Majority of malware downloads come from cloud apps

Computer code in the shape of a skull.

More than two-thirds of malware downloads came from cloud apps in 2021, according to a study by Netskope, a secure access service edge (SASE) specialist, titled Cloud and Threat Spotlight: January 2022. 

The research highlights the continued growth of malware and other malicious payloads delivered by cloud applications. The year-over-year analysis identifies the top trends in cloud attacker activities and cloud data risks from 2021 as compared to 2020, and examines changes in the...

Head in the clouds: Securing a path to the cloud for your business

A mountain pathway through clouds.

The International Data Corporation (IDC) has dubbed 2021 The Year of the Multicloud, and with good reason.

Even prior to the pandemic, the market for cloud tools was broadening and becoming increasingly complex, giving businesses a lot to think about as they started to ramp up their digital transformation efforts. For small to medium-sized businesses in particular, the path to the cloud can often seem like a series of daunting hurdles with difficult questions to answer at...

Most businesses are not protecting their sensitive data in the cloud

A padlock on a keyboard.

As many as 40% of organisations have experienced a cloud-based data breach in the past 12 months. 

Despite increasing cyber-attacks targeting data in the cloud, the vast majority (83%) of businesses are still failing to encrypt half of the sensitive data they store in the cloud, raising even greater concerns as to the impact cyber criminals can have.

These details have been unveiled in the 2021 Thales Global Cloud Security Study, commissioned by Thales and conducted...

5 ways cloud-based technology is changing the game for enterprise security

A security camera.

Today’s enterprise organisations are having to play by a new set of cyber and physical security rules. Hackers are getting more advanced, and finding new and faster ways to breach security protocols. The traditional models, in which cybersecurity and physical security teams operate as separate entities, can no longer ensure companies stay protected from the latest threats. Even with converged cyber and physical security teams, a key piece of a successful security strategy is having the...

Todd Boehler, ProcessUnity: Risk management, digital transformation and the role of the CISO 

Could you tell us a little bit about ProcessUnity and what it does? 

We're a cloud provider of risk management program automation. 

We help organisations make risk management activities more effective and efficient in their businesses. We have a core concentration around third-party risk and cybersecurity program management, but we also help customers across the entire GRC (governance, risk...

Ransomware mitigation sees focus from AWS, Azure, Google Cloud

Ransomware mitigation strategies have become an increasingly important aspect of major cloud providers’ offering following the pandemic.

In recent weeks, Amazon Web Services (AWS), Microsoft Azure and Google Cloud have all published articles recommending mitigation tactics and best practice in the event of a ransomware attack.

A ransomware attack occurs when company files are encrypted and money is demanded in exchange for the decryption key and the maintained privacy...

Greg Day, Palo Alto Networks: On protecting our way of life in the digital age

Security threats have evolved considerably over the years and Palo Alto Networks knows more than most that “protecting our way of life” also requires a digital approach in the modern world.

Historically, nations would protect their way of life by having the sharpest swords, the biggest guns, the sturdiest tanks, or the fastest planes. Nowadays, it’s as much – if not more – about who has the most secure networks and systems.

CloudTech spoke with Greg Day, VP...

AWS acquires messaging encryption startup Wickr

A graphic of a padlock surrounded by app symbols.

Amazon Web Services (AWS) has snapped up Wickr, which develops secure, end-to-end encrypted communication technology. 

With Wickr, customers and partners can benefit from advanced security features not available with traditional communications services – across messaging, voice and video calling, file sharing, and collaboration. This gives security conscious enterprises and government agencies the ability to implement important governance and security controls to help them meet...

Cloud-native architectures break traditional approaches to app security

An architect's plan..

The rising adoption of cloud-native architectures, DevOps and agile methodologies has broken traditional approaches to application security.

This is according to an independent global survey of 700 CISOs commissioned by Software intelligence firm Dynatrace.

As organisations shift more responsibility 'left' to developers to accelerate innovation, increasingly complex IT ecosystems and outdated security tooling can slow releases by leaving blind spots and forcing teams to...

Five key mistakes which threaten infrastructure cybersecurity and resilience

Bottom line: With many IT budgets under scrutiny, cybersecurity teams are expected to do more with less, prioritising spending that delivers the greatest ROI while avoiding the top five mistakes that threaten their infrastructures.

In a rush to reduce budgets and spending, cybersecurity teams and the CISOs that lead them need to avoid the mistakes that can thwart cybersecurity strategies and impede infrastructure performance. Cutting budgets too deep and too fast can turn into an...