Application security in the cloud: Who is responsible?

We’ve all heard about the benefits of cloud infrastructure: improved productivity, cost savings, efficiency, agility and a host of other buzzwords that paint cloud as the be all, end all for IT.

Most organisations today either already run workloads in the cloud or plan to experiment with cloud in the very near future. And it’s up to businesses to decide whether they choose cloud infrastructure provided by public cloud providers like AWS, Microsoft Azure and Google Cloud Platform, or cloud...

By Duncan Hughes, 06 July 2017, 0 comments. Categories: Applications, Infrastructure, Public, Security.

Report argues ‘concerning’ lack of understanding over IaaS shared responsibility models

It is a question almost as old as the concept: who should look after cloud security, the vendor or the customer? A new report from Barracuda Networks argues there is a ‘concerning’ lack of understanding with regard to the shared responsibility model for infrastructure as a service (IaaS) providers.

For Amazon Web Services (AWS) and Microsoft, the two leading IaaS providers, the meaning is clear. Microsoft

By James Bourne, 04 July 2017, 0 comments. Categories: Data Management, IaaS, Infrastructure, Public, Security.

How to tackle changing cloud security threats: A guide

IT workers face a serious challenge when it comes to file sharing. In one corner is corporate governance which seeks to protect businesses and prevent cyber-attacks. In the opposite corner are end users who want to work more efficiently – collaboratively – by sharing or saving files.

The best way of ending this conflict is to find middle ground. In attempting this resolution, enterprises need to find the right balance between IT security and governance on one side and the needs of employees on the other. To...

By Tom Grave, 04 July 2017, 0 comments. Categories: Collaboration, Security, Software.

Why it is time to accept that cybercrime is a real danger

(c)iStock.com/the-lightwriter

The world recently witnessed the WannaCry attack. This threat is a wake-up call to everyone that the danger of cybercrime is exponential.

While we need to be ready to see global attacks of this nature increase, the technology that is required to combat these hazards exists now. From vulnerability detection and anti-virus, device and network monitoring, to management tools and data backup, businesses...

By Mark Cattini, 30 June 2017, 0 comments. Categories: Data & Analytics, Data Management, Security, Storage, Vulnerabilities.

The cloud can supercharge organisations’ productivity – but only if it is secured

In less than six years, organisations that neglect the advantages of cloud infrastructure will most likely be in a minority. It’s not difficult to see why, really. Not only do cloud services save both time and money, they also have the potential to completely revolutionise how your business operates, opening up new opportunities and revenue streams that would otherwise remain untapped.

Cloud infrastructure provides for...

By Tim Mullahy, 29 June 2017, 0 comments. Categories: SaaS , Security, Software, Vendors.

We won’t be put off our cloud strategy by cyber threats, organisations affirm

Four in five respondents say cloud adoption in their organisations will not be put off by high profile cyber-attacks, according to a new study from software and IT services provider Advanced.

The survey, which polled more than 500 senior executives in UK organisations and was conducted through Techmarketview, found that the majority of firms said they were concerned about security and data protection in the cloud, with 82% and 68% responding respectively, yet prefer to carry on with their migration...

By James Bourne, 22 June 2017, 0 comments. Categories: Adoption, Europe, Security.

How to choose a cloud sandbox solution: Best practice ideas

By Mathias Widler

Businesses have become painfully aware that conventional approaches — virus signature scanning and URL filtering — are no longer sufficient in the fight against cyberthreats. This is in part because malware is constantly changing, generating new signatures with a frequency that far outpaces the updates of signature detection systems.

In addition, malware today tends to be targeted to specific sectors, companies, or even individual members of a management team, and such...

By Zscaler, 22 June 2017, 0 comments. Categories: Security, Vulnerabilities.

Opinion: Is the use of public cloud ‘fundamentally disempowering’?

Speaking at the OpenStack Summit in Boston last month, Edward Snowden warned that the use of public cloud providers is ‘fundamentally disempowering’.

As reported by ZDNet, Snowden told the audience – through video conference, of course – that ‘we can’t let people be mindless when they’re building clouds.’ “You give them money, and they provide you with a service, but you are also...

By Cloud Tech, 20 June 2017, 1 comment. Categories: Data Centres, Infrastructure, Public, Security.

Gartner: Cloud-based security services market to hit almost $9bn by 2020

Gartner has predicted the global cloud-based security services market will hit $5.9 billion this year, saying the segment’s growth will ‘remain strong’.

The analyst firm looked at a variety of segments, with identity and access management (IAM), identity as a service (IDaaS) and user authentication remaining the biggest category. Gartner predicts this area to comprise $2.1bn, or 35.6% of the overall market, this year, going up to $3.42bn, or 38.3% of the overall $8.92bn market by...

By James Bourne, 16 June 2017, 0 comments. Categories: Forecasts, Infrastructure, Research, Security.

Cloud security spending to hit $3.5bn by 2021, says Forrester

Cloud security spending is set to hit $3.5 billion (£2.74bn) by 2021 at a 28% annual growth rate, according to a new report from Forrester Research.

The report, authored by analysts Jennifer Adams and Andras Cser, discusses a variety of trends, from cloud security risk, to traditional security tools.

According to the figures, cloud security gateways will continue to be the primary route of global spending, contributing to $1.6bn – or 45% - of the overall figure by 2021. Native infrastructure as a...

By James Bourne, 13 June 2017, 0 comments. Categories: IaaS, PaaS, Research, Security.

Netskope raises $100m in series E round, aims to move security platform beyond the cloud

Cloud security provider Netskope has announced the close of a $100 million (£77.5m) series E funding round to press ahead with its go to market strategy as well as explore new ventures.

The round, which brings Netskope’s total funding to $231.4 million, was led by Lightspeed Venture Partners and included contributions from existing investors Social Capital and Iconiq Capital, as well as new participation from Sapphire Ventures and Geodesic Capital.

Among the upcoming projects for the company, best...

By James Bourne, 06 June 2017, 0 comments. Categories: Data & Analytics, Data Management, Data Sovereignty, Economy, Security.

A deeper dive into cloud security as a service: Advantages and issues

In a recent article which focused on cloud security I presented a comparison between security-as-a-service and traditional style security tooling in the cloud. This installment is a deeper dive into the security as a service (SECaaS) paradigm.

It would seem to me that a natural outgrowth of the cloud computing and 'everything as a service' paradigm that the technology world is...

By David Auslander, 06 June 2017, 0 comments. Categories: Hybrid, Public, Security.

Cloud security best practice: Security as a service or cloud security tooling?

A recent survey on cloud security and cloud adoption found that the single biggest impediment to moving to the public cloud was continued concerns around security.

While there has been tremendous progress in the area of cloud security in recent years, another important finding of the LinkedIn survey was that legacy tools, reconfigured for use in the public cloud just don’t work. This is mostly due to the nature of the cloud...

By David Auslander, 25 May 2017, 0 comments. Categories: Best Practice, Data & Analytics, Infrastructure, Public, Security.

One year GDPR countdown is a final warning for organisations to sort compliance out

May 25 2018 will see the General Data Protection Regulation (GDPR) legislation come into effect.

Organisations will by now be more than aware of the penalties – 4% of annual turnover or €20 million (£17.3m), whichever is greater, and if not take this as your final warning – but how are companies reacting to it?

Keyrus is a data intelligence and master data management (MDM) provider. The company has been putting its message out there at various events – including at the Information...

By James Bourne, 25 May 2017, 0 comments. Categories: Compliance, Data & Analytics, Data Management, Europe, Security.

How cloud operators can help mitigate the onerous tasks of GDPR responsibilities

With the onset of GDPR (General Data Protection Regulation) in May 2018, data protection requirements will become more stringent. The responsibilities placed on an organisation relating to the data it holds will be two-fold:

  • As a data controller (where the organisation enters and maintains personal data), the organisation must comply with rules concerning consent, access and transferability
  • As a data processor [where the organisation holds data on its own servers] it must follow regulation by ensuring high level cyber security, physical hardware...

By Joseph Blass, 25 May 2017, 0 comments. Categories: Data & Analytics, Data Management, Europe, Security.

WannaCry and the public cloud: The CISO perspective

By Matthew Sharp, CISO, Logicworks

I recently attended a CISO Executive Summit here in NYC.  The room was packed with 175 CISOs and top-level security leaders from various industries.  There was broad agreement that WannaCry was a scramble for many of their teams, and created a long weekend for some.  We concurred that we were lucky the “kill switch” was triggered, and we soberly recognised that the exploit is being redeployed with newly weaponised malware.

The consensus among CISOs...

By Logicworks, 24 May 2017, 0 comments. Categories: DevOps, Infrastructure, Public, Security, Vulnerabilities.

Cloud computing goes beyond tipping point in financial services, says DTCC

Cloud computing has reached a ‘tipping point’ in financial services with capabilities and cost efficiencies moving ahead of on-premise data centre equivalents, according to The Depository Trust & Clearing Corporation (DTCC).

The company, which provides financial transaction and data processing services for the global financial industry, has issued a new report, titled ‘Moving Financial Market Infrastructure to the Cloud’. The tipping point, the report argues, comes from a change in...

By James Bourne, 17 May 2017, 0 comments. Categories: Industry, Infrastructure, Regulation, Security.

Six classic ERP system security problems – and how to avoid them

An enterprise resource planning (ERP) system is a must for every business. The need to store and access more and more data makes it impossible to operate without proper business software. Furthermore, the desire to access this information on the go means that most companies are choosing cloud solutions.

The benefits are countless – more efficient, decreasing costs, easier to maintain, just to name a few. The main problem that it poses is the increased risk of security breach – the privacy of the...

By Kaloyan Dimitrov, 10 May 2017, 1 comment. Categories: ERP, Security, Software.

The 15 highest paying IT certifications in 2017

  • Security-related certifications pay on average over $17,000 per year more than the median IT certification salary.
  • Citrix certifications have annual salaries that range from $99,411 to $105,086 with a median salary of $102,365.
  • AWS Certified Solutions Architect – Associate is paying a median salary of $125,091.
  • Project Management Professional (PMP) certifications are the most pervasive, with 730,000 active PMPs in 210 countries and territories worldwide.

These and many other insights about the highest-paying certifications this year are from Global Knowledge’s latest research on...

By Louis Columbus, 20 April 2017, 0 comments. Categories: Architecture, Data & Analytics, Developers, Security.

How machine learning could prevent money laundering

Machine learning is being put to use in all sorts of areas today. From smart cars and homes and beyond, the use of artificial intelligence (AI) and machine learning (ML) are becoming a larger part of how many companies conduct business. As more and more businesses are hit with cyber crime rather than physical crimes, there has been a needed shift from commercial surveillance systems towards cyber security systems to protect...

By Rick Delgado, 20 April 2017, 0 comments. Categories: Big Data, Data & Analytics, Data Management, Security.