800s. Every aspect of the driving experience has evolved, innovating to meet customer needs, industry standards and to ensure passenger safety. Our new cars now offer voice assistants, can be fuelled by electric power, and typically include satellite navigation and collision detection as standard.

It’s time...

By Steve Meek, 12 August 2019, 0 comments. Categories: Industry, Infrastructure, Public, Security.

Why it's time to make continuous cloud security part of your developer journey

Cloud computing hasn’t always been synonymous with great security. However, despite early fears that it was less secure than data centres, the cloud is now considered a useful - and secure - solution for most critical business functions. While some of its earliest adopters could afford to be somewhat blasé about security, that’s no longer the case. The latest generation of cloud entrants mainly operate in finance and government sectors, meaning...

By Gemma Allen, 09 August 2019, 0 comments. Categories: Developers, DevOps, Infrastructure, Security.

Skybox and Zscaler team up for stronger cloud firewall integration

If there is one thing safer than a cloud security provider, it is two cloud security providers – in theory, at least. Zscaler and Skybox Security are coming together to connect two of their products for greater end-to-end protection.

The two companies will combine Zscaler’s Cloud Firewall product with the Skybox Security Suite, which encompasses visibility, vulnerability control, as well as firewall and network...

By James Bourne, 05 August 2019, 0 comments. Categories: Data Management, Security, Vulnerabilities.

StackRox and Skybox reports warn of dire consequences if container security is not addressed

Containers, when utilised properly, can significantly improve an organisation’s efficiency through speeding up development and automating processes. Yet like with so many technologies before it, security was never quite at the top of the priority list.

StackRox and Skybox Security, two California-based cybersecurity providers, have issued reports over the past week which come to similar conclusions: organisations are...

By James Bourne, 31 July 2019, 0 comments. Categories: Containers, Data Management, Developers, Security.

Capital One confirms data breach, cites cloudy approach as key to swift resolution

Capital One has confirmed a ‘data security incident’ which affected more than 100 million customers in the US and Canada – and while Amazon Web Services (AWS) has been identified as the receptacle in which the data was stolen, both customer and vendor appear not to be to blame.

Paige A. Thompson, otherwise known as ‘erratic’, was arrested on Monday and appeared in court in Seattle on a charge of computer fraud...

By James Bourne, 30 July 2019, 0 comments. Categories: Data & Analytics, Data Loss, Data Management, Infrastructure, Security.

The rise of Office 365 phishing scams: How one compromised account can cost millions

More businesses than ever are now choosing to use cloud services. Despite the many benefits of doing so, such as reduced maintenance costs and improved scalability, there are a number of cyber security risks than organisations need to be aware of – including sophisticated phishing scams that intentionally target SaaS applications.

With more than 155 million active commercial monthly users, Office 365 is among the most widely used cloud hosted email and productivity suites – and consequently a...

By Mark Nicholls, 25 July 2019, 0 comments. Categories: Microsoft, SaaS , Security, Software.

Capgemini report shows why AI is the future of cybersecurity

These and many other insights are from 

By Louis Columbus, 23 July 2019, 0 comments. Categories: Applications, Data & Analytics, Data Management, Security.