Kubernetes skills demand continues to soar – but are organisations dropping the ball on security?

If you have Kubernetes skills then you will almost certainly be in demand from employers, as a new survey from CyberArk has found that IT jobs with the container orchestration tool in the title have soared year on year. But beware the security risks when getting involved.

According to the company, which has crunched data from IT Jobs Watch, roles involving Kubernetes have broken into the top 250 most popular IT vacancies, having been around the 1000 mark this time last year. The most likely job title for...

Google Cloud launches sole-tenant nodes for improved compliance and utilisation

Google Cloud has announced the launch of sole-tenant nodes on Google Compute Engine – helping customers in various industries around compliance in the process.

The new service, which is currently in beta availability, gives customers ownership of all VMs, hypervisor and host hardware, going against the traditional cloud use case of multi-tenant architecture and shared resources.

“Normally, VM instances run on physical hosts that may be shared by many customers,” explained Google’s Manish Dalwadi and...

By James Bourne, 08 June 2018, 0 comments. Categories: Applications, Architecture, Compliance, Google, Infrastructure, Security.

Five tips for creating successful company-wide data security training

Creating a safe online environment for your business is a major concern for leaders today. With the amount of data breaches increasing steadily and consumer trust in data management declining, it’s no wonder that improving the security of IT systems is the number one priority for 55% of companies.

Employees...

By Pratik Dholakiya, 08 June 2018, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Security.

As employee use of cloud apps explodes – can CASBs help?

Rapid adoption of software as a service (SaaS) has changed the security paradigm for enterprise applications. Provisioning is no longer an activity performed solely by IT; instead, business managers are independently purchasing cloud apps and skipping security practices. This leaves enterprise data exposed, forcing IT/security teams into reactive mode as they try to manage risks with their existing security tools using ineffective “whack-a-mole” approaches.

Ultimately, as enterprises shift more...

By Jay Barbour, 07 June 2018, 0 comments. Categories: Data & Analytics, Data Management, Security, Software.

Three ways machine learning is revolutionising zero trust security

Bottom line: Zero Trust Security (ZTS) starts with Next-Gen Access (NGA). Capitalizing on machine learning technology to enable NGA is essential in achieving user adoption, scalability, and agility in securing applications, devices, endpoints, and infrastructure.

How next-gen access and machine learning enable zero trust security

Zero Trust Security provides digital businesses with the security strategy they need to keep growing by scaling across each new perimeter and endpoint created as a result of growth....

By Louis Columbus, 31 May 2018, 0 comments. Categories: Applications, Architecture, Security, Software.

Why it’s time for manufacturers to take security in the cloud seriously

Manufacturers deal with sensitive data every day. This includes test and quality data, warranty information, device history records, and especially the engineering specifications for a product that are highly confidential. Trusting that data to a cloud-based application or cloud services provider is a major step, and manufacturers need to fully educate themselves about the security risks and advantages of cloud-based software.

As we prepare to enter the second...

The top five in-demand cloud skills for 2018

As businesses of every size push forward with cloud projects in 2018, the demand for cloud skills is accelerating. Public cloud adoption is expected to climb significantly and the IDC predict spending will reach £197 billion in just three years.

But as cutting-edge technologies, like machine learning, continue to reshape the job market the skills gap looms large across the industry. With over 350,000 specialists needed to help fill cloud roles there’s clearly a massive opportunity for...

By Alex Bennett, 23 May 2018, 1 comment. Categories: Applications, Architecture, Best Practice, Developers, Security.

Concern over cloud storage security remains says Spiceworks – but good news for OneDrive

One in four respondents to a survey from IT community Spiceworks say they remain unconvinced by cloud storage security – with Microsoft OneDrive holding firm as the most popular service.

The study, which polled more than 500 respondents from organisations across North America and Europe, found more than half (51%) are currently using OneDrive, compared with 34% for both Google Drive and Dropbox, going down to 13% and 6% for Apple iCloud Drive and Box...

By James Bourne, 22 May 2018, 0 comments. Categories: Microsoft, Research, Security, Software, Storage.

Step aside ransomware: Why cryptojacking is the new kid on the block

With the ability to generate a staggering $1.5 trillion in revenues every year, cybercrime is big business. It’s the perfect model – earn a high income for minimum effort and risk of penalty.

It comes as no surprise then that when faced with issues around the fluctuating value of Bitcoin, cybercriminals stepped into action. These savvy criminals created a new attack technique that offers better paid out odds in...

A guide: How to apply the NIST Cybersecurity Framework to AWS implementations

If public cloud services are in your IT mix, the NIST Cybersecurity Framework (CSF) is a great way to evaluate security needs and develop a robust security strategy. The NIST CSF identifies five key cybersecurity functions - “Identify,” “Protect,” “Detect,” “Respond,” and “Recover” - to organise recommended security controls into actionable work streams. AWS users can use the CSF to plan...

By Sanjay Kalra, 03 May 2018, 0 comments. Categories: Amazon, Architecture, Best Practice, Infrastructure, Security, Vulnerabilities.

Danger within: Defending cloud environments against insider threats

According to a recent study by Crowd Research Partners, over 90% of organisations feel vulnerable to insider attacks. This should come as no surprise. Cloud adoption and bring your own device (BYOD) policies have greatly improved businesses’ agility, but have also made sensitive business data much more readily accessible, presenting a significant IT security challenge. This is clearly demonstrated in the recent incidents involving

Why the future of cybersecurity is in the cloud

For decades we have feared the cloud.  During my time working counterintelligence for the FBI, we feared the Internet so much that agency computers functioned solely on an isolated intranet connected via hard cables.

It’s no wonder to me that that government has still not embraced the unlimited processing power cloud computing affords.  But despite the fact that utilisation of the cloud has become ubiquitous – we store our photos and memories, email accounts, business files and our very...

By Eric O'Neill, 27 April 2018, 0 comments. Categories: Data & Analytics, Data Management, Security, Vulnerabilities.

Keeping secrets: Tips for protecting your data in AWS S3

Amazon Web Services is the juggernaut in the cloud provider space, and with any piece of technology comes the need for proper security. In this regard, AWS is no exception. In this piece, we will shortly discuss the latest breaches of public S3 buckets, provide an overview of the two ways to protect data in these storage spaces, and discuss how the new Amazon Secrets Manager utility can assist in securing AWS cloud applications.

Recent breaches

There have been a couple of recent instances in which company S3 buckets have been read by...

By Doug Hazelman, 23 April 2018, 0 comments. Categories: Amazon, Privacy, Public, Security, Software, Storage.

The key challenges of migrating databases to the cloud: Planning and performance

As enterprises continue to embark on their digital transformation journeys part of this change may involve migrating in-house applications, databases and data to the cloud.  But while all the benefits of cloud are widely understood, migrating a database or an application to the cloud is not always smooth sailing and there can be challenges to overcome when transitioning.  Here I wanted to highlight some of the steps enterprises should take to ensure their database migration is successful.

Why migrate to the...

By Roberto Mircoli, 17 April 2018, 0 comments. Categories: Data & Analytics, Data Management, Infrastructure, Migration, Security.

How the changing security landscape is forcing cloud providers to respond

The RSA Conference in San Francisco is a hotbed of news, analysis and reports on the security industry, with research from the Cloud Security Alliance (CSA) and automation software provider Sonatype being of particular interest.

The CSA report, State of Cloud Security 2018, assesses the steps cloud providers and enterprises are taking when it comes to security, as well as regulation and the changing threat landscape.

The report notes that as the landscape for cloud services expands, so do the security options...

By James Bourne, 17 April 2018, 0 comments. Categories: Compliance, Data Management, Research, Security.

Automation, DevOps and unified security management key to cure cloud ills, says McAfee

Cloud services are becoming practically ubiquitous – but according to the latest study from McAfee, one in four organisations who use the public cloud has had their data stolen.

The findings appear in ‘Navigating a Cloudy Sky: Practical Guidance and the State of Cloud Security’, a report which surveyed more than 1,400 IT professionals around security concerns with private and public cloud services.

Usage numbers are as strong as one would expect – except for one. 97% of respondents...

By James Bourne, 16 April 2018, 0 comments. Categories: DevOps, Infrastructure, Research, Security.

Singapore overtakes Hong Kong to become strongest Asia Pacific cloud nation

Singapore has overtaken Hong Kong to be the number one cloud-ready Asia Pacific nation, according to the latest report from the Asia Cloud Computing Association (ACCA).

The two regions have swapped places since the previous analysis two years ago, with New Zealand retaining bronze medal position, and Japan and Taiwan overtaking Australia. While the latter has slipped a couple of places in the rankings, ACCA said it was still a ‘strong regional contender’ which performed well in most areas but was...

By James Bourne, 16 April 2018, 0 comments. Categories: Adoption, Data & Analytics, Infrastructure, Migration, Research, Security.

How machine learning quantifies trust and improves employee experiences

By enabling enterprises to scale security with user behaviour-based, contextual intelligence, next-gen access strategies are delivering Zero Trust Security (ZTS) enterprise-wide, enabling the fastest companies to keep growing strong.

Every digital business is facing a security paradox today created by their proliferating amount of applications, endpoints and infrastructure on the one hand and the need to scale enterprise security without reducing the quality of user experiences on the other. Businesses face a...

By Louis Columbus, 16 April 2018, 0 comments. Categories: Applications, Security, Software.

Why trust and transparency are key for companies complying with new EBA cloud guidance

New guidance from official regulators should be music to the ears of anyone involved in compliance. Clarification, reference points and approved examples make the business of compliance that much more straightforward and are generally welcomed by compliance experts. In that spirit, it was with the best intentions - to clear the pathway to cloud adoption for financial services companies - that the European...

By Frank Krieger, 13 April 2018, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Privacy, Security.

Data centres and cloud networks: Security in the modern context

Traditionally, companies have sought to create a hardened IT network perimeter that kept all potential cyber threats out and to protect organisations through the use of network security platforms such as firewalls. In the modern context, however, this has become a restrictive and dangerous approach and I will explain why. 

What we think of as traditional firewalls are only really able to inspect unencrypted traffic. This means that attackers will use encrypted communications to exploit and maintain...

By Neil Anderson, 13 April 2018, 0 comments. Categories: Data & Analytics, Data Centres, Infrastructure, Security.