Cloud account compromises costs organisations £4.5m annually

An open padlock.

The average cost of cloud account compromises reached $6.2 million (£4.5m) over a 12-month period according to more than 600 IT and IT security professionals in the US.

This finding is the most revealing of many from a new report on ‘The Cost of Cloud Compromise and Shadow IT’ released by Proofpoint, a cybersecurity and compliance company, and the Ponemon Institute, an IT security research organisation.

Of the respondents, 68% believe cloud account takeovers present...

Test, test, and test some more: Emphasising the importance of DR testing

With Gartner estimating that the average cost of network downtime is $5,600 per minute or $336,000 per hour, few would argue that regular testing of a robust disaster recovery (DR) plan is essential for organisations. Even if you omit the financial implications, the lost productivity, missed opportunities, brand damage and potential data loss and SLA pay-outs associated with system downtime should be enough to keep even the most hardened IT professional up at night.

So,...

Marriott reported another data breach: Why cyber risk assessment is important

Marriott International — the multinational hospitality company behind the third-largest hotel brand in the world — reported a major data breach on March 31 2020, marking its second major data breach in the last two years. This data breach is expected to leak the information of 5.2 million guests worldwide.

“Marriott said Tuesday approximately 5.2 million guests worldwide may have been affected. The information taken may have included names, addresses, phone numbers,...

What is cyber insurance truly worth? Analysing the risks and responses

Ominous mobile cloud computing conceptual image.

Analysis Cyber risk has overtaken financial risk as the greatest threat that we all face, according to PwC’s 2019 global crisis survey. There are also concerning parallels between the global financial crisis of 2009, and the current cyber threat landscape

The question is, to what extent is cyber insurance the answer?

Currently most companies...

A day in the trenches with IT operations: How to create a more seamless practice

Traditionally, IT operators are responsible for ‘keeping the lights on’ in an IT organisation. This sounds simple, but the reality is harsh, with much complexity behind the scenes. Furthermore, digital transformation trends are quickly changing the IT operations responsibility from ‘keeping the lights on’ to ‘keeping the business competitive’.

IT operators are...

Human error and misconfigurations primary source of Kubernetes security snafus, report says

An open padlock.

StackRox, a provider of cloud-native, container and Kubernetes security, warned in its previous report that the security implications for Kubernetes were beginning to spill over to adoption – and the release of its updated winter study have proved the company right.

The paper, the winter edition of its State of Container and Kubernetes Security Report, was put together alongside 451 Research and...

Think of data as the new uranium rather than the new oil – and treat it like it’s toxic

In May 2017, The Economist famously ran with a front-page headline proclaiming that “The world’s most valuable resource is no longer oil, but data.” It focused on big tech’s collection and use of data and argued that the data economy demands a new approach to antitrust rules.

I agree with the idea that data is now about the world’s most valuable resource, but would suggest that it is more like uranium. It has power and energy, but too much of it can...

Eradicate human error and make your cloud implementation a picnic

Sunshine, sandwiches, scenic views, and not a care in the world besides the occasional wasp. Everyone loves a picnic.

Unfortunately, the same cannot be said for PICNIC, an enduring acronym in IT circles standing for Problem In Chair, Not In Computer. The term, dating back to the 1980s, was first employed by frustrated IT professionals weary of dealing with computer problems arising from user error rather...

Capital One confirms data breach, cites cloudy approach as key to swift resolution

Capital One has confirmed a ‘data security incident’ which affected more than 100 million customers in the US and Canada – and while Amazon Web Services (AWS) has been identified as the receptacle in which the data was stolen, both customer and vendor appear not to be to blame.

Paige A. Thompson, otherwise known as ‘erratic’, was arrested on Monday and appeared in court in...