How leveraging APIs will help to enable comprehensive cloud security

Cloud computing has utterly transformed the IT industry, requiring organisations to make fundamental changes to how they design, deploy, manage and optimise their security strategy. Many organisations, however, are simply using the same security model they have relied on for over a decade in their traditional networks to the cloud. But true cloud security requires more than deploying isolated cloud-enabled network security tools to protect cloud-based resources.

The future...

By Lior Cohen, 24 May 2019, 0 comments. Categories: Data & Analytics, Developers, Security, Vulnerabilities.

Cloud providers are under attack - and sabotaged services will freeze operations

Over the next two years, cloud service providers will be systematically sabotaged by attackers aiming to disrupt critical national infrastructure (CNI) or cripple supply chains. Organisations dependent on cloud services will find their operations and supply chains undermined when key cloud services go down for extended periods of time.

Nation states that engage in a digital cold war will aim to disrupt economies and take down CNI by sabotaging cloud infrastructure through traditional physical attacks or by...

Companies' cloud security getting better - but slowly, argues SANS Institute

Cloud security best practices are improving - but there is still a long way to go, according to a new report from SANS Institute.

The study, which polled several hundred respondents across the IT spectrum, came about, as author Dave Shackleford put it, as the result of concerning news stories around the security space. IDC found back in April that worldwide IT security spending would hit $103.1 billion by the end of...

By James Bourne, 17 May 2019, 0 comments. Categories: Data & Analytics, Data Loss, Data Management, Research, Security.

Why IT security solutions spending will reach $133.8 billion

Cybersecurity investment continues to be a top priority for most IT organizations. Worldwide spending on security-related hardware, software, and services is forecast to reach $103.1 billion in 2019 -- that's an increase of 9.4 percent over 2018. The pace of growth will continue as industries invest heavily in IT security solutions to meet a wide range of cyber threats.

According to the latest market study by International Data Corporation (IDC), worldwide spending on IT security solutions will achieve a...

By David H Deans, 09 April 2019, 0 comments. Categories: Data & Analytics, Data Loss, Data Management, Research, Security.

Bitglass secures $70m series D funding to further enhance CASB space

Cloud access security broker (CASB) Bitglass has announced a $70 million (£53.6m) funding round aimed at consolidating its leadership of the CASB and cloud security market.

The round, a series D, included a new investor in the shape of Quadrille Capital, as well as existing investors Future Fund, New Enterprise Associates (NEA), Norwest, and Singtel Innov8. NEA, as regular readers of this publication will be aware, is a regular investor in the cloud space, with...

By James Bourne, 08 April 2019, 0 comments. Categories: Economy, Infrastructure, Security, Software.

The five key things every executive needs to know about identity and access management

  • For new digital business models to succeed, customers’ privacy preferences need to be secure, and that begins by treating every identity as a new security perimeter.
  • Organisations need to recognise that perimeter-based security, which focuses on securing endpoints, firewalls, and networks, provides no protection against identity and credential-based threats. Until they start implementing identity-centric security measures, account compromise attacks will continue to provide a perfect camouflage for data breaches.
  • 74% of data breaches start with privileged credential...

By Louis Columbus, 08 April 2019, 0 comments. Categories: Data Loss, Data Management, Enterprise, Security, Software.

Financial services moving to hybrid cloud – but rearchitecting legacy systems remains a challenge

The move to hybrid cloud is one which virtually every industry is undertaking – but the financial services industry is getting there ahead of most.

According to the latest data issued by Nutanix for its Enterprise Cloud Index Report, more than one in five financial organisations polled (21%) are deploying a hybrid cloud model today. This is up from the global average of 18.5%. 91% of those polled said hybrid cloud was their ‘ideal’ IT...

By James Bourne, 05 April 2019, 1 comment. Categories: Adoption, Hybrid, Industry, Infrastructure, Research, Security.

Five ways to demystify Zero Trust security – and the vendors who are pushing it

Bottom line: Instead of only relying on security vendors’ claims about Zero Trust, benchmark them on a series of five critical success factors instead, with customer results being key.

Analytics, Zero Trust dominated RSA

Analytics dashboards dominated RSA from a visual standpoint, while Zero Trust Security reigned from an enterprise strategy one. Over 60 vendors claimed to have Zero Trust Security solutions at RSA, with each one defining the concept in a slightly different way.

RSA has evolved into one of the highest energy enterprise-focused...

By Louis Columbus, 25 March 2019, 0 comments. Categories: Compliance, Data & Analytics, Data Loss, Data Management, Security.

Monitoring cloud app activity for better data security: Five key tips

Digitisation has dramatically changed how work gets done. Business-critical apps and data are a keystroke away, no matter where an employee is or what time it is. Perhaps it is this familiarity with data that makes employees feel so connected to it that, when they switch jobs, they often take some of it with them. Maybe it’s why most of them don’t think this is a criminal act.

Whatever the reasoning for this...

By Mike Mason, 22 March 2019, 0 comments. Categories: Applications, Data & Analytics, Data Management, Security.

Practical cloud considerations: Security and the decryption conundrum

Compute in the cloud may be cheap but it isn't free. Most of today’s apps are delivered via secure HTTP. That means TLS or the increasingly frowned upon SSL. It means cryptography, which traditionally has been translated to mean performance problems.

Thanks to advances in technology, CPUs are now incredibly fast and many client (and...

Continuous compliance, continuous iteration: How to get through IT audits successfully

For most students, exam days are one of the most stressful experiences of their educational careers. Exams are a semi-public declaration of your ability to learn, absorb and regurgitate the curriculum, and while the rewards for passing are rather mundane, the ramifications of failure are tremendous. 

My educational experience indicates that exam success is primarily due to preparation, with a fair bit of luck. If you were like me in school, exam preparation consisted mostly of cramming, with a heavy reliance on hope that the hours spent jamming material into my brain would cover at least 70% of the exam contents.

After I left...

By Jonathan Eropkin, 15 March 2019, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Security.

Why standardisation is good for NetOps: Innovation instead of impediment

Standardisation is sometimes viewed as an assault on innovation. Being forced to abandon a polyglot buffet and adopt a more limited menu will always sound stifling. That may be because standardisation is often associated with regulatory compliance standards that have official sounding names like ISO 8076.905E and are associated with checklists, auditors and oversight committees.

By Lori MacVittie, 14 March 2019, 0 comments. Categories: Compliance, Enterprise, Platform, Regulation, Security.

Addressing cloud sprawl: Combining security best practices with business foundations

The rate of cloud adoption has been nothing short of remarkable. According to IDG, 90% of organisations will have some portion of their applications or infrastructure running in the cloud this year, with the rest expected to follow suit by 2021. And while most organisations currently run more than half (53%) of their business on traditional networks,

By Lior Cohen, 13 March 2019, 0 comments. Categories: Adoption, CIO, Data & Analytics, Infrastructure, Security.

Check Point exposes yet more shared responsibility misunderstandings for cloud security

Almost one in five organisations polled by cybersecurity solutions provider Check Point Software say they have been victim to a cloud security incident over the past year, while more than a quarter still believe security is the responsibility of the cloud provider.

These and other worrying findings have appeared in Check Point’s latest study. The 2019 Security Report, of which this is the third instalment and combined...

By James Bourne, 22 February 2019, 0 comments. Categories: Data Loss, Data Management, Infrastructure, Security.

Exploring a data-centric approach to data privacy as cloud workloads proliferate

If your organisation, like many others, is putting more and more data into the cloud, you will already know that it’s probably making your security team have kittens. Greater amounts of data being transported in real-time – not to mention the vastly increased number of mobile devices and attack vectors – means the chances for catastrophe have proliferated.

A new study from data protection provider Virtru has...

By James Bourne, 19 February 2019, 0 comments. Categories: Data & Analytics, Data Loss, Privacy, Research, Security.

Healthcare firms go for the hybrid cloud approach with compliance and connectivity key

It continues to be a hybrid cloud-dominated landscape – and according to new research one of the traditionally toughest industries in terms of cloud adoption is now seeing it as a priority.

A report from enterprise cloud provider Nutanix has found that in two years’ time, more than a third (37%) of healthcare organisations polled said they would deploy hybrid cloud. This represents a major increase from less than a fifth...

By James Bourne, 18 February 2019, 0 comments. Categories: Compliance, Containers, Infrastructure, Research, Security.

How to tackle the multi-cloud security challenge

A growing number of organisations are adopting a multi-cloud strategy in a bid to avoid over-reliance upon one vendor and reduce the risk of threats like DDoS attacks. This generates cost savings, yields performance optimisation, and improves up-time to ensure that operations run at all times.

Abandoning a ‘one-cloud-fits-all’ approach and using multiple services from different cloud providers delivers a raft of...

By Steve Armstrong, 11 February 2019, 0 comments. Categories: Enterprise, Infrastructure, Security.

Microsoft cites ‘layers’ of Azure and cloud depth in more positive financial results

Microsoft’s investor relations team is evidently not frightened about repeating itself when it comes to financial announcements season. “Microsoft Cloud drives record fourth quarter results,” the company proclaimed in July; “Microsoft Cloud strength powers record first quarter results,” it tooted in October; and now, “Microsoft Cloud strength fuels second quarter results.”

Given the...

By James Bourne, 31 January 2019, 0 comments. Categories: Economy, Infrastructure, Microsoft, Security.

Understanding Kubernetes today: Misconceptions, challenges and opportunities

Any discussion of Kubernetes is best started with an understanding of why we need Kubernetes. Kubernetes helps us manage containers, which dominate application development now because they enable portability, faster application development, and greater independence for developers. Once we started using containers in great volume, we needed a way to automate the setup, tear down, and management of containers - that's what Kubernetes does.

By Ali Golshan, 30 January 2019, 0 comments. Categories: Containers, Developers, Infrastructure, Kubernetes, Platform, Security.