Building an effective cybersecurity team is no mean feat. Hiring managers struggle to find experienced talent today and according to the most recent figures from ISACA, one in three organizations say it takes six months or longer to fill any given security position.
All about Virtualization and Cloud Security | Recent Articles:
Cyber attacks, security incidents and breaches initiated through insecure Internet of Things (IoT) devices are on the uptick and most enterprises aren't yet on track to do anything about it, according to several high-profile studies over the last month.
As enterprises bridge their adoption patterns for public cloud from isolated pilot projects to fully scaled environments, they're going to need to get serious about adjusting their cybersecurity strategy and architecture to accordingly. According to the thinkers at McKinsey & Company, that sea change needs to start now. In a new report out last month by the consulting firm, enterprises are finally doubling down on their public cloud experiments over the last decade. And that means an impending cascade of public cloud usage in critical infrastructure that previously remained entrenched in the on-prem world.
The U.S. Securities and Exchange Commission (SEC) put public companies on warning that they need to get better about how and when they disclose not just breaches but material cyber risks to investors. The instructions were part of an updated guidance on breach disclosure from the SEC meant to protect investors and bring greater clarity to what the regulatory board expects from public companies when it comes to how they handle information security transparency.
Business fraud has been on a dramatic uptick over the last decade and cybercrime stands near the top of the list of losses and events that organizations are experiencing. A new report out from consulting powerhouse PwC found that the ratio of organizations who admitted to falling prey to economic crime in the past year has increased by 63% since 2008, with just under half of organizations admitting to being victims.
We've all heard about the 80/20 rule in business. But in vulnerability management, it may be more like the 54/12 rule. According to a new report out last week by vulnerability intelligence firm Risk Based Security, in 2017 about 54% of all new vulnerabilities came from just 12 vendors.
As worries about third-party risks continue to press on the minds of technology decision-makers within organizations large and small, many technology service providers are finding security to be a key differentiator for winning over prospects. Cyber warranties could be the next big way to help them signal to customers that they're serious about security risks.
Quantum computing may sound like science fiction, but it's coming down the pike faster than you might expect. And if security practitioners don't start taking this impending advancement seriously now, they could be facing the wholesale obscelesence of their corporate cryptographic protections within a decade.
When the Mirai botnet first made waves back in 2016 taking down DynDNS services using an Internet of Things (IoT)-powered botnet, cybersecurity experts warned that this was just the warm-up act. Mirai marked the first splashy real-world example of the kind of attacks that the bad guys could carry out when harnessing the power of IoT devices in a well-controlled botnet. And as predicted by experts following the rollout of Mirai, the hits just keep coming via IoT botnets.
The last year has proved out about security naysayers' warnings about the undisciplined use of cloud architectures. While many organizations work hard to secure data stored on cloud stores, the truth is that there's a lot of work to go. That fact is made abundantly clear by the growing number of incidents caused by extremely poor security hygiene within Amazon Simple Storage Service (S3) storage buckets that are holding very sensitive information.
Life in the SOC has grown a lot more complicated in the last few years as the major forces of cloud and software-defined networking (SDN) adoption have started to converge on enterprise IT in a very big way.
After several years of peeking through the programming as a very niche topic at RSA Conference, DevOps has broken through to the limelight this week. The show has featured a number of talks and panels that discussed the security implications of DevOps and the corresponding increased dependence on cloud platforms and containerization in delivering IT services.