Why it’s time for manufacturers to take security in the cloud seriously

Manufacturers deal with sensitive data every day. This includes test and quality data, warranty information, device history records, and especially the engineering specifications for a product that are highly confidential. Trusting that data to a cloud-based application or cloud services provider is a major step, and manufacturers need to fully educate themselves about the security risks and advantages of cloud-based software.

As we prepare to enter the second...

The top five in-demand cloud skills for 2018

As businesses of every size push forward with cloud projects in 2018, the demand for cloud skills is accelerating. Public cloud adoption is expected to climb significantly and the IDC predict spending will reach £197 billion in just three years.

But as cutting-edge technologies, like machine learning, continue to reshape the job market the skills gap looms large across the industry. With over 350,000 specialists needed to help fill cloud roles there’s clearly a massive opportunity for...

By Alex Bennett, 23 May 2018, 1 comment. Categories: Applications, Architecture, Best Practice, Developers, Security.

Concern over cloud storage security remains says Spiceworks – but good news for OneDrive

One in four respondents to a survey from IT community Spiceworks say they remain unconvinced by cloud storage security – with Microsoft OneDrive holding firm as the most popular service.

The study, which polled more than 500 respondents from organisations across North America and Europe, found more than half (51%) are currently using OneDrive, compared with 34% for both Google Drive and Dropbox, going down to 13% and 6% for Apple iCloud Drive and Box...

By James Bourne, 22 May 2018, 0 comments. Categories: Microsoft, Research, Security, Software, Storage.

Step aside ransomware: Why cryptojacking is the new kid on the block

With the ability to generate a staggering $1.5 trillion in revenues every year, cybercrime is big business. It’s the perfect model – earn a high income for minimum effort and risk of penalty.

It comes as no surprise then that when faced with issues around the fluctuating value of Bitcoin, cybercriminals stepped into action. These savvy criminals created a new attack technique that offers better paid out odds in...

A guide: How to apply the NIST Cybersecurity Framework to AWS implementations

If public cloud services are in your IT mix, the NIST Cybersecurity Framework (CSF) is a great way to evaluate security needs and develop a robust security strategy. The NIST CSF identifies five key cybersecurity functions - “Identify,” “Protect,” “Detect,” “Respond,” and “Recover” - to organise recommended security controls into actionable work streams. AWS users can use the CSF to plan...

By Sanjay Kalra, 03 May 2018, 0 comments. Categories: Amazon, Architecture, Best Practice, Infrastructure, Security, Vulnerabilities.

Danger within: Defending cloud environments against insider threats

According to a recent study by Crowd Research Partners, over 90% of organisations feel vulnerable to insider attacks. This should come as no surprise. Cloud adoption and bring your own device (BYOD) policies have greatly improved businesses’ agility, but have also made sensitive business data much more readily accessible, presenting a significant IT security challenge. This is clearly demonstrated in the recent incidents involving

Why the future of cybersecurity is in the cloud

For decades we have feared the cloud.  During my time working counterintelligence for the FBI, we feared the Internet so much that agency computers functioned solely on an isolated intranet connected via hard cables.

It’s no wonder to me that that government has still not embraced the unlimited processing power cloud computing affords.  But despite the fact that utilisation of the cloud has become ubiquitous – we store our photos and memories, email accounts, business files and our very...

By Eric O'Neill, 27 April 2018, 0 comments. Categories: Data & Analytics, Data Management, Security, Vulnerabilities.

Keeping secrets: Tips for protecting your data in AWS S3

Amazon Web Services is the juggernaut in the cloud provider space, and with any piece of technology comes the need for proper security. In this regard, AWS is no exception. In this piece, we will shortly discuss the latest breaches of public S3 buckets, provide an overview of the two ways to protect data in these storage spaces, and discuss how the new Amazon Secrets Manager utility can assist in securing AWS cloud applications.

Recent breaches

There have been a couple of recent instances in which company S3 buckets have been read by...

By Doug Hazelman, 23 April 2018, 0 comments. Categories: Amazon, Privacy, Public, Security, Software, Storage.

The key challenges of migrating databases to the cloud: Planning and performance

As enterprises continue to embark on their digital transformation journeys part of this change may involve migrating in-house applications, databases and data to the cloud.  But while all the benefits of cloud are widely understood, migrating a database or an application to the cloud is not always smooth sailing and there can be challenges to overcome when transitioning.  Here I wanted to highlight some of the steps enterprises should take to ensure their database migration is successful.

Why migrate to the...

By Roberto Mircoli, 17 April 2018, 0 comments. Categories: Data & Analytics, Data Management, Infrastructure, Migration, Security.

How the changing security landscape is forcing cloud providers to respond

The RSA Conference in San Francisco is a hotbed of news, analysis and reports on the security industry, with research from the Cloud Security Alliance (CSA) and automation software provider Sonatype being of particular interest.

The CSA report, State of Cloud Security 2018, assesses the steps cloud providers and enterprises are taking when it comes to security, as well as regulation and the changing threat landscape.

The report notes that as the landscape for cloud services expands, so do the security options...

By James Bourne, 17 April 2018, 0 comments. Categories: Compliance, Data Management, Research, Security.

Automation, DevOps and unified security management key to cure cloud ills, says McAfee

Cloud services are becoming practically ubiquitous – but according to the latest study from McAfee, one in four organisations who use the public cloud has had their data stolen.

The findings appear in ‘Navigating a Cloudy Sky: Practical Guidance and the State of Cloud Security’, a report which surveyed more than 1,400 IT professionals around security concerns with private and public cloud services.

Usage numbers are as strong as one would expect – except for one. 97% of respondents...

By James Bourne, 16 April 2018, 0 comments. Categories: DevOps, Infrastructure, Research, Security.

Singapore overtakes Hong Kong to become strongest Asia Pacific cloud nation

Singapore has overtaken Hong Kong to be the number one cloud-ready Asia Pacific nation, according to the latest report from the Asia Cloud Computing Association (ACCA).

The two regions have swapped places since the previous analysis two years ago, with New Zealand retaining bronze medal position, and Japan and Taiwan overtaking Australia. While the latter has slipped a couple of places in the rankings, ACCA said it was still a ‘strong regional contender’ which performed well in most areas but was...

By James Bourne, 16 April 2018, 0 comments. Categories: Adoption, Data & Analytics, Infrastructure, Migration, Research, Security.

How machine learning quantifies trust and improves employee experiences

By enabling enterprises to scale security with user behaviour-based, contextual intelligence, next-gen access strategies are delivering Zero Trust Security (ZTS) enterprise-wide, enabling the fastest companies to keep growing strong.

Every digital business is facing a security paradox today created by their proliferating amount of applications, endpoints and infrastructure on the one hand and the need to scale enterprise security without reducing the quality of user experiences on the other. Businesses face a...

By Louis Columbus, 16 April 2018, 0 comments. Categories: Applications, Security, Software.

Why trust and transparency are key for companies complying with new EBA cloud guidance

New guidance from official regulators should be music to the ears of anyone involved in compliance. Clarification, reference points and approved examples make the business of compliance that much more straightforward and are generally welcomed by compliance experts. In that spirit, it was with the best intentions - to clear the pathway to cloud adoption for financial services companies - that the European...

By Frank Krieger, 13 April 2018, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Privacy, Security.

Data centres and cloud networks: Security in the modern context

Traditionally, companies have sought to create a hardened IT network perimeter that kept all potential cyber threats out and to protect organisations through the use of network security platforms such as firewalls. In the modern context, however, this has become a restrictive and dangerous approach and I will explain why. 

What we think of as traditional firewalls are only really able to inspect unencrypted traffic. This means that attackers will use encrypted communications to exploit and maintain...

By Neil Anderson, 13 April 2018, 0 comments. Categories: Data & Analytics, Data Centres, Infrastructure, Security.

Hybrid cloud security strategies analysed in new research

Hybrid cloud and multi-cloud security is becoming top of mind for organisations – but many still persist with best of breed tools for both systems rather than combining into one ‘best of suite’ offering.

That is the key finding following a report from Santa Clara-based Cavirin Systems. The report, which polled more than 350 IT admins, IT decision makers and C-suite executives, found 81% of organisations currently deploy a hybrid or multi-cloud strategy, with 11% only going on-premise and 8%...

By James Bourne, 12 April 2018, 0 comments. Categories: Hybrid, Research, Security.

Learning from the masters of DevSecOps: Getting security right at scale

With the relentless 24/7 nature of the digital economy, many customers I talk to are under pressure to continually release and update their apps. Making this happen is a challenge in itself. But keeping those apps secure can be even more problematic – especially when security is left to the end of the development cycle.

That may seem an unlikely approach in today’s heightened IT security climate. But in my experience, it’s all too common. Under pressure to get their apps out fast, firms...

By Aruna Ravichandran, 09 April 2018, 0 comments. Categories: Applications, Data & Analytics, Developers, DevOps, Security.

Five ways machine learning can save your company from a security breach meltdown

  • $86bn was spent on security in 2017, yet 66% of companies have still been breached an average of five or more times.
  • Just 55% of CEOs say their organizations have experienced a breach, while 79% of CTOs acknowledge breaches have occurred. One in approximately four CEOs (24%) aren’t aware if their companies have even had a security breach.
  • 62% of CEOs inaccurately cite malware as the primary threat to cybersecurity.
  • 68% of executives whose companies experienced significant breaches in hindsight believe that the breach could have been prevented by implementing more...

By Louis Columbus, 09 April 2018, 0 comments. Categories: Applications, Big Data, Data & Analytics, Data Management, Security, Software.

Microsoft responds to speed of CLOUD Act enactment and data privacy concerns

Microsoft has admitted the speed in which the CLOUD Act was enacted was ‘a bit of a shock’ – but added there was more to do to protect users’ privacy rights across borders.

The act, which stands for ‘clarifying lawful overseas use of data’, was signed into law two weeks ago and ultimately represents the culmination of a case which began four years ago concerning an email in Dublin.

During a drug trafficking investigation in 2013, Microsoft refused to provide details of an...

By James Bourne, 06 April 2018, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Security.