Cloud-native architectures break traditional approaches to app security

An architect's plan..

The rising adoption of cloud-native architectures, DevOps and agile methodologies has broken traditional approaches to application security.

This is according to an independent global survey of 700 CISOs commissioned by Software intelligence firm Dynatrace.

As organisations shift more responsibility 'left' to developers to accelerate innovation, increasingly complex IT ecosystems and outdated security tooling can slow releases by leaving blind spots and forcing teams to...

The top five impersonation techniques – and best practices to help reduce risk

Impersonation attacks are on the rise as attackers switch gears to target an increasingly remote and distracted workforce. Impersonation not only enables cybercriminals to gain trust and manipulate victims into disclosing sensitive data, but also significantly boosts their ability to successfully execute cybercrime. Such attacks are usually hard to detect and at times, leverage legitimate resources and channels for execution.

Impersonation attacks may not be new to the world of...

How European CISOs are driving increased IT security investment

The chief information security officer (CISO) role has gained new importance, due to increased cyber threats. Moreover, the COVID-19 pandemic has had a significant impact on security-related IT investment in Europe, which will continue to grow rapidly in 2021.

During the pandemic, organisations have been re-architecting their IT security perimeters to protect operations and critical data. The pandemic, and measures to curb it with remote working, have pushed the enterprise network...

Report warns of ‘dubious’ permissions gap for enterprise hybrid and multi-cloud

A new report has warned of a 'dubious' gap for permissions across enterprise hybrid and multi-cloud environments.

The study from CloudKnox Security, which is described as an industry first, polled more than 150 global organisations on their usage of Amazon Web Services (AWS), Microsoft Azure, Google Cloud, and VMware vSphere.

Overall, the standout finding saw more than 90% of organisations were using fewer than 5% of permissions granted. Each specific provider told a...

Cloud Security Alliance serves up a needed shot of realism with sprawling remote cloud initiatives

Amid the continued acceleration and focus on cloud initiatives as remote working turns into a necessity instead of a nice-to-have, it is always nice to get a helping of realism to accompany the hype.

The Cloud Security Alliance (CSA), in association with cloud security management provider AlgoSec, has done just that in its latest report. The study, 'State of Cloud Security Concerns, Challenges, and Incidents', polled almost 1,900 IT and security professionals across a variety of...

Enterprise plans for endpoint security in 2021: An interview with Christy Wyatt, Absolute, and Matthew Zielinski, Lenovo

Bottom line: Today’s largely distributed enterprises need to make sure they are putting endpoint security first in 2021– which includes closely managing every stage of the device lifecycle, from deployment to decommission, and ensuring all sensitive data remains protected.

There’s a looming paradox facing nearly every organisation today of how they’ll secure thousands of remote endpoints without having physical access to devices, and without disrupting worker productivity....

Cloud Security Alliance and ISACA come together for new cloud auditing certificate

The Cloud Security Alliance (CSA) and ISACA have announced the launch of a new cloud auditing and security certificate - aimed at being the first such 'global, vendor-neutral, technical credential' in the industry.

The Certificate of Cloud Auditing Knowledge (CCAK) aims to 'fill a gap in the industry for competent technical professionals who can help organisations mitigate risks and optimise ROI in the cloud', as the companies put it. The certification builds upon the...

Why Covid-19 is teaching enterprises how to mind the cybersecurity gap

30% of US and UK remote workers say their organisations don’t require them to use a secure access tool, including VPN, to log into corporate databases and systems, according to Ivanti’s 2021 Secure Consumer Cyber Report Plus, 25% of remote workers in the US and UK aren’t required to have specific security software running on their devices to access certain applications while working remotely And one in four US remote workers use their work email and passwords to log in to consumer...

Exploring corporate banking’s growing business case for cloud migration

The impact of public cloud on retail banking is already clear. As a mainstream technology, cloud enables top initiatives such as digital, mobile, and customer analytics. In the corporate banking segment, the pace of cloud adoption and migration has been slower. Top among the forces impeding legacy transformation and the move to the cloud: security and compliance concerns.

Today, corporate banking’s approach to innovative technologies and cloud computing is changing. While...

How remote working demand continues to disrupt IT security norms

Enterprise IT security investment in critical infrastructure has been consistent over the last 12 months, regardless of huge disruptions from the global Covid-19 pandemic. The resulting effect has been mostly in increased demand for secure 'remote working' connectivity.

Cybersecurity spending announced by governments has not really changed significantly, with most maintaining similar funding planned in previous years, and an average year-on-year growth rate between 5% and...