Articles about Cloud security

Implementing your security approach will depend on how you can translate your approach from strategy into reality. As part of this, you will have to make decisions on what tools you use based on the functions that they cover, how they help you create and use data, and how they work. This latter part is important as all security professionals have their own preferences. One of the big debates here is whether you use agent-based or agentless tools.

Using security tools that rely on agents can be an issue for some security professionals, while others will swear by their agent-based tool of choice, and you would have to pry it from their hands. The challenge here is when you have a combination of complex environments to consider, faster software development goals to support, real-time security pressures to contend with, and more data than you know what to do with. So what approach should you choose?

Continue reading →

Given the ever-changing trends in cloud computing, security, and more, it can be difficult to plan for the road ahead. However, anticipating new developments, both within your organization and the wider industry, is vital if you want to stay prepared and maximize ROI. 

Data is one of a business’ greatest assets, and its role, size and value is only going to increase in 2023 and beyond. Cybersecurity Ventures suggests total global data storage is expected to exceed 200 zettabytes by 2025, with a ransomware attack precited to impact a business, consumer or device every two seconds by 2031, properly securing your data is paramount.

Continue reading →

A new report finds that 50 percent of enterprises and 75 percent of mid-sized organizations have exposed public SaaS assets.

The report from security platform DoControl shows that large and medium companies have an average of 5.5 million and 1.5 million assets stored in SaaS applications respectively, illustrating the challenge IT and SecOps teams face daily in securing the intellectual property those assets contain.

Continue reading →

The "Global DataSphere" is exploding in size. IDC predicts that by 2026, the amount of data in the world will have doubled again. While most enterprises have digitized their operations, they continue to add more strategic workloads and create more and more data. So, as the amount of data enterprises have to deal with grows exponentially, moving to the cloud based on an elaborated strategy offers significant benefits like scalability, flexibility and cost-effective storage.

But can this go on forever? Gartner expects total worldwide end-user spending on public cloud services will reach a record $592 billion this year, a 21 percent increase from 2022. This rapid level of growth and migration raises some concerns at an enterprise level, with fast "lift and shift" migrations meaning best-practices for modern data protection aren’t followed. The Cloud security alliance (CSA) reported that 96 percent of companies say they have insufficient security for sensitive cloud data -- so across the board we have a long way to go on this journey. Here are three best practices for enterprises to protect their data in the cloud. 

Continue reading →

Cloud technology has changed the way we approach technology. It’s also given rise to a new set of security challenges caused by bad actors who seek to exploit vulnerabilities in a digital infrastructure. You can put the kibosh on these hackers and their dirty deeds by hardening the walls that protect your data. 

Using the practical techniques discussed in Cloud Security For Dummies, you’ll mitigate the risk of a data breach by building security into your network from the bottom-up. Learn how to set your security policies to balance ease-of-use and data protection and work with tools provided by different vendors trusted around the world. 

Continue reading →

As security professionals assess the cloud security challenges that lie ahead for the coming year, one thing is certain. Threat actors will continue to double down on their efforts, utilizing new techniques and refining pre-existing methods as they extend their ever-growing toolbox.

To help enterprises stay ahead of the game, our security research team has highlighted some of the top trends and attack vectors cloud security teams can expect to encounter in 2023.

Continue reading →

As many CISOs are discovering, protecting cloud native environments requires a fundamental shift in thinking when it comes to keeping threats at bay. The huge change in the technology stack, the rapid delivery of software updates, and the unfettered use of open source, all present new challenges that old-style security tools cannot resolve.

Rather than using different point solutions that only solve specific security issues and need to be manually stitched together, Gartner recommends adopting a unified and end-to-end full lifecycle solution that starts in development and extends to deliver comprehensive runtime protection. In other words, a cloud-native application protection platform (CNAPP).

Continue reading →

No longer the new 'big thing', the cloud has matured into something that almost all organizations rely on daily. But it's still evolving and its importance has grown over the last two years as we've switched to remote and hybrid working.

Here are some expert views on what lies ahead for the cloud in 2023.

Continue reading →

As more and more of our computing moves to the cloud, protecting information and apps throws up a new set of challenges for enterprises.

We spoke to Ratan Tiperneni, president and CEO of cloud-native app protection specialist Tigera, to find out more about the security implications of going cloud native and how to deal with them.

Continue reading →

Cloud technology has been gaining momentum in the last couple of years.

It threw a lifeline to companies by making remote work at the start of the crisis possible, enabled scaling for a reduced cost, and made information that much more accessible. However, all of these benefits also come with security risks for organizations that haven’t adequately protected their new infrastructure.

Continue reading →

With most enterprises leveraging at least one type of cloud deployment today, the question arises: is the cloud more or less secure than on-premise solutions?

The reality is that for on prem or even private cloud environments, the approach to security largely relies on a barrier defense. When organizations are compromised within this barrier, it can basically become open season for malicious actors, which we’ve seen in marquee incidents such as the Target data breach, the Home Depot hack in 2014, or the recent Uber breach, which exploited an unpatched security vulnerability.

Continue reading →

The IT world is littered with acronyms and one of the latest is CNAPP, standing for Cloud Native Application Protection Platform. If you haven't heard about it already you almost certainly will do soon.

We spoke to Stanimir Markov, CEO at Runecast, about CNAPP, what it is and how it can benefit modern enterprises and their cloud environments.

Continue reading →

In what was a far-sighted move back in 2004, the President of the United States and Congress declared October to be Cybersecurity Awareness Month, dedicated to helping individuals protect themselves online as threats to technology and confidential data become more commonplace.

This has now become a regular event on the calendar and the theme of this year's campaign is 'See Yourself in Cyber', aiming to underline the fact that cybersecurity is ultimately about people rather than technology.

Continue reading →

Developer-first security is the future in the cloud -- the responsibility for cloud security rests with developers and DevOps teams, not IT security.

In the days of the on-premise data center and early cloud adoption, the roles of application developers, infrastructure operations, and security were largely siloed. In the cloud, this division of labor increases the time-to-market for innovation, reduces productivity, and invites unnecessary risk.

Continue reading →

According to a new report 81 percent of organizations have experienced a cloud-related security incident over the last 12 months, with almost half (45 percent) suffering at least four incidents.

The findings, from machine identity management specialist Venafi, reveal that the underlying issue for these security incidents is a dramatic increase in security and operational complexity connected with cloud deployments.

Continue reading →