Cloud security and small businesses – what you need to know to avoid the pitfalls

Today we work in a world that is increasingly connected, convenient and cloud-based. This comes with a world of benefits not just for enterprises, but also for small to medium sized businesses (SMBs).

It’s now easier than ever to share documents in the cloud, video-conference with colleagues across the world and compile resources so that global teams can quickly access them from shared storage. The downfall,...

By Dirk Morris, 21 September 2018, 0 comments. Categories: Infrastructure, Security, Software, Vulnerabilities.

Risk and finance industry still see cloud as a concern, notes Gartner

Even the slowest industries are moving workloads to the cloud – take risk, audit and finance as an example. Yet there is still plenty more to be done before these verticals become truly comfortable.

That’s according to the latest report from analyst firm Gartner. In the company’s most recent Emerging Risks study, cloud computing remains the primary concern for those in risk and compliance. Cloud was ahead of...

By James Bourne, 15 August 2018, 0 comments. Categories: Infrastructure, Research, Security, Vulnerabilities.

Making the cloud a safe space: Organisational security, identity, and more

The cloud has brought about many benefits for organisations and adoption is understandably increasing. Gartner earlier this year projected that the worldwide public cloud services market would grow 21.4 percent in 2018 whilst Forrester has found that global cloud services revenues totaled £112.5 billion in 2017, and is predicted to grow up to...

By Ronald Sens, 10 August 2018, 0 comments. Categories: Data & Analytics, Data Management, Security, Vulnerabilities.

How cryptomining is the attack vector du jour - as hackers increasingly target cloud infrastructure

Updated July 30 Cryptojacking is on the way to replacing ransomware as the biggest threat for consumers and enterprises - and new research reveals the size of the effect crypto is having on cloud infrastructures.

Cyber security firm Check Point Software, in its 'Cyber Attack Trends: 2018 Mid-Year Report', found that in the first half of this year, the number of organisations impacted by cryptomining malware doubled to 42%, compared with 20.5% from the second half...

By James Bourne, 16 July 2018, 0 comments. Categories: Blockchain, Infrastructure, Security, Vulnerabilities.

Why enterprises feel more susceptible to threats than ever before

  • Identities, not systems, are the new security perimeter for any digital business, with 81% of breaches involving weak, default or stolen passwords.
  • 53% of enterprises feel they are more susceptible to threats since 2015.
  • 51% of enterprises suffered at least one breach in the past 12 months and malicious insider incidents increased 11% year-over-year.

These and many other fascinating insights are from SecurIT: the Zero Trust Summit for CIOs and CISOs held last month in San Francisco, CA.

By Louis Columbus, 13 July 2018, 0 comments. Categories: Data Management, Enterprise, Infrastructure, Security, Vulnerabilities.

SolarWinds acquires Trusted Metrics to add real-time threat monitoring to cloud security mix

SolarWinds is on the acquisition trail again – this time confirming the acquisition of Trusted Metrics, a real-time threat monitoring and management software provider.

The acquisition will enable SolarWinds to release a new security product under the name of SolarWinds Threat Monitor, which is an automated tool which aims to make threat detection easier for IT operations teams, managed service providers and managed security service providers.

As regular readers of this publication will testify, organisations’ cloud...

By James Bourne, 11 July 2018, 0 comments. Categories: Data & Analytics, M&A, Security, Vulnerabilities.

Three unbeatable security advantages of cloud-based solutions for your business

Cloud-based solutions have never been more popular than ever. Proponents and opponents have their reasons to keep debates fuelled, but small to mid-sized businesses shouldn’t ignore the security benefits cloud can offer.

Higher standards

Implementing cloud-based solutions for your business is certain to bring a higher standard of security that your in-house IT team or a locally managed system is unlikely to achieve.

Multi-factor authentication: Small to medium-sized businesses don’t have...

By Jeff Dennis, 25 June 2018, 0 comments. Categories: Data & Analytics, Data Management, Security, Vulnerabilities.

Why for ultimate data centre security, technology alone is not the answer

The security of data – and in particular people’s personal data – has been a hot topic in recent months. The EU’s rollout of new GDPR regulations; the Cambridge Analytica scandal; or the seemingly weekly revelations of financial institutions or consumer service providers which have had their databases hacked, are all examples most of us will be aware of.

Less often discussed but just as important as the security of our data, is the security of the data centres that house it. And at...

By Arturo Maqueo, 21 June 2018, 0 comments. Categories: Data Centres, Infrastructure, Security, Vulnerabilities.

Kubernetes skills demand continues to soar – but are organisations dropping the ball on security?

If you have Kubernetes skills then you will almost certainly be in demand from employers, as a new survey from CyberArk has found that IT jobs with the container orchestration tool in the title have soared year on year. But beware the security risks when getting involved.

According to the company, which has crunched data from IT Jobs Watch, roles involving Kubernetes have broken into the top 250 most popular IT vacancies, having been around the 1000 mark this time last year. The most likely job title for...

Step aside ransomware: Why cryptojacking is the new kid on the block

With the ability to generate a staggering $1.5 trillion in revenues every year, cybercrime is big business. It’s the perfect model – earn a high income for minimum effort and risk of penalty.

It comes as no surprise then that when faced with issues around the fluctuating value of Bitcoin, cybercriminals stepped into action. These savvy criminals created a new attack technique that offers better paid out odds in...

A guide: How to apply the NIST Cybersecurity Framework to AWS implementations

If public cloud services are in your IT mix, the NIST Cybersecurity Framework (CSF) is a great way to evaluate security needs and develop a robust security strategy. The NIST CSF identifies five key cybersecurity functions - “Identify,” “Protect,” “Detect,” “Respond,” and “Recover” - to organise recommended security controls into actionable work streams. AWS users can use the CSF to plan...

By Sanjay Kalra, 03 May 2018, 0 comments. Categories: Amazon, Architecture, Best Practice, Infrastructure, Security, Vulnerabilities.

Danger within: Defending cloud environments against insider threats

According to a recent study by Crowd Research Partners, over 90% of organisations feel vulnerable to insider attacks. This should come as no surprise. Cloud adoption and bring your own device (BYOD) policies have greatly improved businesses’ agility, but have also made sensitive business data much more readily accessible, presenting a significant IT security challenge. This is clearly demonstrated in the recent incidents involving

Why the future of cybersecurity is in the cloud

For decades we have feared the cloud.  During my time working counterintelligence for the FBI, we feared the Internet so much that agency computers functioned solely on an isolated intranet connected via hard cables.

It’s no wonder to me that that government has still not embraced the unlimited processing power cloud computing affords.  But despite the fact that utilisation of the cloud has become ubiquitous – we store our photos and memories, email accounts, business files and our very...

By Eric O'Neill, 27 April 2018, 0 comments. Categories: Data & Analytics, Data Management, Security, Vulnerabilities.

Cisco and Rackspace come together for multi-cloud security

Multi-cloud continues to be on the agenda – this time, a collaboration between Cisco and Rackspace whereby the former will provide the latter’s customers with security protection for multi-cloud environments.

Rackspace will deploy high volumes of Cisco’s next-generation firewalls and integrate them directly into its services, according to Cisco. The managed cloud provider had previously served as a testing partner for Cisco’s ASA firewall series.

According to the most recent annual...

By James Bourne, 25 February 2018, 0 comments. Categories: Data Management, Security, Vulnerabilities.

Analysing security solutions in cloud computing technology

Ever more companies are proving that cloud computing continues to be a major trend in the IT field. For instance, IDC recently predicted that spending on public cloud services would reach $160 billion by the end of this year.

When it comes to security, however, the same issues and concerns persist today as they did several years ago. Take any research report which asks about organisations’ concerns with...

By Dariusz Wójcik, 30 January 2018, 0 comments. Categories: Data & Analytics, Data Management, Security, Vulnerabilities.

Intel admits data centre performance slowdown after Meltdown and Spectre updates

Good and bad news from Intel regarding the Meltdown and Spectre vulnerabilities; firmware updates are being pushed through for the vast majority of CPUs issued by the company in the past five years, but patches are impacting data centre performance.

According to an update published yesterday, impacts in performance have ranged from 0% to 2% on industry-standard measures, including integer and floating point throughput, and server-side Java – in other words, common workloads for enterprise and cloud...

By James Bourne, 18 January 2018, 0 comments. Categories: Data & Analytics, Data Centres, Security, Vulnerabilities.

The glitch economy: Counting the cost of software failures

In today’s increasingly digitalised world, the effect of a software glitch can be dramatic. Take an example from July this year when a glitch caused the stock prices of well-known Nasdaq companies such as Amazon, Apple, Alphabet, eBay and Microsoft to be inaccurately listed on websites well after that day’s closing bell.

Even though the actual prices of the stocks were unchanged, the sites showed some had plummeted in price and others had nearly doubled. Unsurprisingly, many people were fooled and...

By Dalibor Siroky, 30 October 2017, 0 comments. Categories: Data Loss, Data Management, Software, Vulnerabilities.

The evolution of phishing: Reeling them in from the cloud

Awareness of phishing has grown significantly in recent years, and users are more suspicious than ever of emails that land in their inbox from unknown or questionable senders. In response to this, cybercriminals have had to become savvier with their phishing tactics. They’ve looked to new methods of phishing that are harder for users to expose. The latest of these phishing tactics uses spoofed cloud applications – a new trend that businesses need to watch out for.

Early...

By Anurag Kahol, 13 September 2017, 0 comments. Categories: Applications, Security, Vulnerabilities.

Cloud Security Alliance aims to improve cyber security with introduction of new metrics

As any medical professional will explain, prevention is always better than cure. So why are so many organisations reactive instead of proactive when it comes to cybersecurity threats? A new report from the Cloud Security Alliance (CSA) aims to introduce new metrics for enterprises to improve their security game.

The report, titled ‘Improving Metrics in Cyber Resiliency’, introduces Elapsed Time to Identify Failure (ETIF) and Elapsed Time to Identify Threat (ETIT), as well as processes to measure...

By James Bourne, 30 August 2017, 0 comments. Categories: Disaster Recovery, Security, Vulnerabilities.

Things that go bump in IT: Eliminate shadow IT nightmares to improve compliance and governance

Lurking in the background of any IT manager’s nightmares is the spectre of shadow IT. Shadow IT can be described as hardware or software used in an enterprise that is not supported by the enterprise. The negativity of the term is justified because it implies that employees are using technology without the knowledge or approval of the IT department – a recipe for disaster.

The risks of shadow IT are well-known and have the potential to damage a business’s ability to function effectively. Even...

By Tom Grave, 22 August 2017, 0 comments. Categories: CIO, Collaboration, Security, Software, Vulnerabilities.