Building Business Trust in the Dark Forest of the Internet
Blog Published: 07/21/2023
Originally published by CXO REvolutionaries. Written by Sam Curry, VP & CISO, Zscaler. “The universe is a dark forest. Every civilization is an armed hunter stalking through the trees like a ghost, gently pushing aside branches that block the path and trying to tread without sound.” - Cixin L...
KeePass CVE-2023-32784: Detection of Processes Memory Dump
Blog Published: 07/20/2023
Originally published by Sysdig. Written by Miguel Hernández. During May, a new vulnerability CVE-2023-32784 was discovered that affected KeePass. KeePass is a popular open source password manager which runs on Windows, Mac, or Linux. The vulnerability allows the extraction of the master key in cl...
Cloud Security Alliance Announces Appointment of Caleb Sima as Chair for AI Safety Initiative
Press Release Published: 07/20/2023
Industry veteran to lead development of CSA’s AI strategy and roadmap SEATTLE – July 20, 2023 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today announ...
Preparing for the Quantum-Resistant Cryptography Transition: Identifying Your Organization's Digital Footprint When Crypto is in Everything
Blog Published: 07/20/2023
Originally published by DigiCert on May 11, 2023. Written by Timothy Hollebeek. The impending arrival of post-quantum cryptography (PQC) is exposing what experts in cryptography already knew: crypto is in everything today. Pretty much everything that connects digitally relies on cryptography and ...
Enhancing Cloud Security: Four Vital Practices for Kubernetes Security
Blog Published: 07/19/2023
Originally published by Tenable. Written by Upkar Lidder. In today's rapidly evolving cloud landscape, ensuring robust security measures for Kubernetes environments has become paramount for organizations. While the benefits of cloud-native infrastructure are undeniable, security teams often str...
Top Takeaways from the Gartner® Innovation Insight: Data Security Posture Management
Blog Published: 07/19/2023
Originally published by Laminar. Written by Andy Smith, Chief Marketing Officer, Laminar. According to our recent State of Cloud Data Security Report 2023, 77% of organizations experienced a cloud data breach in 2022. That’s particularly concerning considering that 60% of worldwide corporate data...
Achieving Cloud Data and Compliance: How You Can Make It Work
Blog Published: 07/19/2023
Originally published by Dig Security. Written by Benny Rofman. When it comes to sensitive data, the ‘wild west’ approach that characterized the early 2000s is long gone. Dozens of data protection frameworks have emerged amidst increased regulation and concerns over privacy, security, and identity...
Evaluating Cloud Email Security Solutions
Blog Published: 07/18/2023
Originally published by Abnormal Security. Written by Mick Leach. Email is a significant target for attackers, primarily because it’s used by every member of an organization—from employees and executives to vendors and customers. The information exchanged through email can range from casual conve...
Three Ways Cybercriminals Could Use AI to Harm Your Organization
Blog Published: 07/18/2023
Originally published by ThreatLocker. Introduction The introduction of Generative Artificial Intelligence (AI) tools has elevated the way individuals streamline their day-to-day tasks. AI has proven to be a groundbreaking development in human efficiency and the way people create, structure, and b...
Behind the Breach: Phishing & Token Compromise in SaaS Environments
Blog Published: 07/17/2023
Originally published by Obsidian. Earlier this year, Gartner published a new research report focused on the human component of cybersecurity which explored trends around cybersecurity leadership, challenges with hiring, and attacks targeting individuals. One notable prediction—that by 2025, lack ...
Top 4 Myths About Cybersecurity Compliance Assessors: How to Build a Successful Auditor Partnership That Enables Your Business
Blog Published: 07/17/2023
Originally published by Coalfire. Written by Kylene Bowman, Director, Coalfire.Managing change is a challenge in the marketplace and in the information security industry, so it’s no surprise that enterprises are pressured to adjust and innovate their compliance strategy at the same pace. When aud...
AI is Here: How Should CISOs Respond?
Blog Published: 07/17/2023
AI tools are spreading rapidly and CISOs need to be ready.Originally published by F5. Written by Gail Coury, CISO, F5. IntroductionWith artificial intelligence (AI) use growing in the enterprise, Chief Information Security Officers play a critical role in its implementation and adoption. CISOs ne...
Cloud Security Alliance Cybersecurity Trainings Now Available on the GSA Multiple Award Schedule
Blog Published: 07/14/2023
Updated 10/23/24 with the addition of CCZT to CSA's listing.The Cloud Security Alliance has recently been listed on the GSA Multiple Award Schedule. This achievement required the completion of a formal proposal process and acts as CSA’s calling card as a vetted supplier to do business with the fe...
Implementing Least Privilege in AWS: Strategies for Minimizing Security Risks
Blog Published: 07/14/2023
Written by Abhishek Bansal, Founder, Autharva. Problem StatementIn the dynamic and ever-changing digital landscape, organizations find themselves in a perpetual battle against the looming specter of security breaches and unauthorized access to their most sensitive data. These risks have escalate...
FedRAMP Revision 5 Explained
Blog Published: 07/14/2023
Originally published by Schellman. Given its standardized approach to assessing, authorizing, and continuously monitoring cloud services used by federal agencies, the Federal Risk and Authorization Management Program (FedRAMP) has been a critical component of the U.S. government's cloud security ...
Uniting Enterprises for a Safer Future: The Collective Influence of the Cloud Security Alliance
Blog Published: 07/13/2023
As our reliance on digital ecosystems expands exponentially in this era of accelerated digital transformation, so does the need for comprehensive, robust, and adaptive security measures. To mitigate evolving threats, enterprises must not merely stay abreast of the curve but redefine it, perceivin...
Agents vs Agentless: Choosing the Right Security Approach for Your Specialized Cloud Virtual Machine Workloads
Blog Published: 07/13/2023
Originally published by Tenable. Written by John Tonello and Ryan Bragg. You can scan virtual machines for security vulnerabilities in multiple ways depending on what your instances are running, how long they’re up, and whether or not they can run an agent or be accessed with administrative cre...
The Blind Spot of Data Leakage – And What to Do About It
Blog Published: 07/13/2023
Originally published by CXO REvolutionaries. Written by Ben Corll, CISO - Americas, Zscaler. The premise of cybersecurity is defending against digital threats – malware, hackers, criminal organizations, and the rest. This makes plenty of intuitive sense. Attackers primarily come from the outside,...
Managing Data Explosion with Software-Defined Storage (SDS)
Blog Published: 07/12/2023
Originally published by Sangfor. Written by Nicholas Tay Chee Seng, CTO, Sangfor Cloud. A New Era of Massive Data Generation The vast amount of data generated on a daily basis by industries and large organizations worldwide is growing at an outstanding rate. Statista forecasts that the total amo...
Day in the Life: Network Operations Manager
Blog Published: 07/12/2023
Originally published by Netography. Written by Mal Fitzgerald, Sales Engineer, Netography. It’s early. I’m crushing only my second large coffee of the day and the four words I never want to hear are being uttered by folks sitting in front of my office: “The network is slow.”History tells me that ...