When it comes to enterprise security, cloud was supposed to help simplify security efforts. But it didn’t turn out that way. Today, the typical large enterprise has its legacy environments, public clouds, private clouds, private hosted clouds, and various hybrid flavors of each to secure. And within those systems applications are becoming containerized, and broken into many different discrete services. All of this is not only fundamentally changing the way enterprises must secure their environments, but also significantly increasing the complexity in doing so.
Many cybersecurity organizations are of the opinion that threat intelligence can prevent, or if not prevent entirely at least lessen, the impact of successful breaches.
When it comes to insider threats, the nature of the threats is largely the same regardless of the computing environment, such as whether the data and apps reside on-premises, public cloud, or provide cloud — the risk of data exfiltration, data destruction, theft, and similar is ever-present.
Software containers are among the hottest aspects of enterprise technology right now. Sure, containers help enterprises save budget through, just like virtualization, the improvement of hardware density. But that’s not really why enterprises are turning to containerization. It’s how application containers bring to modern cloud environments improved manageability and the ability to deploy applications as discrete functions that can be used at will and reused elsewhere in the environment, wherever needed, as a service.
There’s no doubt that enterprises are embracing cloud computing, but not-so-surprising that enterprises repeatedly say that they need heightened visibility and security management capabilities so they can more effectively deploy applications, defend against cyberattacks, and mitigate regulatory compliance risks, a recent survey found.
Business Insights readers are certainly well aware of the sorry state of connected medical device security. We’ve covered it in posts such as St. Jude Takes Steps to Secure Vulnerable Medical Implants and U.S. DHS and FDA Face Medical Device Security Woes. In the later post we covered how the FDA is working to foster a culture of continuous quality improvement.
In a survey and research, The Future of Hybrid Cloud, highlights that while enterprises are moving to cloud — it’s not a smooth transition as some like to proclaim.
Not too long ago news broke of yet another substantial data breach. This time at financial consultancy Deloitte — one of the so-called big four accounting firms. On Sept 25, Deloitte announced that it had detected a breach stemming from an inadequately secured administrative email system that gave the attacker(s) access to the firm’s global email system.
Security research firm IOActive recently set out to investigate the security of 21 mobile brokerage apps used for trading stocks and other equities. The results were less than reassuring.
If you are a Linux user you might want to keep an extra eye on your systems and be ready to patch — as soon as patches do become available that is. Google researchers this week made public seven vulnerabilities they uncovered in the Linux DNS software package Dnsmasq.
Thousands of Apple Macs vulnerable to un-patched firmware, regardless of operating system patching levels. The security firm Duo Labs recently set out to study the security of Mac firmware, more specifically the EFI (Extensible Firmware Interface) in Macs for the past three years. Think of EFI as the modern BIOS (Basic Input / Output System) manages the boot process of a computer system as well as communications between the operating system and other devices such as video, keyboard, printers, and mice.
While most eyes interested in cybersecurity for the past two weeks have been focused upon (and for good reason) the Equifax breach, the U.S. Food and Drug Administration (FDA) continued its pressure on medical device manufacturers to build security into product design — just as the U.S. Department of Homeland Security warned the medical community of eight vulnerabilities in Smiths medical wireless infusion pumps.
