Shadow data is a top concern for security teams
Shadow data is named as the number one concern around protecting cloud data by 68 percent of data security professionals.
A new study from Laminar reveals that the number of respondents expressing concern over shadow data has increased to 93 percent compared to 82 percent the year before.
Agent-based vs. agentless approaches -- how to implement cloud security
Implementing your security approach will depend on how you can translate your approach from strategy into reality. As part of this, you will have to make decisions on what tools you use based on the functions that they cover, how they help you create and use data, and how they work. This latter part is important as all security professionals have their own preferences. One of the big debates here is whether you use agent-based or agentless tools.
Using security tools that rely on agents can be an issue for some security professionals, while others will swear by their agent-based tool of choice, and you would have to pry it from their hands. The challenge here is when you have a combination of complex environments to consider, faster software development goals to support, real-time security pressures to contend with, and more data than you know what to do with. So what approach should you choose?
Get 'Cloud Native Security' (worth $24) for FREE
Cloud Native Security delivers a detailed study into minimizing the attack surfaces found on today's Cloud Native infrastructure.
Throughout the work, hands-on examples walk through mitigating threats and the areas of concern that need to be addressed. The book contains the information that professionals need in order to build a diverse mix of the niche knowledge required to harden Cloud Native estates.
75 percent of SaaS applications pose a risk to enterprises
The past few years have seen massive growth in the number of SaaS applications used by enterprises, but new research from Spin AI shows that 75 percent of SaaS applications pose a high or medium risk to data stored in either Google Workspace or Microsoft 365.
On average, 35 percent of apps with OAuth permissions to Google Workspace or Microsoft 365 are classified as high risk. For large organizations (with more than 2,000 employees) 56.91 percent of apps pose a high risk.
Data management gets more complex as IT infrastructure diversifies
IT infrastructure is increasingly diverse, with organizations struggling to integrate data management and control.
The latest Enterprise Cloud Index from Nutanix shows the majority of IT teams (60 percent) use more than one IT infrastructure -- a trend that's expected to intensify in the future -- but struggle with visibility of data across environments.
Microsoft has hidden Cloud PC references in Windows 11 as a hint of future Windows 12 features
The Windows Insider program is one of the best places to gain access to the latest features and options, but there are sometimes some hidden gems that serves as signposts of what's to come. The latest Dev build is a good case in point.
References were spotted in Windows 11 build 23419 to Cloud PC thanks to the arrival of the settingshandlers_cloudpc.dll file. There are even entries in Settings that make it clear that Microsoft is betting big on Cloud PC, but it remains to be seen whether this ends up in Windows 11 or Windows 12.
CISA releases open source Untitled Goose Tool to detect malicious activity in Azure, Azure Active Directory and Microsoft 365 environments
The CISA has launched a new security tool designed to help protect various Microsoft cloud services. The open source Untitled Goose Tool is available for both Windows and macOS.
The utility was developed by the US Cybersecurity & Infrastructure Security Agency in conjunction with Sandia National Laboratories. The aim of the tool is to help to detect and respond to malicious activity in Microsoft Azure, Azure Active Directory (AAD) and Microsoft 365 (M365) environments.
New solution helps enterprises manage cloud assets
As organizations turn increasingly to the cloud they face the challenge of understanding not just the cost but also the value of their operation.
To help organizations maximize business value from their technology investments, Flexera is launching a new solution that strengthens an enterprise's FinOps and cloud central teams, while allowing the convergence of IT asset management (ITAM) and FinOps.
IT in 2023: Security, cloud and more
Given the ever-changing trends in cloud computing, security, and more, it can be difficult to plan for the road ahead. However, anticipating new developments, both within your organization and the wider industry, is vital if you want to stay prepared and maximize ROI.
Data is one of a business’ greatest assets, and its role, size and value is only going to increase in 2023 and beyond. Cybersecurity Ventures suggests total global data storage is expected to exceed 200 zettabytes by 2025, with a ransomware attack precited to impact a business, consumer or device every two seconds by 2031, properly securing your data is paramount.
New solution helps to visualize cloud-native app risks
With more and more organizations turning to the cloud and cloud-native application development, AppSec teams face a mounting challenge to keep pace with their development counterparts.
To address this, Backslash Security is launching a new solution to provide unified code and cloud-native security by correlating cloud context to code risk, backed by automated threat modeling, code risk prioritization, and simplified remediation across applications and teams.
How IBM and AWS are driving innovation in the cloud [Q&A]
As we reported at the end of last year, IBM and AWS have extended their collaboration, making IBM software products available as Software-as-a-Service (SaaS) on the AWS Marketplace.
We spoke to Judah Bernstein, CTO, AWS strategic partnership at IBM, to find out more about how the collaboration works and what it means for customers and Ecosystem partners.
Harnessing the power of data in a hybrid cloud environment
In an increasingly crowded business environment, businesses need to stay at the forefront of innovation to get ahead. And the best way for companies to do that is by looking inward -- specifically at their own, preexisting data. Data is every business’ most valuable asset, holding insights that can unlock undiscovered potential. Whether you’re building out fraud detection or working to gain a competitive advantage with new market opportunities, the artificial intelligence (AI) and machine learning (ML) training engines that drive this kind of innovation are only as effective as the data they are given.
Where challenges arise in this process is with the management of data flows. In the past, data has been kept primarily on highly secure, on-premise systems. But more businesses have since been migrating operations to cloud systems, with many opting for a hybrid approach. Research firm Forrester reported that more than 94 percent of U.S. enterprise decision-makers are using at least one type of cloud deployment, with the majority being hybrid or multi-cloud. By modernizing mainframe systems and implementing the right data intelligence tools enterprise leaders can take advantage of all their company data without exposing it to undue threats along the way.
How software pricing strategy is evolving [Q&A]
Buying software used to be relatively simple. You either paid a one-off fee, or an ongoing license, or sometimes a combination of both.
With the advent of cloud and SaaS, however, things have become rather more complicated. Usage based pricing is more common, plus in a difficult economic climate there's a spotlight on software costs.
Economic uncertainty puts the focus onto cloud costs
This year marks the first time in more than a decade that managing cloud spend has overtaken security as the top challenge facing organizations, according to the latest State of the Cloud report from Flexera.
The report is based on responses of 750 respondents from a survey conducted in late 2022 and finds optimizing existing use of the cloud (cost savings) is the top initiative (reported by 62 percent of all respondents).
Cloud adoption leaves regulated industries open to attack
Switching to the cloud has left organizations in heavily regulated industries like healthcare and financial services with a greater attack surface, according to a new report.
Research published today by Blancco Technology Group, based on responses from 1,800 IT professionals in healthcare and finance, shows 65 percent of respondents say that the switch has also increased the volume of redundant, obsolete or trivial (ROT) data they collect.