Compromise Detection vs. Threat Detection: Why ‘Right of Boom’ Now
Blog Published: 05/30/2023
Originally published by Netography. Written by Matt Wilson, VP Product Management, Netography. In 2022, the average total cost of a data breach reached a record high of $4.35 million. And it took an average of 277 days – about 9 months – to identify and contain a breach. But when organizations ca...
What Are the 5 Key Areas of Cloud Security
Blog Published: 05/30/2023
Originally published by InsiderSecurity. Concerns of cloud data breaches are a key reason that cloud adoptions hit a roadblock in companies despite an eagerness to go “cloud first”. Despite the promise and flexibility that the cloud offers, security is something that companies cannot compromise o...
The Top 5 Cloud Security Risks of 2023 (So Far)
Blog Published: 05/30/2023
Originally published by Orca Security. Written by Bar Kaduri and Jason Silberman. As we approach the middle of 2023, we thought it an appropriate time to reflect on the cloud security risks and threats that we have seen so far this year. After careful analysis of aggregated scan results ...
CSA’s PayForward Cloud Security Training Program
Blog Published: 05/26/2023
Accessible Cloud Security Training for Disadvantaged Individuals The COVID-19 pandemic and resulting lockdown saw an increase in cloud usage and adoption. Many enterprises pivoted to the cloud to take advantage of its elasticity, scalability, and agility to enhance their time to market. There has...
Four Things You Need to Know Before Building a Secure SDLC
Blog Published: 05/26/2023
Originally published by Dazz. Written by Rotem Lebovich, Principal Product Manager, Dazz. The rapid evolution of cyber threats makes security a crucial element of your software development lifecycle (SDLC). When you build applications for employees or customers you need to make sure the final del...
What Might a Four-Day Work Week Mean for IT Security?
Blog Published: 05/26/2023
Originally published by CXO REvolutionaries. Written by Martyn Ditchburn, Director of Transformation Strategy, Zscaler. Now that the largest-ever pilot program for testing the feasibility of a four-day workweek has concluded in the U.K., it may be worth asking what the IT security implications of...
News of Note: Promoting Independent Guidance, Expert Advice, and Frameworks for Cloud Security and Assurance
Blog Published: 05/25/2023
It seems ages ago, but this year’s RSA Conference proved robust and fruitful for many of us. On top of that, it gave us a chance to catch up with longtime industry friends we hadn’t seen in person for quite some time and furnished us with that treasured custom of sizing up trends as we walked the...
Hypervisor Jackpotting, Part 3: Lack of Antivirus Support Opens the Door to Adversary Attacks
Blog Published: 05/25/2023
Originally published by CrowdStrike. Since 2020, CrowdStrike has increasingly observed big game hunting (BGH) threat actors deploying Linux versions of ransomware tools specifically designed to affect VMWare’s ESXi vSphere hypervisor (read Part 1 and Part 2 of this series). In the first quarter o...
Insider Threat Detection: What You Need To Know
Blog Published: 05/25/2023
Originally published by Code42. Written by Aimee Simpson. The modern hybrid and remote workplace relies more than ever on cloud-based applications and data sharing. Because of the evolving cybersecurity landscape, security professionals must rely on a comprehensive insider threat detection strate...
The Top Five Challenges of Zero Trust Security
Blog Published: 05/24/2023
Written by Lior Yaari, CEO, Grip Security. Originally published by Forbes. Zero trust security is a model that has gained popularity as an effective solution to ensure that only authorized users can access critical information. With the rise of remote work and SaaS services, the traditional perim...
Cyberthreats You Need to Know (and What to Do About Them)
Blog Published: 05/24/2023
Originally published by Schellman in October 2022. Did you know that we’ve just come to the end of National Cybersecurity Awareness Month?When you think about it, October is a fitting choice for such a designation. After all, this is the time of year we’re all watching scary movies about vampires...
Minimizing Cloud-Based Shadow IT Risks
Blog Published: 05/24/2023
Originally published by Skyhigh Security. Written by Shawn Dappen - Director, Systems Engineering, Skyhigh Security. One result of the recent pandemic is that many enterprises are moving to leverage the benefits of cloud-based applications and data. Over the past three years, the average numbe...
5 Essential Components of a Cloud DLP Solution
Blog Published: 05/23/2023
Originally published by Dig Security. Written by Yotam Ben-Ezra. The DLP landscape has taken a long time to catch up with the realities of the public cloud. Below we’ll explain why we think DLP tooling developed in the on-premise era is no longer fit for purpose. We’ll then suggest an alternative...
How Can 3DS Authentication Enhance My Payments Flow?
Blog Published: 05/23/2023
Originally published by TokenEx. As the rapid growth of ecommerce platforms and digital payments continues, the amount of card-not-present (CNP) transactions has increased. While this can provide extra convenience for the cardholder, merchants must engage with digital channels to manage activity,...
Why Lateral Movement Protection is Critical for Best Cybersecurity Practices
Blog Published: 05/22/2023
Originally published by TrueFort. A fortress of protection A castle has many layers of protection. A moat, a vallum, drawbridges, portcullises, gatehouses, barbicans, gates, towers, baileys, and layers of inner and outer walls. All designed to impede the progress of invaders and to prevent them f...
CSA’s Enterprise Architecture: Information Technology Operation & Support
Blog Published: 05/19/2023
Written by CSA’s Enterprise Architecture Working Group. The Enterprise Architecture is both a methodology and a set of tools that enable security architects, enterprise architects, and risk management professionals to leverage a common set of solutions and controls. It can be used to assess oppor...
Cyber Tetris: Making Security Fall Into Place
Blog Published: 05/18/2023
Originally published by CXO REvolutionaries. Written by Ben Corll, CISO - Americas, Zscaler. Security is often a thankless job. The only time it makes headlines is when it fails, or things go wrong. No one opens a web browser and pulls up a news feed about companies that have not been breached fo...
5 Benefits of Adding a DSPM Solution to Your Security Stack
Blog Published: 05/18/2023
Originally published by Laminar. Written by Michael Holburn, Solutions Engineer, Laminar. Last year, data security posture management appeared in the Gartner Hype Cycle for the first time. And the hype has only grown bigger since then. But why is DSPM at the forefront of today’s security conversa...
Why Hybrid Cloud Computing Makes Sense for the Healthcare Industry
Blog Published: 05/18/2023
Originally published by Sangfor Technologies. Written by Nicholas Tay Chee Seng, Cloud Chief Technology Officer, Sangfor Technologies. Healthcare is one of the biggest beneficiaries of cloud adoption as it relies on technical innovation by design, and cloud computing has made each aspect of innov...
Understanding the Two Maturity Models of Zero Trust
Blog Published: 05/17/2023
Written by John Kindervag, Senior Vice President, Cybersecurity Strategy, ON2IT Cybersecurity. The top mistake in the Zero Trust world is monolithic thinking. There has become the belief that eating the entire elephant in one bite is possible. Organizations' top mistake is trying to deploy all of...