Cloud security fears continue: Managed services, messaging, FaaS at ‘perilous’ stage

As adoption of managed infrastructure services increases, new cloud attack areas arrive with them. According to a new report from Accurics, 23% of all security violations identified relate to poorly configured manage service offerings.

The study, Accurics' Cloud Cyber Resilience Report, assessed violations and drifts in real-world environments of Accurics users, as well as open source repositories and registries of infrastructure as code (IaC) components.

On average, the...

Why cybersecurity isn’t cybersecure without detection and recovery

Anyone responsible for data security who doesn’t get a shiver down their spine when they read the about yet another high-profile ransomware attack in the news is either doing something very right, or something very wrong.  

The danger of falling victim to a cybersecurity issue is getting greater as the volume of attacks continues to rise and bad actors become increasingly sophisticated. Interpol has highlighted how Covid-19 affected both the number and nature of...

Shadow IT is always going to be here – so learn how to harness it for your business goals

Many IT leaders expected that shadow IT usage would decrease as their organisations’ cloud strategies became more sophisticated. This was a good thing, they thought, because the ominously named practice of using unapproved applications posed a real threat to cybersecurity: Gartner predicted way back in 2016 that one third of successful enterprise attacks would be on shadow IT resources.

In fact, the opposite has happened. New waves of cloud technology have enabled new business...

Five tips for observability success amid cloud complexity

In 2020, the concept of observability in IT operations gained mindshare as IT leaders looked for new ways to rein in the complexity that’s grown organically with cloud computing and rapid digitisation.

Observability differs from IT monitoring in that it focuses on the development of the application and rich instrumentation so that operators can ask meaningful questions about how the software works or is working in production. The ability to ask new questions allows IT to gain...

Four essential strategies to secure users across all environments: Integration, automation, and more

Today’s distributed networks are increasingly diverse, often spanning multiple environments, each with their own unique requirements and standards. Securing each of those network ecosystems is challenging, especially when the end goal is consistent policy enforcement, centralised visibility, and unified orchestration and response. Organisations not only need to secure and manage both hardware-defined and software-defined perimeters, but also maintain security as those network edges...

Looking to adopt hybrid cloud? Don’t overlook governance

The adoption of hybrid IT environments is a standard aspect of digital transformation. During this process, many organisations encounter difficulties arising from managing access and identities across multiple applications, clouds, networks and servers. Delivering a good digital business experience to all your stakeholders – customers, employees and business partners – while managing risk requires the use of modern identity and access governance solutions. With these types of solutions,...

83% of enterprises transformed their cybersecurity in 2020 – accelerated by Covid cloud migration

73% of enterprises (over 500 employees) accelerated their cloud migration plans to support the shift to remote working across their organisations due to the pandemic. 81% of enterprises accelerated their IT modernisation processes due to the pandemic. 48% of all companies surveyed have accelerated their cloud migration plans, 49% have sped up their IT modernisation plans because of Covid-19. 32% of large-scale enterprises, over 500 employees, are implementing more automation using...

Reducing identity and access security risks in cloud infrastructures: A guide

Organisations understand the business value of cloud environments like Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP), but many haven’t realised how these infrastructures increasingly place the onus on them to manage security risk. In fact, Analyst firm Gartner has estimated that over the next three years 99% of cloud security failures will be the customer’s fault. Further, Gartner predicts that 75% of those failures will result from inadequate management of...

What makes the quintessential chief information security officer?

Given the strategic significance of digital transformation, IT security leadership is a really important role. And yet, only 12 percent of chief information security officers (CISOs) excel in all four categories of the 'CISO Effectiveness Index', according to the latest worldwide market study by Gartner.

Gartner analysts presented their global survey findings and discussed the key traits of top-performing CISOs during their recent 'Security & Risk Management...

Palo Alto Networks warns of ‘critical’ IAM misconfigurations potentially worth millions

Cloud misconfigurations continue to cause major headaches for organisations - and a recent report from Palo Alto Networks has uncovered an identity and access management (IAM) flaw that could have been worth 'millions.'

The finding appears in the security provider's Cloud Threat Report 2H 2020. The disclosure (28 pages, PDF, email required) came about after the Unit 42 cloud threat intelligence team - the research arm of Palo Alto - was contacted by a customer requesting a test of...