How cryptomining is the attack vector du jour - as hackers increasingly target cloud infrastructure

Updated July 30 Cryptojacking is on the way to replacing ransomware as the biggest threat for consumers and enterprises - and new research reveals the size of the effect crypto is having on cloud infrastructures.

Cyber security firm Check Point Software, in its 'Cyber Attack Trends: 2018 Mid-Year Report', found that in the first half of this year, the number of organisations impacted by cryptomining malware doubled to 42%, compared with 20.5% from the second half...

By James Bourne, 16 July 2018, 0 comments. Categories: Blockchain, Infrastructure, Security, Vulnerabilities.

Why enterprises feel more susceptible to threats than ever before

  • Identities, not systems, are the new security perimeter for any digital business, with 81% of breaches involving weak, default or stolen passwords.
  • 53% of enterprises feel they are more susceptible to threats since 2015.
  • 51% of enterprises suffered at least one breach in the past 12 months and malicious insider incidents increased 11% year-over-year.

These and many other fascinating insights are from SecurIT: the Zero Trust Summit for CIOs and CISOs held last month in San Francisco, CA.

By Louis Columbus, 13 July 2018, 0 comments. Categories: Data Management, Enterprise, Infrastructure, Security, Vulnerabilities.

Majority of organisations favouring multi-cloud strategies, Virtustream argues

Multi-cloud is here to stay, that much we already know – but the sheer extent of its growth is helping enterprises move mission-critical applications to the cloud.

That is the key finding from a new report by cloud technology provider Virtustream. The study, titled ‘Multi-cloud Arises from Changing Cloud Priorities’ and conducted alongside Forrester, found the vast majority (86%) of respondents see their current cloud strategy as multi-cloud. What’s more, 60% of enterprises polled said...

By James Bourne, 13 July 2018, 0 comments. Categories: Compliance, Infrastructure, Research, Security.

How to get the right kind of control over your cloud: A guide

Trust in the cloud hasn’t always been universal. There was a time when security and risk management leaders feared entrusting critical data and infrastructure to a third-party cloud provider. This was understandable, arising from the history of network management, where IT teams were intimately familiar with managing the resources that made up their IT infrastructures, from the buildings they were housed in, to the electricity and cooling supply, through to the server, all the way down to the storage...

By Monica Brink, 11 July 2018, 0 comments. Categories: Collaboration, Data & Analytics, Data Management, Security, Software.

SolarWinds acquires Trusted Metrics to add real-time threat monitoring to cloud security mix

SolarWinds is on the acquisition trail again – this time confirming the acquisition of Trusted Metrics, a real-time threat monitoring and management software provider.

The acquisition will enable SolarWinds to release a new security product under the name of SolarWinds Threat Monitor, which is an automated tool which aims to make threat detection easier for IT operations teams, managed service providers and managed security service providers.

As regular readers of this publication will testify, organisations’ cloud...

By James Bourne, 11 July 2018, 0 comments. Categories: Data & Analytics, M&A, Security, Vulnerabilities.

New study notes network trouble organisations face amid strong public cloud adoption

Public cloud adoption will continue to go up and up – but as hybrid initiatives go up with them, concerns persist over how to handle cloud migration challenges.

That’s the key finding from the latest study by VIAVI Solutions. The IT and network testing provider, in its most recent State of the Network Global Study, polled more than 600 IT professionals and found more than half (56%) of enterprises polled had made the leap to public cloud as of this year. This number is set to go up to 72% by...

By James Bourne, 10 July 2018, 0 comments. Categories: Adoption, Infrastructure, Research, Security.

Three unbeatable security advantages of cloud-based solutions for your business

Cloud-based solutions have never been more popular than ever. Proponents and opponents have their reasons to keep debates fuelled, but small to mid-sized businesses shouldn’t ignore the security benefits cloud can offer.

Higher standards

Implementing cloud-based solutions for your business is certain to bring a higher standard of security that your in-house IT team or a locally managed system is unlikely to achieve.

Multi-factor authentication: Small to medium-sized businesses don’t have...

By Jeff Dennis, 25 June 2018, 0 comments. Categories: Data & Analytics, Data Management, Security, Vulnerabilities.

Why for ultimate data centre security, technology alone is not the answer

The security of data – and in particular people’s personal data – has been a hot topic in recent months. The EU’s rollout of new GDPR regulations; the Cambridge Analytica scandal; or the seemingly weekly revelations of financial institutions or consumer service providers which have had their databases hacked, are all examples most of us will be aware of.

Less often discussed but just as important as the security of our data, is the security of the data centres that house it. And at...

By Arturo Maqueo, 21 June 2018, 0 comments. Categories: Data Centres, Infrastructure, Security, Vulnerabilities.

Kubernetes skills demand continues to soar – but are organisations dropping the ball on security?

If you have Kubernetes skills then you will almost certainly be in demand from employers, as a new survey from CyberArk has found that IT jobs with the container orchestration tool in the title have soared year on year. But beware the security risks when getting involved.

According to the company, which has crunched data from IT Jobs Watch, roles involving Kubernetes have broken into the top 250 most popular IT vacancies, having been around the 1000 mark this time last year. The most likely job title for...

Google Cloud launches sole-tenant nodes for improved compliance and utilisation

Google Cloud has announced the launch of sole-tenant nodes on Google Compute Engine – helping customers in various industries around compliance in the process.

The new service, which is currently in beta availability, gives customers ownership of all VMs, hypervisor and host hardware, going against the traditional cloud use case of multi-tenant architecture and shared resources.

“Normally, VM instances run on physical hosts that may be shared by many customers,” explained Google’s Manish Dalwadi and...

By James Bourne, 08 June 2018, 0 comments. Categories: Applications, Architecture, Compliance, Google, Infrastructure, Security.

Five tips for creating successful company-wide data security training

Creating a safe online environment for your business is a major concern for leaders today. With the amount of data breaches increasing steadily and consumer trust in data management declining, it’s no wonder that improving the security of IT systems is the number one priority for 55% of companies.

Employees...

By Pratik Dholakiya, 08 June 2018, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Security.

As employee use of cloud apps explodes – can CASBs help?

Rapid adoption of software as a service (SaaS) has changed the security paradigm for enterprise applications. Provisioning is no longer an activity performed solely by IT; instead, business managers are independently purchasing cloud apps and skipping security practices. This leaves enterprise data exposed, forcing IT/security teams into reactive mode as they try to manage risks with their existing security tools using ineffective “whack-a-mole” approaches.

Ultimately, as enterprises shift more...

By Jay Barbour, 07 June 2018, 0 comments. Categories: Data & Analytics, Data Management, Security, Software.

Three ways machine learning is revolutionising zero trust security

Bottom line: Zero Trust Security (ZTS) starts with Next-Gen Access (NGA). Capitalizing on machine learning technology to enable NGA is essential in achieving user adoption, scalability, and agility in securing applications, devices, endpoints, and infrastructure.

How next-gen access and machine learning enable zero trust security

Zero Trust Security provides digital businesses with the security strategy they need to keep growing by scaling across each new perimeter and endpoint created as a result of growth....

By Louis Columbus, 31 May 2018, 0 comments. Categories: Applications, Architecture, Security, Software.

Why it’s time for manufacturers to take security in the cloud seriously

Manufacturers deal with sensitive data every day. This includes test and quality data, warranty information, device history records, and especially the engineering specifications for a product that are highly confidential. Trusting that data to a cloud-based application or cloud services provider is a major step, and manufacturers need to fully educate themselves about the security risks and advantages of cloud-based software.

As we prepare to enter the second...

The top five in-demand cloud skills for 2018

As businesses of every size push forward with cloud projects in 2018, the demand for cloud skills is accelerating. Public cloud adoption is expected to climb significantly and the IDC predict spending will reach £197 billion in just three years.

But as cutting-edge technologies, like machine learning, continue to reshape the job market the skills gap looms large across the industry. With over 350,000 specialists needed to help fill cloud roles there’s clearly a massive opportunity for...

By Alex Bennett, 23 May 2018, 1 comment. Categories: Applications, Architecture, Best Practice, Developers, Security.

Concern over cloud storage security remains says Spiceworks – but good news for OneDrive

One in four respondents to a survey from IT community Spiceworks say they remain unconvinced by cloud storage security – with Microsoft OneDrive holding firm as the most popular service.

The study, which polled more than 500 respondents from organisations across North America and Europe, found more than half (51%) are currently using OneDrive, compared with 34% for both Google Drive and Dropbox, going down to 13% and 6% for Apple iCloud Drive and Box...

By James Bourne, 22 May 2018, 0 comments. Categories: Microsoft, Research, Security, Software, Storage.

Step aside ransomware: Why cryptojacking is the new kid on the block

With the ability to generate a staggering $1.5 trillion in revenues every year, cybercrime is big business. It’s the perfect model – earn a high income for minimum effort and risk of penalty.

It comes as no surprise then that when faced with issues around the fluctuating value of Bitcoin, cybercriminals stepped into action. These savvy criminals created a new attack technique that offers better paid out odds in...

A guide: How to apply the NIST Cybersecurity Framework to AWS implementations

If public cloud services are in your IT mix, the NIST Cybersecurity Framework (CSF) is a great way to evaluate security needs and develop a robust security strategy. The NIST CSF identifies five key cybersecurity functions - “Identify,” “Protect,” “Detect,” “Respond,” and “Recover” - to organise recommended security controls into actionable work streams. AWS users can use the CSF to plan...

By Sanjay Kalra, 03 May 2018, 0 comments. Categories: Amazon, Architecture, Best Practice, Infrastructure, Security, Vulnerabilities.

Danger within: Defending cloud environments against insider threats

According to a recent study by Crowd Research Partners, over 90% of organisations feel vulnerable to insider attacks. This should come as no surprise. Cloud adoption and bring your own device (BYOD) policies have greatly improved businesses’ agility, but have also made sensitive business data much more readily accessible, presenting a significant IT security challenge. This is clearly demonstrated in the recent incidents involving

Why the future of cybersecurity is in the cloud

For decades we have feared the cloud.  During my time working counterintelligence for the FBI, we feared the Internet so much that agency computers functioned solely on an isolated intranet connected via hard cables.

It’s no wonder to me that that government has still not embraced the unlimited processing power cloud computing affords.  But despite the fact that utilisation of the cloud has become ubiquitous – we store our photos and memories, email accounts, business files and our very...

By Eric O'Neill, 27 April 2018, 0 comments. Categories: Data & Analytics, Data Management, Security, Vulnerabilities.