Unity, Data, Focus, Culture: Important Steps to Build Organizational Resilience
Blog Published: 03/03/2023
Originally published by Google Cloud. Written by Sahana Sarma, Managing Director, Customer Value and Transformation Advisory, Google Cloud. It takes the right mix of teamwork and technology to get organizational resilience right. Here's five steps to help jump-start the process. Organizational re...
Identities: The New Enterprise Perimeter
Blog Published: 03/03/2023
Written by Lior Yaari, Cofounder and CEO of Grip Security. Originally published on Forbes. In cybersecurity, the enterprise perimeter is the point where a company’s defenses begin. In the past, this was a physical perimeter defined by the company’s network, or a managed endpoint when the employee...
Could A Data Breach Land Your CISO In Prison?
Blog Published: 03/03/2023
Originally published by F5. Written by Gail Coury. On November 9, 2022 Twitter CISO Lea Kissner resigned along with the company’s chief privacy officer and its chief compliance officer. The Washington Post and other media outlets reported that internal Slack messages at Twitter revealed serious c...
5 Key Findings for Cloud Data Security Professionals from ESG's Survey
Blog Published: 03/02/2023
Originally published by Sentra. Securing sensitive cloud data is a key challenge and priority for 2023 and there's increasing evidence that traditional data security approaches are not sufficient. Recently, Enterprise Strategy Group surveyed hundreds of IT, Cloud Security, and DevOps professional...
Definitive Guide to Hybrid Clouds, Chapter 5: Threat Detection and Response in the Hybrid Cloud
Blog Published: 03/02/2023
Originally published by Gigamon. Written by Stephen Goudreault, Gigamon.Editor’s note: This post explores Chapter 3 of the “Definitive Guide™ to Network Visibility and Analytics in the Hybrid Cloud.” Read Chapter 1, Chapter 2, Chapter 3, and check back for future posts covering Chapters 6 and 7.F...
Protecting Data and Promoting Collaboration During Times of Change
Blog Published: 03/01/2023
Originally published by Lookout. Written by Hank Schless, Senior Manager, Security Solutions, Lookout. When it comes to the way we work, change is now the status quo — and it often happens so quickly that security teams have a tough time keeping up. Organizations that try to keep using their ...
OWASSRF: New Exploit Method Identified for Exchange Bypassing ProxyNotShell Mitigations
Blog Published: 03/01/2023
Originally published by CrowdStrike. CrowdStrike recently discovered a new exploit method (called OWASSRF) consisting of CVE-2022-41080 and CVE-2022-41082 to achieve remote code execution (RCE) through Outlook Web Access (OWA). The new exploit method bypasses URL rewrite mitigations for the Autod...
Modernizing Assurance for Cloud and Beyond
Blog Published: 02/28/2023
Since we launched in 2009, organizations around the world have looked to the Cloud Security Alliance to see what we might be able to offer to assist them in addressing assurance issues with the cloud services they were beginning to use. Fast forward to 2023, this has grown into a critical aspect ...
Why Making Ransomware Payments Illegal Could Backfire
Blog Published: 02/28/2023
Originally published by CXO REvolutionaries. Written by Ben Corll, CISO - Americas, Zscaler. A debate swirling since at least last summer – about the wisdom of banning compromised companies from making payments to ransomware actors – was sparked again recently when Australia broached the possibil...
Save Your Data and Your Sanity
Blog Published: 02/28/2023
Originally published by Rubrik. Written by Jeff Inouye, Rubrik. I recently read a technology forum post where a system administrator described symptoms of post-traumatic stress disorder after their company was attacked by ransomware. The recent State of Data Security report from Rubrik Zero Labs ...
Cloud CISO Perspectives: January 2023
Blog Published: 02/27/2023
Originally published by Google Cloud. Written by Phil Venables, VP and Chief Information Security Officer, Google Cloud. Welcome to January’s Cloud CISO Perspectives. This month, we’re going to catch up with a few of the cloud security megatrends that I described a year ago, and see how they and ...
Key Facts and Benefits of ISO 27018
Blog Published: 02/27/2023
Originally published by Schellman & Co. Written by Jordan Hicks. "Even when clouds grow thick, the sun still pours its light earthward." The poet Mark Nepo wasn’t speaking about cloud security when he wrote that, but it makes for a lyrical way to consider the landscape. As a cloud provider, y...
Zero Trust Security: The Guide to Zero Trust Strategies
Blog Published: 02/27/2023
Originally published by Titaniam. Companies today face more and more security risks. Ransomware is on the rise, and cybercriminals are beginning to breach critical infrastructure with new techniques. In an effort to reduce the frequency and severity of these attacks, the United States government ...
5 Ways Compliance Technology Improves Audit Processes
Blog Published: 02/24/2023
Originally published by A-LIGN. Compliance is alluring to clients, as they are often drawn to organizations that show a dedication to established security frameworks. However, the process of becoming (and remaining) compliant can be time-consuming and expensive. With limited resources restricting...
The Changing Role of the CISO in 2023
Blog Published: 02/24/2023
Originally published by TrueFort. Written by Nik Hewitt, TrueFort. It’s the year of the water rabbit. It’s also the year of the nation-state ransomware attack. The role of the Chief Information Security Officer (CISO) has gone through a significant evolution in recent years. As technology and bus...
Protecting Source Code in the Cloud with DSPM
Blog Published: 02/23/2023
Originally published by Sentra. Written by Daniel Suissa, Software Engineer, Sentra. Source code lies at the heart of every technology company’s business. Aside from being the very blueprint upon which the organization relies upon to sell its products, source code can reveal how the business op...
The Advantages of eBPF for CWPP Applications
Blog Published: 02/23/2023
Originally published by SentinelOne. Written by Rick Bosworth, SentinelOne. Extended Berkeley Packet Filter (eBPF) is a framework for loading and running user-defined programs within the Linux OS kernel, to observe, change, and respond to kernel behavior without the destabilizing impact of ke...
CISO Survival Guide: Vital Questions to Help Guide Transformation Success
Blog Published: 02/22/2023
Originally published by Google Cloud. Written by Anton Chuvakin, Security Solution Strategy, and David Stone, Office of the CISO, Google Cloud. Part of being a security leader whose organization is taking on a digital transformation is preparing for hard questions – and complex answers – on how t...
Not All Sandboxes Are for Children: How to Secure Your SaaS Sandbox
Blog Published: 02/22/2023
Originally published by Adaptive Shield. Written by Hananel Livneh, Adaptive Shield. When creating a Sandbox, the mindset tends to be that the Sandbox is considered a place to play around, test things, and there will be no effect on the production or operational system. Therefore, people don’t ac...
How to Implement CIEM – A Checklist
Blog Published: 02/22/2023
Originally published by Ermetic. CIEM solutions provide visibility into cloud identities to secure access management. With cloud adoption growing and entitlements taking center stage as the security boundary in the cloud, more organizations are looking for the right security solution for their id...
