How to prevent AIOps from becoming just another cog in the machine

Over the past few years, companies have been rapidly transitioning to dynamic, hybrid cloud environments in a bid to keep up with the constant demand to deliver something new. However, while the cloud provides the agility businesses crave, the ever-changing nature of these environments has generated unprecedented levels of complexity for IT teams to tackle.

Traditional performance management strategies have been stretched to...

How leveraging APIs will help to enable comprehensive cloud security

Cloud computing has utterly transformed the IT industry, requiring organisations to make fundamental changes to how they design, deploy, manage and optimise their security strategy. Many organisations, however, are simply using the same security model they have relied on for over a decade in their traditional networks to the cloud. But true cloud security requires more than deploying isolated cloud-enabled network security tools to protect cloud-based resources.

The future...

By Lior Cohen, 24 May 2019, 0 comments. Categories: Data & Analytics, Developers, Security, Vulnerabilities.

Cloud providers are under attack - and sabotaged services will freeze operations

Over the next two years, cloud service providers will be systematically sabotaged by attackers aiming to disrupt critical national infrastructure (CNI) or cripple supply chains. Organisations dependent on cloud services will find their operations and supply chains undermined when key cloud services go down for extended periods of time.

Nation states that engage in a digital cold war will aim to disrupt economies and take down CNI by sabotaging cloud infrastructure through traditional physical attacks or by...

Do cryptographic keys belong in the cloud?

Thanks to the cloud, organisations of all sizes can enjoy scalability, ease of use, and significant savings by outsourcing hardware and software ownership and maintenance in multi-tenant environments. Medium-sized companies no longer have to pay to build their own infrastructure, which makes the cloud especially appealing to this market.

However, the cloud still suffers from security issues....

By Brian Jenkins, 24 January 2019, 0 comments. Categories: Data & Analytics, Security, Vulnerabilities.

Predicting the future of next-gen access and Zero Trust Security in 2019: Challenges ahead

Bottom line:  The most valuable catalyst all digital businesses need to continue growing in 2019 is a Zero Trust Security (ZTS) strategy based on Next-Gen Access (NGA) that scales to protect every access point to corporate data, recognising that identities are the new security perimeter.

The faster any digital business is growing, the more identities, devices and network endpoints proliferate. The most successful businesses of 2019 and beyond are actively creating entirely new digital business models today....

By Louis Columbus, 22 January 2019, 0 comments. Categories: Data & Analytics, Privacy, Security, Vulnerabilities.

New malware strain can evade and uninstall cloud security software, researchers warn

The good news: your organisation has finally gotten around to installing some top of the range cloud security tools. The bad news: malware has been developed which can evade detection from them.

The nefarious discovery from threat actor Rocke was made by Palo Alto Networks Unit 42, with the security researchers noting that it was ‘to the best of [their] knowledge the first malware family that developed the unique capability to target and...

By James Bourne, 18 January 2019, 0 comments. Categories: Blockchain, Infrastructure, Security, Vulnerabilities.

AWS launches new security offering which mitigates S3 misconfigurations – if customers get it right

Amazon Web Services (AWS) has announced extra steps to ensure customers’ S3 buckets don’t become misconfigured – but don’t assume responsibility has been taken away from the customer.

The new service, Amazon S3 Block Public Access, can work at the account level, on individual buckets, as well as future buckets created. Users can also block existing public access, or ensure public access is not available for...

By James Bourne, 20 November 2018, 0 comments. Categories: Amazon, Data Loss, Data Management, Security, Vulnerabilities.

A guide to the key principles of chaos engineering

Chaos engineering can be defined as experiments over a distributed system at scale, which increases the confidence that the system will behave as desired and expected under undesired and unexpected conditions.

The concept was popularised initially by Netflix and its Chaos Monkey approach. As the company put it as far back as 2010: "The...

By Nazareno Feito, 12 November 2018, 0 comments. Categories: Architecture, Disaster Recovery, Infrastructure, SLA, Vulnerabilities.

How to protect healthcare IoT devices in a Zero Trust world

  • Over 100 million healthcare IoT devices are installed worldwide today, growing to 161m by 2020, attaining a Compound Annual Growth Rate (CAGR) of 17.2% in just three years according to Statista.
  • Healthcare executives say privacy concerns (59%), legacy system integration (55%) and security concerns (54%) are the top three barriers holding back Internet of Things (IoT) adoption in healthcare organizations today according to the 

By Louis Columbus, 08 November 2018, 0 comments. Categories: Applications, Data & Analytics, Security, Software, Vulnerabilities.

Gartner’s latest Magic Quadrant shows the need for cloud access security brokers going forward

The role of the cloud access security broker (CASB) will become ever-more important in the context of organisational security.

According to analyst firm Gartner, through 2023 “at least 99%” of cloud security issues will be the fault of the customer. The notion of shared responsibility – one which regular readers of this publication may well be sick of hearing given its frequency – needs to be hammered...

By James Bourne, 05 November 2018, 0 comments. Categories: Infrastructure, Research, Security, Vulnerabilities.

As more companies put sensitive data in the public cloud – so the security threats increase

More organisations are putting their sensitive data in the public cloud – so it comes as no surprise that cloud threats, and mistakes in SaaS, IaaS and PaaS implementation are at an all-time high.

That is the key finding from a new report by McAfee, which argues the old bugaboo of shared responsibility continues to kick in and give organisations a kick in the teeth when it comes to cloud security.

By James Bourne, 30 October 2018, 0 comments. Categories: Data & Analytics, Data Loss, Infrastructure, Research, Security, Vulnerabilities.

How identities are the new security perimeter

  • Privileged credentials for accessing an airport’s security system were recently for sale on the Dark Web for just $10, according to McAfee.
  • 18% of healthcare employees are willing to sell confidential data to unauthorized parties for as little as $500 to $1,000, and 24% of employees know of someone who has sold privileged credentials to outsiders, according to a recent Accenture survey.
  • Apple employees in Ireland have been offered as much as €20,000 ($22,878) in exchange for their privilege access credentials in 2016, according to 

By Louis Columbus, 03 October 2018, 1 comment. Categories: Data & Analytics, Data Management, Security, Vulnerabilities.

The importance of APIs in public cloud security: How secure do you think yours are?

The use of the cloud is now mainstream and, despite some concerns, it is generally accepted that the public cloud is not inherently insecure. In fact, in many cases it is more secure than most data centres.

This can be explained when we consider how many opportunities there are for a piece of sensitive information that...

By Jason Macy, 01 October 2018, 0 comments. Categories: Architecture, Developers, Platform, Security, Vulnerabilities.

Cloud security and small businesses – what you need to know to avoid the pitfalls

Today we work in a world that is increasingly connected, convenient and cloud-based. This comes with a world of benefits not just for enterprises, but also for small to medium sized businesses (SMBs).

It’s now easier than ever to share documents in the cloud, video-conference with colleagues across the world and compile resources so that global teams can quickly access them from shared storage. The downfall,...

By Dirk Morris, 21 September 2018, 1 comment. Categories: Infrastructure, Security, Software, Vulnerabilities.

Risk and finance industry still see cloud as a concern, notes Gartner

Even the slowest industries are moving workloads to the cloud – take risk, audit and finance as an example. Yet there is still plenty more to be done before these verticals become truly comfortable.

That’s according to the latest report from analyst firm Gartner. In the company’s most recent Emerging Risks study, cloud computing remains the primary concern for those in risk and compliance. Cloud was ahead of...

By James Bourne, 15 August 2018, 0 comments. Categories: Infrastructure, Research, Security, Vulnerabilities.

Making the cloud a safe space: Organisational security, identity, and more

The cloud has brought about many benefits for organisations and adoption is understandably increasing. Gartner earlier this year projected that the worldwide public cloud services market would grow 21.4 percent in 2018 whilst Forrester has found that global cloud services revenues totaled £112.5 billion in 2017, and is predicted to grow up to...

By Ronald Sens, 10 August 2018, 0 comments. Categories: Data & Analytics, Data Management, Security, Vulnerabilities.

How cryptomining is the attack vector du jour - as hackers increasingly target cloud infrastructure

Updated July 30 Cryptojacking is on the way to replacing ransomware as the biggest threat for consumers and enterprises - and new research reveals the size of the effect crypto is having on cloud infrastructures.

Cyber security firm Check Point Software, in its 'Cyber Attack Trends: 2018 Mid-Year Report', found that in the first half of this year, the number of organisations impacted by cryptomining malware doubled to 42%, compared with 20.5% from the second half...

By James Bourne, 16 July 2018, 0 comments. Categories: Blockchain, Infrastructure, Security, Vulnerabilities.

Why enterprises feel more susceptible to threats than ever before

  • Identities, not systems, are the new security perimeter for any digital business, with 81% of breaches involving weak, default or stolen passwords.
  • 53% of enterprises feel they are more susceptible to threats since 2015.
  • 51% of enterprises suffered at least one breach in the past 12 months and malicious insider incidents increased 11% year-over-year.

These and many other fascinating insights are from SecurIT: the Zero Trust Summit for CIOs and CISOs held last month in San Francisco, CA.

By Louis Columbus, 13 July 2018, 0 comments. Categories: Data Management, Enterprise, Infrastructure, Security, Vulnerabilities.

SolarWinds acquires Trusted Metrics to add real-time threat monitoring to cloud security mix

SolarWinds is on the acquisition trail again – this time confirming the acquisition of Trusted Metrics, a real-time threat monitoring and management software provider.

The acquisition will enable SolarWinds to release a new security product under the name of SolarWinds Threat Monitor, which is an automated tool which aims to make threat detection easier for IT operations teams, managed service providers and managed security service providers.

As regular readers of this publication will testify, organisations’ cloud...

By James Bourne, 11 July 2018, 0 comments. Categories: Data & Analytics, M&A, Security, Vulnerabilities.

Three unbeatable security advantages of cloud-based solutions for your business

Cloud-based solutions have never been more popular than ever. Proponents and opponents have their reasons to keep debates fuelled, but small to mid-sized businesses shouldn’t ignore the security benefits cloud can offer.

Higher standards

Implementing cloud-based solutions for your business is certain to bring a higher standard of security that your in-house IT team or a locally managed system is unlikely to achieve.

Multi-factor authentication: Small to medium-sized businesses don’t have...

By Jeff Dennis, 25 June 2018, 0 comments. Categories: Data & Analytics, Data Management, Security, Vulnerabilities.