Featured Articles from Cloud Security

Posted: 11/11/2016

Effective cybersecurity is becoming increasingly important as hackers and other threats find their way past traditional security measures.

Posted: 10/24/2016

The concept of "secret information" harkens back to a time when only top spymasters knew and kept secrets. Now everyone seems to want to keep them. When you make a phone call, how often do y…

Posted: 9/2/2016

As Halloween approaches, the usual spate of horror movies will intrigue audiences across the U.S., replete with slashers named Jason or Freddie running amuck in the corridors of all too easi…

Posted: 8/23/2016

In October of 2015, an employee of the Federal Deposit Insurance Corporation (FDIC) walked out with sensitive information stored on a portable drive on their last day of work. This included …

Posted: 8/20/2016

Amazon Web Services was a prevalent presence in Cloud Security Week in mid August, as were new industry reports.

Posted: 8/16/2016

Thales to support AWS KMS with improved security and greater control with bring your own key (BYOK) with hardware key protection.

Posted: 8/16/2016

Rackspace makes its multi-cloud security to Microsoft Azure accessible early including its Fanatical Support for Azure.

Posted: 8/15/2016

New report by Bitglass in collaboration with the Cloud Security Alliance (CSA) validates IT pros differing views on government cooperation.

Posted: 8/11/2016

Imerva researchers find that HTTP/2 protocol is flawed in four significant ways.

Posted: 8/9/2016

Extensive survey by Varonis Systems shows extent of recent data thefts, causes and simple steps that everyone should take to improve security posture.

Posted: 8/8/2016

Attacks against web servers are the most prevalent issue in cyber security which is why there is a need for a Web Application Firewall (WAF).

Posted: 8/4/2016

RiskIQ security intelligence services provides greater visibility and detection to find threats early and prevent them from spreading.

Posted: 8/4/2016

IHS DDoS Prevention Appliance report indicates investments increasing along with threats.

Posted: 8/1/2016

CSA's Mobile Application Security Testing (MAST) Initiative and associated white paper recommends best practices when creating and maintaining mobile apps.

Posted: 7/30/2016

Cloud data security remains a big issue for enterprises. That's the key finding of a new publication entitled The 2016 Global Cloud Data Security Study.

Posted: 7/27/2016

Frequent visitors to the Cloud Security Resource Community are aware that I try to keep a collection of "must have and read" industry resources that are recommended for community members. A …

Posted: 7/26/2016

Cisco scholarship program and new certifications aimed at helping bridge the cyber security talent gap.

Posted: 7/26/2016

A sound investment in and creating an ecosystem of employee awareness can prove to be one of the best decisions you'll ever make.

Posted: 7/23/2016

This week saw an outage of Docker Cloud, AT&T talk about its new Threat Intellect solution, Barracuda Networks release a new version of its NextGen Firewall and the publication of some new e…

Posted: 7/21/2016

A Governance, Risk Management, Compliance (GRC)perspective on the proper use and management of SSH user keys.

Posted: 7/18/2016

AT&T Threat Intellect is a collection of tools geared toward finding and preventing security issues before such things can become a factor.

Posted: 7/18/2016

The firewall is one of the main things businesses rely on every day to keep out malware and other attacks on our networks. With that in mind, having the latest and greatest in firewall techn…

Posted: 7/18/2016

One of the best organic defenses organizations can use against the growing threat of a ransomware attack is through a Workspace as a Service (WaaS) platform.

Posted: 7/16/2016

At its user event this week, Cisco Systems came out with a handful of new security solutions it said address the fragmented security marketplace. The company said these solutions can help tr…

Posted: 7/14/2016

Cisco Systems at its annual Cisco Live! event in Las, Vegas, unveiled new cloud-based security solutions and services.

Posted: 7/14/2016

Because Dropbox and other cloud-based solutions are minimally secure, enterprises must consider implementing additional cyber security on their cloud frameworks.

Posted: 7/14/2016

Cycubix offers Engineers Ireland members the best in (ISC)² methods and practices including the newly Continuing Professional Development (CPD) approved (ISC)² certifications.

Posted: 7/11/2016

The U.S. Ninth Circuit Court of Appeals has seemingly turned a lot of people into criminals based password sharing practices. passwords.

Posted: 7/11/2016

Why a new approach to penetration testing is urgently required in the face of more frequent attacks, increasing vulnerabilities and threats.

Posted: 7/9/2016

Phishing and ransomware are on the rise. A new exploit called Cerber that targeted a broad swath of Office 365 users showed just how widespread these security problems have become.

Posted: 7/5/2016

It's not going to be bulletproof, as it depends greatly on a single point of access. Though it's got a lot going for it despite the potential downfall, CloudJumper nWorkSpace's plan to make …

Posted: 7/5/2016

This exploit, known as Cerber, impacted users of Office 365. Spread via phishing emails, Cerber encrypted user files using AES-265 and RSA encryption, which are unbreakable, and then demande…

Posted: 7/5/2016

BYOD, cloud and the Internet of Things are changing enterprise defense plans to guard against points of attack inside the network perimeter. These new ways of connecting to secure resources …

Posted: 7/5/2016

It is crucial to apply multi-factor authentication (MFA) on top of your existing privileged account management strategy.

Posted: 7/2/2016

Russia is among the top three countries in the world capable of launching major cyber attacks, according to Professor Jarno Limnell of Finlands' Aalto University.

Posted: 6/29/2016

Cloud security professionals need to be aware that Russia is increasing its cyberattacks and targets can be any organization.

Posted: 6/28/2016

Cloud security professionals need note Amazon and Microsoft have achieved provisional FedRAMP authority for different segments of their cloud services.

Posted: 6/28/2016

For those not familiar with Cloud Resource Community co-sponsor the Cloud Security Alliance (CSA), it is an organization like co-sponsor (ISC)2 whose site you need to bookmark and reference …

Posted: 6/27/2016

The fact Facebook CEO Mark Zuckerberg conceals his camera and microphone is his concern about hackers, specifically, remote-access trojans.

Posted: 6/25/2016

Security is a topic that just never seems to get old or uneventful. That's why this week's Cloud Security Resource was again packed with interesting news and views.

Posted: 6/24/2016

A good example of how this works was the recent discovery by a Portuguese pen testing team of 14 flaws in Uber apps which would have enabled them to get free rides and disclose details of pa…

Posted: 6/24/2016

OneLogin CISO provides advice to colleagues on addressing security challenges of new hires.

Posted: 6/22/2016

Trend Micro will be featured in a new AWS Quick Start Reference Deployment for National Institute of Standards and Technology (NIST) compliance.

Posted: 6/20/2016

Cloud Security Alliance (CSA) blog helps illustrate what skills are needed to secure the cloud.

Posted: 6/18/2016

The costly results of DNS attacks, European Union data protection regulation, improved perception about cloud security, and the risks of connected third-party apps made Cloud Security Resour…

Posted: 6/15/2016

Netskope Cloud Report finds most cloud apps mot ready for the European Union General Data Protection Regulation (GDPR).

Posted: 6/14/2016

CloudLock CyberLab study, "The Explosion of Apps: 27% are Risky," examines risks and list the 10 most risky apps.

Posted: 6/13/2016

Bitglass report finds cloud security anxiety falling away as enterprises see cloud to be as secure as on-premise solutions.

Posted: 6/13/2016

A new report from EfficientIP reveals that failure to use DNS protection software could cost over $1 million per attack.

Posted: 6/13/2016

The Akamai Q1 2016 State of the Internet - Security Report highlights that global cloud security threat landscape is getting worse.

Posted: 6/11/2016

This week in the Cloud Security Resource Community saw interesting developments on storage, phishing and FedRAMP.

Posted: 6/9/2016

NSFOCUS has launched a new global cloud security platform with first offering focus on protection against distributed denial of service (DDoS).

Posted: 6/9/2016

The Anti-Phishing Working Group (APWG) has released its Q1 2016 Phishing Activity Trends Report. It is food for thought for IT security professionals.

Posted: 6/8/2016

Organizations looking for new solutions that isolate and secure data better should evaluate satellite storage.

Posted: 6/7/2016

The emergence of big data and cloud storage technology has provided an opportunity for the Federal Government to push the reset button with cybersecurity.

Posted: 6/3/2016

Cloud security, containers, and ransomware were among the leading topics on Cloud Security Resource this week.

Posted: 6/2/2016

It is hard to imagine there is a hotter topic in all of IT than ransomware. It is for this reason that the Cloud Security Resource Community, and our sister Cyber Security Trend Community, t…

Posted: 6/1/2016

A10 Networks has mapped out five of the most common motives for DDoS attacks and describes the tell-tale signs that will help companies combat them.

Posted: 5/31/2016

Embracing Docker creates some security challenges. Containers can serve as a source of exploitable vulnerabilities and risk for the application owner and hosting firm.

Posted: 5/31/2016

There is a surprising lack of public information regarding data security breaches in the cloud.

Posted: 5/28/2016

Details on exploit kits, the views of U.S. Federal government security pros and DDoS for hire top Cloud Security Resource week news and insights.

Posted: 5/26/2016

Dell security SME explains how exploit kits have reached a new level of sophistication that's made them even tougher to detect and eradicate.

Posted: 5/25/2016

It should be noted that (ISC)² members are eligible for special discounted pricing and will be able to attend any of the ASIS events, including keynotes, networking lunches and educational s…

Posted: 5/24/2016

One of the objectives of the Cloud Security Resource Community is to at any extent possible, keep community members up-to-date on the threats they face. Think of it as a community service al…

Posted: 5/23/2016

It is always best when trying to assess the real state of security, be it physical or virtual, to ask the experts. That is precisely what (ISC)2, with the help of sponsor KPMG LLP ( the audi…

Posted: 5/21/2016

It was a week of new studies, new products, and a fair amount of discussion about the dark web in Cloud Security Resource this week.

Posted: 5/19/2016

As we all know way too well thanks to the daily headlines, while the cloud itself has already debunked the myths about it being insecure or less secure than traditional systems and processes…

Posted: 5/19/2016

With malware constantly becoming more sophisticated, there is a growing danger that a computer can be infected and display no obvious symptoms. Hackers can thus have access to a great deal o…

Posted: 5/19/2016

Popular social media site LinkedIn sees up to 117 million user credentials up for dale on Dark Web as a result poor security practices.

Posted: 5/18/2016

The best analogy that comes to mind is the invention and development of what we in the tech industry would call "use cases" for atomic energy. Fission and fusion are capable of both powering…

Posted: 5/18/2016

Does your enterprise have the visibility and control it needs to know precisely which third parties have privileges on your network and what they are up to at all times?

Posted: 5/14/2016

Every week is a busy week when it comes to security and coverage on news about this topic.

Posted: 5/13/2016

One of the goals of the Cyber Security Trend Community is to make community members aware of various tools that skilled security professionals can use to improve the security posture of thei…

Posted: 5/13/2016

Watson for Cyber Security will use natural language processing to understand the vague and imprecise nature of human language in unstructured data to get smart fast. It will also incorporate…

Posted: 5/11/2016

It is always useful to have numbers rather than declarative statements. This is particularly true when it comes to matters involving cybersecurity of all types including cloud security. Unfo…

Posted: 5/9/2016

AT&T lends its hand helping bridge the growing gap for skilled IT professionals ready for what lies ahead.

Posted: 5/6/2016

Venyu use case details how medical practice avoided paying ransom to hacker.

Posted: 5/6/2016

Putting aside the sarcasm at end of the last quote, realities are that we are all in this together. We can't get to encryption and multi-factor authentication fast enough so bad guys have to…

Posted: 5/3/2016

A new report from Bitglass suggests that, for organizations that need to see increased productivity, BYOD is already spoken there.

Posted: 5/2/2016

HPE security expert,Smrithi Konanur, outlines the best approach for assuring mobile application security.

Posted: 4/30/2016

A wide array of reports on cloud and cyber security in general were released this week as report season kicks into high gear.

Posted: 4/27/2016

As almost every report has revealed, e-mail remains the best way for those with malicious intent to compromise individuals and organizations. In short, phishing expeditions remain all the ra…

Posted: 4/26/2016

Check Point threat index for March identifies the worst mobile malware and the fact exploits are growing.

Posted: 4/25/2016

It would be nice to point out that we are in the midst of cyber security report season and that for a change things are trending in the direction of the good guys. Unfortunately, while that …

Posted: 4/25/2016

Cisco addresses security issues in its W-LAN Controller, Adaptive Security Appliance, and SRTP library.

Posted: 4/23/2016

This week in the Cloud Security Resource Community featured new research on breaches and the professionals who work in cloud security and cyber security in general.

Posted: 4/21/2016

A few years ago, as cyber security issues in general and cloud security ones in particular were starting to gain global publicity, a well-respected security expert told me: "the barbarians a…

Posted: 4/21/2016

Security really matters regarding all three pillars-Network, Compute and Storage-of today's increasingly data center-centric world.

Posted: 4/18/2016

As frequent visitors to the Cloud Security Resource Community are aware, our host, (ISC)2 is on a mission to help close what is projected to be the growing gap between the supply of certifie…

Posted: 4/18/2016

Softchoice study, (Still) Careless Users in the Cloud, shows risks from employees practicing less-than-optimal behavior.

Posted: 4/18/2016

LightCyber says finding network cyber attacks requires a new standard for fast, accurate detection.

Posted: 4/16/2016

Coverage on the Cloud Security Resource front this week was broad and varied, with a mix of breaking news and trend analysis.

Posted: 4/14/2016

CloudPassage-sponsored study gives U.S. colleges and universities a failing grade in preparing students for careers in cyber security.

Posted: 4/13/2016

PerimeterX Bot Defender service enables users to add a few lines of JavaScript to websites to protect against DD0S attacks.

Posted: 4/13/2016

(ISC)2 is known for being the worlds' largest cyber security training and certification organization for IT professionals. What readers may not know is that its foundation, the Center for Cy…

Posted: 4/11/2016

Microsoft Cloud App Security Service goes GA providing discovery, investigation, control and protection.

Posted: 4/11/2016

NS1 explains how pace and complexity of app development and delivery expose imitations of traditional DNS.

Posted: 4/9/2016

Whaling, in which hackers target C-level executives at companies, is a growing security problem.

Posted: 4/7/2016

Cisco Talos research exposes correlation between inexpensive domain names and malware.

Posted: 4/6/2016

What has been a truly nefarious development in technology has been the spike in what is known in the industry as "whaling" aka "CEO fraud."

FREE eNewsletter

Get the Latest Cloud Security News

ArrowSubscribe Now