Cloud Security Alliance aims to improve cyber security with introduction of new metrics

As any medical professional will explain, prevention is always better than cure. So why are so many organisations reactive instead of proactive when it comes to cybersecurity threats? A new report from the Cloud Security Alliance (CSA) aims to introduce new metrics for enterprises to improve their security game.

The report, titled ‘Improving Metrics in Cyber Resiliency’, introduces Elapsed Time to Identify Failure (ETIF) and Elapsed Time to Identify Threat (ETIT), as well as processes to measure...

By James Bourne, 30 August 2017, 0 comments. Categories: Disaster Recovery, Security, Vulnerabilities.

Things that go bump in IT: Eliminate shadow IT nightmares to improve compliance and governance

Lurking in the background of any IT manager’s nightmares is the spectre of shadow IT. Shadow IT can be described as hardware or software used in an enterprise that is not supported by the enterprise. The negativity of the term is justified because it implies that employees are using technology without the knowledge or approval of the IT department – a recipe for disaster.

The risks of shadow IT are well-known and have the potential to damage a business’s ability to function effectively. Even...

By Tom Grave, 22 August 2017, 0 comments. Categories: CIO, Collaboration, Security, Software, Vulnerabilities.

Why analytics and good identity hygiene are key to cloud security

As cloud computing has matured, the benefits it delivers to organisations of all sizes are undeniable. Companies are enjoying agility, scale and speed like never before.

And cloud adoption shows no signs of slowing. Gartner earlier this year forecasted that the worldwide public cloud services market would grow 18 percent in 2017, and Forrester said global cloud services revenues totalled £100 billion in 2016, up from £50 billion just two years ago — that’s annual growth of 30...

By Don Shin, 15 August 2017, 0 comments. Categories: Data & Analytics, Developers, Security, Vulnerabilities.

Combating the rising threat of malware in the cloud

Enterprise cloud adoption rates continue to rise at unprecedented rates as more businesses realise the benefits these services can bring.

However, perhaps predictably, this explosive growth has also given rise to a host of new cyber threats as criminals look to capitalise on changing business habits for their own ends. At the top of the list are two familiar threats; malware and ransomware, which unfortunately now have the potential to compromise more data than ever before, thanks to the interconnected nature...

By Anurag Kahol, 17 July 2017, 0 comments. Categories: Vulnerabilities.

Five ways to shine a light on shadow IT

Today’s fast-paced work environment finds employees striving to improve efficiency, productivity and communication. In an attempt to excel at work, they often use applications, services, data storage and sharing beyond IT’s approval. This practice — known as shadow IT — is having an obvious impact on technical support teams by undercutting sound governance and reducing operational efficiencies. According to

By Vineet Misra, 12 July 2017, 0 comments. Categories: Collaboration, Security, Software, Vulnerabilities.

The changing face of security in the age of the cloud

The computing world just keeps on progressing but as we all know with progress comes additional challenges. This is especially true of challenges around security. Every advance in computing has given rise to the same question: “how do we secure this new toy?”

When client/server architecture was all the rage in the late 1990s there was great excitement about the advantages it brought about but also a concern for the security implications of distributed clients and centralised servers. When server...

By David Auslander, 10 July 2017, 0 comments. Categories: Architecture, Security, Vulnerabilities.

Why it is time to accept that cybercrime is a real danger

(c)iStock.com/the-lightwriter

The world recently witnessed the WannaCry attack. This threat is a wake-up call to everyone that the danger of cybercrime is exponential.

While we need to be ready to see global attacks of this nature increase, the technology that is required to combat these hazards exists now. From vulnerability detection and anti-virus, device and network monitoring, to management tools and data backup, businesses...

By Mark Cattini, 30 June 2017, 0 comments. Categories: Data & Analytics, Data Management, Security, Storage, Vulnerabilities.

How to choose a cloud sandbox solution: Best practice ideas

By Mathias Widler

Businesses have become painfully aware that conventional approaches — virus signature scanning and URL filtering — are no longer sufficient in the fight against cyberthreats. This is in part because malware is constantly changing, generating new signatures with a frequency that far outpaces the updates of signature detection systems.

In addition, malware today tends to be targeted to specific sectors, companies, or even individual members of a management team, and such...

By Zscaler, 22 June 2017, 0 comments. Categories: Security, Vulnerabilities.

WannaCry and the public cloud: The CISO perspective

By Matthew Sharp, CISO, Logicworks

I recently attended a CISO Executive Summit here in NYC.  The room was packed with 175 CISOs and top-level security leaders from various industries.  There was broad agreement that WannaCry was a scramble for many of their teams, and created a long weekend for some.  We concurred that we were lucky the “kill switch” was triggered, and we soberly recognised that the exploit is being redeployed with newly weaponised malware.

The consensus among CISOs...

By Logicworks, 24 May 2017, 0 comments. Categories: DevOps, Infrastructure, Public, Security, Vulnerabilities.

Why it’s still important to educate your employees around cloud security, VPNs, and Wi-Fi

(c)iStock.com/themacx

Sponsored For those at the coalface of the security industry, the feeling of metaphorically banging one’s head against a brick wall, of continually educating, re-educating and correcting misinformation, mischievous or otherwise, will feel all too familiar.

Take the comments from Home Secretary Amber Rudd around WhatsApp following the terror attack in Westminster. Following the disclosure that the messaging service was used moments before the attacker struck, Rudd’s remarks –...

By James Bourne, 11 April 2017, 2 comments. Categories: Consumer, Data & Analytics, Security, Vulnerabilities.

Security monitoring remains ‘complex and chaotic’ – and cloud and IoT will only make it worse

One in three respondents in a survey conducted by AlienVault said the state of security monitoring in their organisation was ‘complex and chaotic’, adding a ‘major disconnect’ was still in place between beliefs and actions in cloud security.

The survey, conducted at the RSA conference in San Francisco back in February, polled 974 attendees. One in five (21%) admit they don’t know how many cloud applications are being used in their organisation, while 39% say it is more than 10....

By James Bourne, 31 March 2017, 0 comments. Categories: Data Management, Security, Vulnerabilities.

There’s no such thing as a free lunch: Why business needs to understand cloud threats

Businesses across the country have bought into the extraordinary benefits of cloud computing. Senior executives have become passionate advocates, attracted by the promise of greater agility, cost savings and convenience. It is no surprise that global spending on public cloud services will reach $141bn by 2019. But business leaders are less well informed when it comes to the risks the cloud can introduce to enterprise environments.

That’s why IT needs to...

By Piers Wilson, 30 March 2017, 0 comments. Categories: Data & Analytics, Data Management, Security, Vulnerabilities.

Overcoming cybersecurity challenges with managed IT services

If there is one thing we can be certain about when it comes to cybersecurity, it’s that the landscape will remain dynamic and turbulent over the coming years. Today, news headlines are dominated by cyberattacks and breaches that span across all industries – causing security to be top of mind for almost all businesses. However, these headlines don’t seem to be slowing down, which means that businesses are still struggling to keep up with the rapidly evolving threat landscape.

So, what are the...

By Continuum Managed Services, 28 March 2017, 0 comments. Categories: Data & Analytics, Enterprise, Security, Vulnerabilities.

A guide: Using SmartNICs to implement zero-trust cloud security

In an age of zero-trust security, enterprises are looking to secure individual virtual machines (VMs) in their on-premise data centres, cloud or hybrid environments to prevent increasingly sophisticated attacks. The problem is that firewalling individual VMs using tools like software appliance firewalls or Connection Tracking (Conntrack) is operationally challenging to manage. It delivers bad performance, restricting VM mobility and consuming many CPU cycles on servers, which limits their ability to process...

By Abhijeet Prabhune, 23 March 2017, 0 comments. Categories: Data Centres, Data Loss, Infrastructure, Security, Vulnerabilities.

How on-demand cloud is contributing to the ransomware problem

“Attention! All your files have been encrypted.” More and more businesses are being greeted with messages such as this one, with ransomware attacks against businesses having increased threefold last year.

Advice for preventing ransomware – which is malicious software that encrypts devices or data until the owner pays a ransom in exchange for access to their data – is...

By Matt Kingswood, 09 March 2017, 0 comments. Categories: Applications, Data Management, Security, Vulnerabilities.

Eseye on embracing cloud, Amazon Web Services, and the IoT

(c)iStock.com/DrAfter123

“We changed our business model to align with cloud,” explains Nick McNamara, VP sales Europe at connectivity provider Eseye.

The company has doubled down on both the Internet of Things (IoT) and Amazon Web Services (AWS) strategically, as McNamara, speaking at the IoT Tech Expo event last week, explains. “All connectivity providers, whether you’re an MNO, an MVNO, or like us a smart MNO, sell megabytes per month,” he says. “We no longer sell megabytes...

By James Bourne, 31 January 2017, 0 comments. Categories: Amazon, Applications, Data Sovereignty, Security, Vulnerabilities.

Building your data castle: Protecting from ransomware and restoring data after a breach

(c)iStock.com/Pobytov

The data centre is the castle. You can pull up the drawbridge, fill up the moat, or pull down the portcullis. But at some point, you have to let data in and out, and this opens up the opportunity for ransomware attacks.

No longer is it a matter of pride and peer recognition in the hacker community for circumnavigating and exposing the security of an organisation because it is now a fully-fledged industry in its own right with the use of ransomware.  That cybersecurity company...

By David Trossell, 11 January 2017, 0 comments. Categories: Data Centres, Data Management, Security, Vulnerabilities.

Preparing for a year of ‘unknown unknowns’ in cyber security

(c)iStock.com/tonefotografia

Today’s threat landscape is constantly evolving. In 2016 in particular, we’ve seen a huge shift with adversaries penetrating organisations from the DNC to WADA and gaining access to sensitive documents that were later leaked to embarrass individuals. Yet, while many believe that this trend starts and ends with a contentious election, it’s not something that’s going away in 2017. In fact, we’re starting to see continued and varied threats, most...

By Mike East, 07 December 2016, 0 comments. Categories: Security, Vulnerabilities.

How software asset management needs to adapt to changing cloud conditions

(c)iStock.com/whiteson

A new report issued today by Flexera Software argues that software asset management (SAM) needs to evolve to keep up with software as a service (SaaS) and virtualisation moving into the mainstream.

The study, which polled almost 500 respondents answering questions on enterprise and application production, found that for 20% of respondents, more than a quarter of their software is SaaS-based, while 39% say more than a quarter is virtualised. Interestingly, while three quarters say 80% or...

By James Bourne, 06 December 2016, 0 comments. Categories: Research, Security, Software, Vulnerabilities.

The key to defending your data centre against the Internet of Things

(c)iStock.com/4x-image

Opinion The Internet of Things has the potential to revolutionise society once it surmounts its initial growing pains. Unfortunately, one of those involves security.

DDOS attacks are one of the oldest and most enduring things on the web, like that creepy uncle who no one can get rid of at family reunions. And like that uncle, they’re getting progressively worse as time goes on. This past summer saw the largest DDOS attack in history, one so large that it forced content delivery network...

By Tim Mullahy, 01 December 2016, 0 comments. Categories: Data & Analytics, Data Centres, Data Management, Security, Vulnerabilities.