Subscribe to Email Updates

Subscribe

Author: Ericka Chickowski

An award-winning writer, Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading. Chickowski’s perspectives on business and technology have also appeared in dozens of trade and consumer magazines, including Consumers Digest, Entrepreneur, Network Computing and InformationWeek.

All about Virtualization and Cloud Security | Recent Articles:

Four Cool Tools Expected Out of Black Hat

Aug 03 by Ericka Chickowski

Security professionals, penetration testers and malware investigators are preparing to get energized. In just about a week the hacking community will converge on Las Vegas to drop their biggest discoveries of the year at the podiums of Black Hat USA. This annual confab always offers up a range of great new ideas for defenders, red teamers and security researchers—as well as a boatload of new tools. This year's show should be no different. The buzz is already growing for a number of previously unseen tools that will help security pros solve tough problems and break things in whole new ways. Here are a few highlights.

Read More

5 Cryptojacking Consequences CISOs Can't Ignore

Jul 26 by Ericka Chickowski

The rising tide of criminal schemes to steal compute cycles for mining cryptocurrency has reached a high-water mark. This month researchers report that cryptojacking malware and attacks have overtaken ransomware as the number one malware threat online today.

Read More

Five Reasons Enterprises Aren't Getting the Most Out of Security Automation

Jul 13 by Ericka Chickowski

Automation is enterprise cybersecurity's biggest buzzword as organizations seek to keep pace with a threat landscape that grows more frenetic by the hour. But as automation spending skyrockets, many enterprises are finding that they're not getting the most out of their investment.

Read More

Tesla Sabotage Highlights Danger of Insider Threat

Jun 21 by Ericka Chickowski

Electric car manufacturer Tesla is facing a nightmare insider attack scenario for which too many companies today fail to prepare. Tesla CEO Elon Musk admitted this week that an employee managed to intentionally wreak havoc with the software code that underpins the company's manufacturing system. The fallout has resulted in "quite extensive and damaging sabotage to our operations," according to Musk in a company-wide email that was leaked to CNBC two days ago.

Read More

Three Ways DevOps Teams Can Step Up GitHub Security

Jun 06 by Ericka Chickowski

Last week the team behind Git, a platform that powers millions of the world's developer code repositories--including those on the wildly popular GitHub hosted service--released a crucial security update meant to keep developer environments safe. The patch was made to fix a flaw in how Git handles submodule repository configuration during cloning. It's a dangerous hole that could give attackers the power to create malicious Git repositories and leverage them to run arbitrary code execution on target developer machines.

Read More

Security Must Adjust as SDN Goes Mainstream

May 25 by Ericka Chickowski

After years of hype, 2018 may finally see the start of the mainstream adoption of software-defined networking (SDN). And with it, network virtualization and software defined data centers (SDDC) could be on the cusp of big breakthroughs. So say the results of the new research from Enterprise Management Associates (EMA).

Read More

What's So Scary About GDPR?

May 15 by Ericka Chickowski

We're at less than a month before the EU General Data Protection Regulation (GDPR) regulations go live and global readiness still lags considerably. Companies around the world are in varying states of compliance, with a fair number of organizations out there that still haven't even stepped up to the start line of their GDPR compliance journey.

Read More

Seven Winning DevSecOps Metrics Security Should Track

May 01 by Ericka Chickowski

Last week's DevOps Connect event at RSA Conference brought together some of the leading minds in the DevOps and AppSec communities to discuss DevSecOps. Given the audience, a lot of the discussions focused on awareness themes for security folks still wrapping their heads around the idea of embedding their people into cross-functional DevOps teams. But each year these DevOps confabs at RSAC, the security audience grows savvier in continuous delivery principles, and the programming is trending more toward the real nuts and bolts of instituting DevSecOps.

Read More

Seven Steps Toward Bridging the Cybersecurity Skills Gap

Apr 10 by Ericka Chickowski

Building an effective cybersecurity team is no mean feat. Hiring managers struggle to find experienced talent today and according to the most recent figures from ISACA, one in three organizations say it takes six months or longer to fill any given security position.

Read More

IoT Security Spending Due to Surge as Enterprises Address Big Gaps

Apr 05 by Ericka Chickowski

Cyber attacks, security incidents and breaches initiated through insecure Internet of Things (IoT) devices are on the uptick and most enterprises aren't yet on track to do anything about it, according to several high-profile studies over the last month.

Read More

Shifting Gears to Cloud-Centric Cybersecurity

Mar 12 by Ericka Chickowski

As enterprises bridge their adoption patterns for public cloud from isolated pilot projects to fully scaled environments, they're going to need to get serious about adjusting their cybersecurity strategy and architecture to accordingly. According to the thinkers at McKinsey & Company, that sea change needs to start now. In a new report out last month by the consulting firm, enterprises are finally doubling down on their public cloud experiments over the last decade. And that means an impending cascade of public cloud usage in critical infrastructure that previously remained entrenched in the on-prem world.

Read More

SEC Updates Guidance On Disclosing Breaches, Warns Against Insider Trading Based on Cyber Risk

Mar 08 by Ericka Chickowski

The U.S. Securities and Exchange Commission (SEC) put public companies on warning that they need to get better about how and when they disclose not just breaches but material cyber risks to investors. The instructions were part of an updated guidance on breach disclosure from the SEC meant to protect investors and bring greater clarity to what the regulatory board expects from public companies when it comes to how they handle information security transparency.

Read More

Cloud Security

Virtualization Security




Subscribe to Blog Updates

Latest Tweets