Featured Articles from Cloud Security
Effective cybersecurity is becoming increasingly important as hackers and other threats find their way past traditional security measures.
The concept of "secret information" harkens back to a time when only top spymasters knew and kept secrets. Now everyone seems to want to keep them. When you make a phone call, how often do y…
As Halloween approaches, the usual spate of horror movies will intrigue audiences across the U.S., replete with slashers named Jason or Freddie running amuck in the corridors of all too easi…
In October of 2015, an employee of the Federal Deposit Insurance Corporation (FDIC) walked out with sensitive information stored on a portable drive on their last day of work. This included …
Amazon Web Services was a prevalent presence in Cloud Security Week in mid August, as were new industry reports.
Thales to support AWS KMS with improved security and greater control with bring your own key (BYOK) with hardware key protection.
Rackspace makes its multi-cloud security to Microsoft Azure accessible early including its Fanatical Support for Azure.
New report by Bitglass in collaboration with the Cloud Security Alliance (CSA) validates IT pros differing views on government cooperation.
Imerva researchers find that HTTP/2 protocol is flawed in four significant ways.
Extensive survey by Varonis Systems shows extent of recent data thefts, causes and simple steps that everyone should take to improve security posture.
Attacks against web servers are the most prevalent issue in cyber security which is why there is a need for a Web Application Firewall (WAF).
RiskIQ security intelligence services provides greater visibility and detection to find threats early and prevent them from spreading.
IHS DDoS Prevention Appliance report indicates investments increasing along with threats.
CSA's Mobile Application Security Testing (MAST) Initiative and associated white paper recommends best practices when creating and maintaining mobile apps.
Cloud data security remains a big issue for enterprises. That's the key finding of a new publication entitled The 2016 Global Cloud Data Security Study.
Frequent visitors to the Cloud Security Resource Community are aware that I try to keep a collection of "must have and read" industry resources that are recommended for community members. A …
Cisco scholarship program and new certifications aimed at helping bridge the cyber security talent gap.
A sound investment in and creating an ecosystem of employee awareness can prove to be one of the best decisions you'll ever make.
This week saw an outage of Docker Cloud, AT&T talk about its new Threat Intellect solution, Barracuda Networks release a new version of its NextGen Firewall and the publication of some new e…
A Governance, Risk Management, Compliance (GRC)perspective on the proper use and management of SSH user keys.
AT&T Threat Intellect is a collection of tools geared toward finding and preventing security issues before such things can become a factor.
The firewall is one of the main things businesses rely on every day to keep out malware and other attacks on our networks. With that in mind, having the latest and greatest in firewall techn…
One of the best organic defenses organizations can use against the growing threat of a ransomware attack is through a Workspace as a Service (WaaS) platform.
At its user event this week, Cisco Systems came out with a handful of new security solutions it said address the fragmented security marketplace. The company said these solutions can help tr…
Cisco Systems at its annual Cisco Live! event in Las, Vegas, unveiled new cloud-based security solutions and services.
Because Dropbox and other cloud-based solutions are minimally secure, enterprises must consider implementing additional cyber security on their cloud frameworks.
Cycubix offers Engineers Ireland members the best in (ISC)² methods and practices including the newly Continuing Professional Development (CPD) approved (ISC)² certifications.
The U.S. Ninth Circuit Court of Appeals has seemingly turned a lot of people into criminals based password sharing practices. passwords.
Why a new approach to penetration testing is urgently required in the face of more frequent attacks, increasing vulnerabilities and threats.
Phishing and ransomware are on the rise. A new exploit called Cerber that targeted a broad swath of Office 365 users showed just how widespread these security problems have become.
It's not going to be bulletproof, as it depends greatly on a single point of access. Though it's got a lot going for it despite the potential downfall, CloudJumper nWorkSpace's plan to make …
This exploit, known as Cerber, impacted users of Office 365. Spread via phishing emails, Cerber encrypted user files using AES-265 and RSA encryption, which are unbreakable, and then demande…
BYOD, cloud and the Internet of Things are changing enterprise defense plans to guard against points of attack inside the network perimeter. These new ways of connecting to secure resources …
It is crucial to apply multi-factor authentication (MFA) on top of your existing privileged account management strategy.
Russia is among the top three countries in the world capable of launching major cyber attacks, according to Professor Jarno Limnell of Finlands' Aalto University.
Cloud security professionals need to be aware that Russia is increasing its cyberattacks and targets can be any organization.
Cloud security professionals need note Amazon and Microsoft have achieved provisional FedRAMP authority for different segments of their cloud services.
For those not familiar with Cloud Resource Community co-sponsor the Cloud Security Alliance (CSA), it is an organization like co-sponsor (ISC)2 whose site you need to bookmark and reference …
The fact Facebook CEO Mark Zuckerberg conceals his camera and microphone is his concern about hackers, specifically, remote-access trojans.
Security is a topic that just never seems to get old or uneventful. That's why this week's Cloud Security Resource was again packed with interesting news and views.
A good example of how this works was the recent discovery by a Portuguese pen testing team of 14 flaws in Uber apps which would have enabled them to get free rides and disclose details of pa…
OneLogin CISO provides advice to colleagues on addressing security challenges of new hires.
Trend Micro will be featured in a new AWS Quick Start Reference Deployment for National Institute of Standards and Technology (NIST) compliance.
Cloud Security Alliance (CSA) blog helps illustrate what skills are needed to secure the cloud.
The costly results of DNS attacks, European Union data protection regulation, improved perception about cloud security, and the risks of connected third-party apps made Cloud Security Resour…
Netskope Cloud Report finds most cloud apps mot ready for the European Union General Data Protection Regulation (GDPR).
CloudLock CyberLab study, "The Explosion of Apps: 27% are Risky," examines risks and list the 10 most risky apps.
Bitglass report finds cloud security anxiety falling away as enterprises see cloud to be as secure as on-premise solutions.
A new report from EfficientIP reveals that failure to use DNS protection software could cost over $1 million per attack.
The Akamai Q1 2016 State of the Internet - Security Report highlights that global cloud security threat landscape is getting worse.
This week in the Cloud Security Resource Community saw interesting developments on storage, phishing and FedRAMP.
NSFOCUS has launched a new global cloud security platform with first offering focus on protection against distributed denial of service (DDoS).
The Anti-Phishing Working Group (APWG) has released its Q1 2016 Phishing Activity Trends Report. It is food for thought for IT security professionals.
Organizations looking for new solutions that isolate and secure data better should evaluate satellite storage.
The emergence of big data and cloud storage technology has provided an opportunity for the Federal Government to push the reset button with cybersecurity.
Cloud security, containers, and ransomware were among the leading topics on Cloud Security Resource this week.
It is hard to imagine there is a hotter topic in all of IT than ransomware. It is for this reason that the Cloud Security Resource Community, and our sister Cyber Security Trend Community, t…
A10 Networks has mapped out five of the most common motives for DDoS attacks and describes the tell-tale signs that will help companies combat them.
Embracing Docker creates some security challenges. Containers can serve as a source of exploitable vulnerabilities and risk for the application owner and hosting firm.
There is a surprising lack of public information regarding data security breaches in the cloud.
Details on exploit kits, the views of U.S. Federal government security pros and DDoS for hire top Cloud Security Resource week news and insights.
Dell security SME explains how exploit kits have reached a new level of sophistication that's made them even tougher to detect and eradicate.
It should be noted that (ISC)² members are eligible for special discounted pricing and will be able to attend any of the ASIS events, including keynotes, networking lunches and educational s…
One of the objectives of the Cloud Security Resource Community is to at any extent possible, keep community members up-to-date on the threats they face. Think of it as a community service al…
It is always best when trying to assess the real state of security, be it physical or virtual, to ask the experts. That is precisely what (ISC)2, with the help of sponsor KPMG LLP ( the audi…
It was a week of new studies, new products, and a fair amount of discussion about the dark web in Cloud Security Resource this week.
As we all know way too well thanks to the daily headlines, while the cloud itself has already debunked the myths about it being insecure or less secure than traditional systems and processes…
With malware constantly becoming more sophisticated, there is a growing danger that a computer can be infected and display no obvious symptoms. Hackers can thus have access to a great deal o…
Popular social media site LinkedIn sees up to 117 million user credentials up for dale on Dark Web as a result poor security practices.
The best analogy that comes to mind is the invention and development of what we in the tech industry would call "use cases" for atomic energy. Fission and fusion are capable of both powering…
Does your enterprise have the visibility and control it needs to know precisely which third parties have privileges on your network and what they are up to at all times?
Every week is a busy week when it comes to security and coverage on news about this topic.
One of the goals of the Cyber Security Trend Community is to make community members aware of various tools that skilled security professionals can use to improve the security posture of thei…
Watson for Cyber Security will use natural language processing to understand the vague and imprecise nature of human language in unstructured data to get smart fast. It will also incorporate…
It is always useful to have numbers rather than declarative statements. This is particularly true when it comes to matters involving cybersecurity of all types including cloud security. Unfo…
AT&T lends its hand helping bridge the growing gap for skilled IT professionals ready for what lies ahead.
Venyu use case details how medical practice avoided paying ransom to hacker.
Putting aside the sarcasm at end of the last quote, realities are that we are all in this together. We can't get to encryption and multi-factor authentication fast enough so bad guys have to…
A new report from Bitglass suggests that, for organizations that need to see increased productivity, BYOD is already spoken there.
HPE security expert,Smrithi Konanur, outlines the best approach for assuring mobile application security.
A wide array of reports on cloud and cyber security in general were released this week as report season kicks into high gear.
As almost every report has revealed, e-mail remains the best way for those with malicious intent to compromise individuals and organizations. In short, phishing expeditions remain all the ra…
Check Point threat index for March identifies the worst mobile malware and the fact exploits are growing.
It would be nice to point out that we are in the midst of cyber security report season and that for a change things are trending in the direction of the good guys. Unfortunately, while that …
Cisco addresses security issues in its W-LAN Controller, Adaptive Security Appliance, and SRTP library.
This week in the Cloud Security Resource Community featured new research on breaches and the professionals who work in cloud security and cyber security in general.
A few years ago, as cyber security issues in general and cloud security ones in particular were starting to gain global publicity, a well-respected security expert told me: "the barbarians a…
Security really matters regarding all three pillars-Network, Compute and Storage-of today's increasingly data center-centric world.
As frequent visitors to the Cloud Security Resource Community are aware, our host, (ISC)2 is on a mission to help close what is projected to be the growing gap between the supply of certifie…
Softchoice study, (Still) Careless Users in the Cloud, shows risks from employees practicing less-than-optimal behavior.
LightCyber says finding network cyber attacks requires a new standard for fast, accurate detection.
Coverage on the Cloud Security Resource front this week was broad and varied, with a mix of breaking news and trend analysis.
CloudPassage-sponsored study gives U.S. colleges and universities a failing grade in preparing students for careers in cyber security.
(ISC)2 is known for being the worlds' largest cyber security training and certification organization for IT professionals. What readers may not know is that its foundation, the Center for Cy…
Microsoft Cloud App Security Service goes GA providing discovery, investigation, control and protection.
NS1 explains how pace and complexity of app development and delivery expose imitations of traditional DNS.
Whaling, in which hackers target C-level executives at companies, is a growing security problem.
Cisco Talos research exposes correlation between inexpensive domain names and malware.
What has been a truly nefarious development in technology has been the spike in what is known in the industry as "whaling" aka "CEO fraud."