Take a Data-Centric Approach to Zero Trust to Protect Your Most Critical Assets
For many of us, children are our most critical assets. In order to protect what is important to us, we work hard to know where they are and what they are doing at all times — particularly during those pesky teen years. We also take steps to protect the places where they spend their time….
Want to Improve Cloud Security? It Starts with Logging
When using event logs to monitor for security violations and incidents, the quality of output is determined by the quality of the input. Much of the logging being used is subpar, and there has been little industry incentive to fix it. This, in turn, is preventing true cloud security because cloud platform logs don’t contain…
Effective Data Security Begins With a Strong Tech Foundation
Data is the engine of the modern economy. Whether it consists of customer data, intellectual property, market insights or financial information, these types of sensitive data enable the most successful businesses to thrive. It’s no surprise, then, that securing that critical data is increasingly a strategic priority for organizations around the globe. Not all organizations,…
Do You Know Your Responsibilities When It Comes to Container Security?
As you migrate your enterprise to the public cloud or multicloud, you want to realize some of its inherent benefits regardless of what service model you utilize. Whether your goal is cost optimization, scalability or elasticity, the cloud can allow your enterprise to adopt newer, cutting-edge technologies to innovate your business without the burden of…
Grow Your Business With an Evolving Cloud Security Strategy
We have all heard the castle-and-moat analogy to describe traditional centralized approaches to cybersecurity. As cloud security becomes increasingly important in the modern landscape, I think we should add one more component to the analogies we use to think about security: fog. Sometimes the fog is so thick that you can barely see what is…
Exploring the impact that hybrid cloud is having on enterprise security and IT teams
While enterprises rapidly transition to the public cloud, complexity is increasing, but visibility and team sizes are decreasing while security budgets remain flat to pose a significant obstacle to preventing data breaches, according to FireMon’s 2020 State of Hybrid Cloud Security Report. “As companies around the world undergo digital transformations and migrate to the cloud,…
43% of cloud databases are currently unencrypted
Palo Alto Networks released research showing how vulnerabilities in the development of cloud infrastructure are creating significant security risks. The Unit 42 Cloud Threat Report: Spring 2020 investigates why cloud misconfigurations happen so frequently. It finds that as organizations move to automate more of their cloud infrastructure build processes, they are adopting and creating new…
Infrastructure-as-code templates are the source of many cloud infrastructure weaknesses
In the age of cloud computing where infrastructure needs to be extended or deployed rapidly to meet ever-changing organizational needs, the configuration of new servers and nodes is completely automated. This is done using machine-readable definition files, or templates, as part of a process known as infrastructure as code (IaC) or continuous configuration automation (CCA)….
Moving security operations to the cloud
Sisyphus could be the official mascot of security operations. Sixty-three percent of respondents to a recent ESG survey of 406 IT and cybersecurity professionals say that security operations is more difficult today than it was 2 years ago. Why? 41% of survey respondents point to the rapidly evolving and changing threat landscape, which is forcing…
Researchers Find New Approach to Attacking Cloud Infrastructure
Public cloud infrastructure presents security teams with a new invisible management layer, creating new security challenges that demand better understanding. Many organizations don’t properly understand the cloud identity and access management layer and often fail to secure it. Such misunderstandings usually lead to dangerous misconfigurations that can drive customer risk; for example, in the case…