Microsoft bolsters cloud security approach with CloudKnox acquisition

Microsoft has acquired start-up CloudKnox Security, an identity and access management platform designed in tune with the sensibilities of modern cloud computing.

Through the acquisition, Microsoft will be able to offer CloudKnox’s package of complete visibility into privileged access, helping organisations right-size permissions, enforce least-privilege principles to reduce risk, and employ continuous analytics to prevent security breaches.

In a blog post announcing...

Amazon shuts down cloud infrastructure linked to NSO Group

CCTV Surveillance Camera

Amazon Web Services (AWS) has shut down infrastructure and accounts connected to Israeli surveillance vendor NSO Group.

The decision follows an investigation held by a consortium of media organisations into the firm’s ‘Pegasus’ spyware.

The investigation found that NSO’s military-grade spyware was involved in at least 37 successful hacks of smartphones belonging to journalists, government officials, and human rights activists around the world.

NSO Group...

Cloud account compromises costs organisations £4.5m annually

An open padlock.

The average cost of cloud account compromises reached $6.2 million (£4.5m) over a 12-month period according to more than 600 IT and IT security professionals in the US.

This finding is the most revealing of many from a new report on ‘The Cost of Cloud Compromise and Shadow IT’ released by Proofpoint, a cybersecurity and compliance company, and the Ponemon Institute, an IT security research organisation.

Of the respondents, 68% believe cloud account takeovers present...

Williams selects Pax8 cloud distributor as Acronis #CyberFit partner

A Williams Racing driver wearing a helmet.

Williams Racing has welcomed Pax8, a platform on which IT professionals can buy cloud products, as the Acronis #CyberFit Partner.

This is in line with the Cyber Protection Partnership between Williams and Acronis that was renewed earlier in 2021.

Software firm Acronis has supported Williams since the 2018 Formula One season, providing cyber protection technology to manage growing volumes of data without compromising the security and flexibility mandated by the...

AWS acquires messaging encryption startup Wickr

A graphic of a padlock surrounded by app symbols.

Amazon Web Services (AWS) has snapped up Wickr, which develops secure, end-to-end encrypted communication technology. 

With Wickr, customers and partners can benefit from advanced security features not available with traditional communications services – across messaging, voice and video calling, file sharing, and collaboration. This gives security conscious enterprises and government agencies the ability to implement important governance and security controls to help them meet...

Cloud-native architectures break traditional approaches to app security

An architect's plan..

The rising adoption of cloud-native architectures, DevOps and agile methodologies has broken traditional approaches to application security.

This is according to an independent global survey of 700 CISOs commissioned by Software intelligence firm Dynatrace.

As organisations shift more responsibility 'left' to developers to accelerate innovation, increasingly complex IT ecosystems and outdated security tooling can slow releases by leaving blind spots and forcing teams to...

The top five impersonation techniques – and best practices to help reduce risk

Impersonation attacks are on the rise as attackers switch gears to target an increasingly remote and distracted workforce. Impersonation not only enables cybercriminals to gain trust and manipulate victims into disclosing sensitive data, but also significantly boosts their ability to successfully execute cybercrime. Such attacks are usually hard to detect and at times, leverage legitimate resources and channels for execution.

Impersonation attacks may not be new to the world of...

How European CISOs are driving increased IT security investment

The chief information security officer (CISO) role has gained new importance, due to increased cyber threats. Moreover, the COVID-19 pandemic has had a significant impact on security-related IT investment in Europe, which will continue to grow rapidly in 2021.

During the pandemic, organisations have been re-architecting their IT security perimeters to protect operations and critical data. The pandemic, and measures to curb it with remote working, have pushed the enterprise network...

Report warns of ‘dubious’ permissions gap for enterprise hybrid and multi-cloud

A new report has warned of a 'dubious' gap for permissions across enterprise hybrid and multi-cloud environments.

The study from CloudKnox Security, which is described as an industry first, polled more than 150 global organisations on their usage of Amazon Web Services (AWS), Microsoft Azure, Google Cloud, and VMware vSphere.

Overall, the standout finding saw more than 90% of organisations were using fewer than 5% of permissions granted. Each specific provider told a...

Cloud Security Alliance serves up a needed shot of realism with sprawling remote cloud initiatives

Amid the continued acceleration and focus on cloud initiatives as remote working turns into a necessity instead of a nice-to-have, it is always nice to get a helping of realism to accompany the hype.

The Cloud Security Alliance (CSA), in association with cloud security management provider AlgoSec, has done just that in its latest report. The study, 'State of Cloud Security Concerns, Challenges, and Incidents', polled almost 1,900 IT and security professionals across a variety of...