Majority of SaaS applications and AI tools are unmanaged
A new report reveals that 90 percent of SaaS applications and 91 percent of AI tools within enterprises remain unmanaged, suggesting a widespread vulnerability that continues to grow.
The study from Grip Security highlights the limitations of traditional security strategies in combating 'SaaS risk creep' the number of SaaS applications used in an enterprise increased by 40 percent over the last two years.
Cloud attacks grow in cost and scale
A new report from Sysdig highlights the growing cost and scale of cloud attacks and the evolution of tactics being used by attackers.
Among the findings are that over $100,000 is lost per day to AI resource jacking. It hasn't taken long for threat actors to leverage stolen cloud access to exploit large language models (LLMs), as illustrated by an LLMjacking attack that left one victim on the hook for $30,000 in just three hours. Left unchecked, an LLMjacking operation can cost more than $100,000 per day.
Old credentials never die they just present a cloud security risk
Long-lived credentials on major cloud platforms continue to be a huge risk for organizations, according to a new report from Datadog.
Long-lived cloud credentials never expire and frequently get leaked in source code, container images, build logs and application artifacts, making them a major security risk. The report finds that 46 percent of organizations are still using unmanaged users with long-lived credentials.
IT decision-makers under pressure to demonstrate public cloud adoption cost savings
Unless you’re an Olympic athlete, you probably don’t want a stopwatch tracking your performance -- pushing you to work harder and move faster. But, according to Six Degrees’ newly published independent research, one in five IT decision-makers at SMEs feel that the clock is on them when implementing public cloud migration projects.
Six Degrees’ UK SME Cloud Intelligence Report 2024 found that the extent to which IT decision-makers feel rushed varies considerably between sectors. Finance and insurance (57 percent), blue light (55 percent) and education (42 percent) are impacted the most compared to those working in government (33 percent), healthcare (32 percent) and manufacturing (29 percent).
Qualys launches cloud-based risk operations center
Organizations are facing an ever-growing volume of risk alerts spread across multiple, disconnected top-10 dashboards. This fragmented view can result in conflicting analyses, duplicate work, missed threats, and strategies that fail to fully protect the organization.
Cloud-based security firm Qualys is addressing this with the launch of a new Risk Operations Center (ROC) with Enterprise TruRisk Management (ETM) that enables CISOs and business leaders to manage cybersecurity risks in real time, transforming fragmented, siloed data into actionable insights that align cyber risk operations with business priorities.
'Toxic cloud triad' puts four in 10 organizations at risk
It might sound like a Chinese secret society, but a new report warns that a 'toxic cloud triad' of publicly exposed, critically vulnerable and highly privileged cloud workloads is putting almost four in 10 organizations at risk.
Security gaps caused by misconfigurations, risky entitlements and vulnerabilities combine to dramatically increase cloud risk according to the Tenable Cloud Risk Report.
Do you know where your sensitive data is?
Around a quarter of businesses don't know where their sensitive data is according to a new report from Normalyze and the Enterprise Strategy Group (ESG).
As enterprises move more operations to the cloud, the volume and exposure of sensitive data stored in public cloud services is also rapidly increasing. Despite efforts by security teams to manage data risks, many organizations lack clarity on where data is located, how sensitive it is, and who has access to it.
The top enterprise cloud threats of 2024
A new report from IBM X-Force looks at the biggest risks enterprises are facing and highlights how attackers know that credentials are the keys to cloud environments, making them highly sought-after on dark web marketplaces.
Attackers are using phishing, keylogging, watering hole and brute force attacks to harvest credentials. Also dark web research highlights the popularity of infostealers, used to steal cloud platform and service-specific credentials.
New AI-driven platform simplifies enterprise access management
Traditional processes for ensuring employees have the right levels of access to systems have come under strain and become harder to manage because of the spread of cloud-based software.
A new AI-powered identity governance and administration (IGA) platform from Zilla Security aims to tackle the long-standing challenge of managing hundreds of roles or group membership rules to ensure organizations give users job-appropriate access.
Proton launches secure cloud storage for businesses
Swiss company Proton is known for its privacy focused solutions including secure mail, VPN and password manager. Today the company launches a new service, Proton Drive for Business.
This is a comprehensive solution designed to provide secure and private cloud storage, file sharing, and real-time document collaboration for organizations. In an era where data breaches and unauthorized use of company documents are common, this new service offers security and privacy to businesses of all sizes, with end-to-end encryption.
Business security: Advancements in on-premise and online tech solutions
Biometric access control, video surveillance, and intrusion alarms enhance on-site protection by promptly addressing unauthorized access -- these advanced systems monitor who enters your facilities and allow for real-time responses to incidents.
Meanwhile, cybersecurity remains a key aspect of business demanding great attention. The emergence of generative AI and automation technologies can evaluate threats and make decisions significantly faster, heightening the effect of your defense mechanisms.
Multi-cloud, multi-challenge -- what's the answer?
With more business applications and data existing outside of the traditional network perimeter and across multiple clouds, organizations have a harder job than ever before to maintain security and reliability of critical services. This challenge is shared by the majority of IT leaders -- as 81 percent recently surveyed believe the increasing number of cloud applications is adding additional pressure on network performance.
This issue is heightened by the 44 percent of UK workers that now work remotely. Every new remote worker and device added to the organization's network, also expands its attack surface. In fact, 85 percent of IT leaders say remote and hybrid working has contributed to an increase in network security threats. Over two-thirds (69 percent) of UK organizations have experienced an increase in network security threats in the past 18 months.
Enterprises face major challenges with cloud costs and more
A new study reveals that 93 percent of enterprise platform teams face persistent challenges with cloud costs, Kubernetes complexity and developer productivity.
The research from Rafay Systems shows that despite the widespread adoption of platform teams within IT organizations, survey respondents across the board confirm that these teams often are stretched to their limits managing complex multi-cluster Kubernetes and cloud environments.
Mastering tenant-to-tenant cloud migrations: Strategies for success
Tenant-to-tenant cloud migrations have become pivotal for organizations striving to boost operational efficiencies and seamlessly adapt to dynamic changes such as mergers, acquisitions, and organizational restructuring.
These migrations are about more than transferring data and applications between cloud environments. They also represent a strategic move towards greater scalability and improved resource management, enabling businesses to respond more agilely to market demands and growth opportunities.
Azure outages should spark new urgency for a multi-cloud approach
July 19th 2024 will go down as a tough day for many IT teams, and the day started even worse for businesses using Microsoft Azure and its supported services. In addition to the widely publicized global outage caused by a CrowdStrike update, Microsoft Azure's Central US Region was down for five hours due to an unrelated failure, impacting millions of business users worldwide.
As if that wasn't enough, less than two weeks later, Microsoft Azure experienced another global outage lasting more than six hours. According to the company's service status page, it was Microsoft's 8th service status-related incident.
Recent Headlines
Most Commented Stories
© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.