Latest cloud security publications
If the past decade in enterprise IT was owned by cloud, then the next ten years will arguably be defined by our attempt to secure it.
The degree to which cloud has absorbed applications and data is well-documented. While companies are consolidating with hybrid deployments, according to some estimates, 91 percent of organisations have moved some portion of their workloads to the cloud.
As this new territory grows, so too does its attack surface. Organisations need to be armed and ready, yet many are getting into sloppy habits, particularly when it comes to basic data storage practices. Between June 2018 and May 2019 over 2.3 billion files were found on misconfigured or non-secured cloud storage technologies. As cyber security company Forcepoint has framed it, as more companies become “cloud smart,” a large number appear to remain “cloud dumb,” at least when it comes to security.
The oversight is partly because we naturally focus on the ways a new tool can make our lives easier without first considering its side-effects. True, it’s not only a matter of failing to get the basics right. Like with any new technology, it has taken time for us to grasp the multitude of ways that the cloud can leave companies exposed. Compounding this problem is the pace at which cyber hackers conjure up new means of attack.
Cloud computing has offered a wealth of opportunity for businesses across the globe. From encouraging vast and continuous development of services, applications and platforms, to giving companies a myriad of choices when it comes to finding the right solution to drive business benefit. However, cloud computing does open the door to new risks that need to be acknowledged. These risk factors come in many different shapes and sizes, including unauthorised system access, mass data loss, or the complexity of network identity management.
Visibility is absolutely key for businesses to make informed and educated decisions. Without the full picture, correct decision making is nearly impossible and will ultimately lead to failure. With an understanding of where the risks and threats lie, companies can build a defence to mitigate these threats; this is where having centralised connectivity is essential.
GCP security bolstered by four new updates Google has announced four new capabilities to Google Cloud Platform (GCP) to improve the security of users, data and applications in the cloud. Among the new announcements are the enterprise launch of the company’s Advanced Protection Program, the general availability of Titan Security Keys, and a machine learning… Read More
Scores of personal information including social security numbers, credit scores and balances were sitting on Github for weeks A hacker gained access to personal information from more than 100 million Capital One credit applications in the US, the bank said as US federal authorities arrested a suspect in the case. Paige A Thompson – who… Read More
93 percent of IT decision makers report difficulties keeping tabs on cloud workloads As cloud rapidly becomes the norm, cloud security should be rising up the organisation’s list of security concerns. But new research shows that firms are leaving their security teams behind in their eagerness to migrate workloads to the cloud. The research, released… Read More