ADS BY GOOGLE
Cloud Security

In a Feb 2014 survey, 94 percent of organizations surveyed reported running applications or experimenting with infrastructure-as-a-service[1]. According to research firm Nasumi, there is over one exabyte currently stored in the cloud. An exabyte is over a billion GB[2]. Considering the...
It is a mistake to think we can secure APIs using the same methods and technology that we used to secure the conventional, browser-centric web. Andi Mann from CA Technologies recently pointed out that, at every turn, customers are interacting more and more with businesses through appli...
Ransomware is the latest example of the increasingly sophisticated and damaging inventions of hackers. Individuals and organizations of all sizes are finding that their data has been locked down or encrypted until a ransom is paid. One program, CryptoLocker, infected more than 300,000 ...
The threats facing network operators all over the world, spanning service providers, enterprises, cloud and hosting providers and mobile operators alike, are by no means stalling. While optimism is always the name of the game, we know all too well in security that trying to keep pace w...
We’ve distilled lessons learned from Snowden scandal and created 5 questions every CEO should be asking their CIO / CISO in order to avoid a catastrophic rogue insider event in the private sector both in using cloud as a vector of exfiltration as well as protecting their data stored in...
Until this week the biggest anxiety when dealing with eBay has likely been fretting over a negative rating, concerns about slow shipping or a delayed refund. Then suddenly yesterday the media jumped all over the story that eBay had been hacked and users need to change their passwords. ...
Risk-conscious enterprises across the globe have been reluctant to embrace the public cloud model. For many, compliance requirements are the source of the reluctance. For others, concerns about ceding control of their data to a cloud service provider, without the cloud service provider...
Last month, the Information Security Forum released their annual prediction of the top 10 information security threats they foresee for the next two years – through 2016. While I found the entire list insightful, half of the list resonated strongly with me as someone who is working wit...
As recent events have confirmed once again, no single company, organization or government is up to the task of securing the Internet. The never-ending cat and mouse game of exploits chasing vulnerabilities continues. The stunning Heartbleed discovery has shaken the online security esta...
Cloud computing brings a myriad of benefits for any enterprise, but it is also a cause for concern in a world where, according to InformationWeek, cyber criminals are now targeting "any company where they can find data to resell, disrupt or exploit." Moving your company's sensitive da...
Learn how a Process Intelligence Engine identifies business risks and highlights opportunities for process improvement by collecting, correlating and analyzing raw observations throughout the SDLC (source code, defects, build, requirements, ALM, test management…)— helping you mitigate ...
Finansbank in Istanbul has developed an impressive record of managed risk and deployments, with an eye to greater automation over time. Governance, risk management and compliance (GRC) form a top-tier of requirements for banks anywhere in the world as they create and deploy applicatio...
Global information technology networks that are rich in services are typically complex and require hard-to-manage security solutions. The latest versions of next-generation firewalls now offer multiple security layers that can complicate management, particularly as more and more featur...
Yesterday one of the biggest outages in history, if not the biggest outage, happened to the Internet in China. Primarily and directly affected by that outage were most of the people living in China and browsing the Internet in China. Secondary, all companies doing online business in C...
Savvy organizations, HP among them, are turning to preventing attacks, rather than just detecting them and remediating them. The high cost of unwanted intrusion and malware across corporate networks is well known. Less talked-about are the successful ways that organizations are thwart...
Many news organizations including The Washington Post are reporting that the latest documents leaked by former NSA contractor turned whistleblower Edward Snowden show the NSA is in the early stages of working to build a quantum computer that could possibly crack most types of encryptio...
Within the ThreatConnect Intelligence Research Team (TCIRT), we feel that sharing what we know, whether publicly or privately, helps to grow our organization. We see information sharing as a key investment area, allowing our team to more efficiently save time and money while helping u...
The move to the cloud brings a number of new security challenges, but the application remains your last line of defense. Engineers are extremely well poised to perform tasks critical for securing the application—provided that certain key obstacles are overcome. Before the move to the ...
Perpetual preparedness is tough to maintain. Vulnerability management tends to be an overwhelming task because of the growing number of devices and continual stream of warnings, alerts and notifications— whether it is security patches or zero day exploits, you name it. Mapping how thes...
The digital age has forced a kind of dependency never before seen, a dependency on our inbox. The mere thought of losing these emails is inconceivable where the thought of it leaves us with a sense of panic, one similar to losing our credit cards or house key. Unfortunately, the potent...
Cybercriminals are employing more sophisticated techniques all the time and far too many companies and organizations still don’t have the protection they really need to safeguard their systems. The prevalence of targeted attacks and advanced persistent threats (APTs) is disturbing. ...
HP's CISO Brett Wahlin explains the increasing threats facing enterprises across the world and how companies are evaluating, and must evaluate, their options for not only dealing with them, but predicting them and preventing them. Join HP’s Chief Information Security Officer (CISO) to...
SecurityStockWatch.com: Thank you for joining us today, Steve, please tell us about your background and your role at HP. Steve Lazerowich: With over 15+ years’ experience with security solutions, I joined HP Enterprise Services in 2010 as a Senior Solutions Designer, responsible for ...
Restaurants, food service orgs feel the sting of security breaches via POS integration..ask Raleys, Schnucks, Subway, Zaxbys aned many others. Affordable real time monitoring must become a key priority. I love sushi. I love big fat burritos. I love tikka masala. So now that my taste b...
Part 2 of Cloud Monitoring Essentials presents 3 key actions to ensure that cloud users maintain a strong security posture. The cloud offers users agility and flexibility at, potentially, a far lower cost than a traditional data center model. However, with these benefits come risks f...
The reemergence of the Dirt Jumper botnet in association with fraudulent wire transfer and ACH transactions continues to highlight one simple truth: cybercriminals are all about money, whether it is generated directly via fraud or via access to information. Dirt Jumper came into the ...
In my previous post (Cloud Data, Security, Privacy & Confidentiality/ The ISV Perspective) I talked about the increasing exposure of data, the changing landscape of data confidentiality and the need to shield data rather than retreat into – largely mythical -“safe heavens” of on prem...
More than fines and reparations, intrusion Security significantly impacts customer retention. Damage done to brands because users don't trust doing business with that company is staggering. In terms of dollars and cents on a risk analysis spreadsheet, it is easier to put a value on a ...
Every business acknowledges that network security is critical. But how do you quantify the business value that a secure network provides? And how does an enterprise evaluate and justify investing in network security products like next-generation firewalls, intrusion prevention systems ...
In the world of information security, small businesses and the security needs of small businesses are often overlooked, particularly in the realm of application security. When looking at the investment required to build a robust application security program, it really doesn’t make sens...
CSC Global Cybersecurity, in a strategic partnership with HP, is helping companies and governments better understand and adapt to the tough cybersecurity landscape. We’re going to learn from a panel how professional services provider CSC, in a strategic partnership with HP, is helpi...
EMC said Monday that it had bought privately held identity verification specialist Aveksa for its RSA authentication unit. The Times of India, where the Massachusetts-based Aveksa does core development work, broke the story and claimed that EMC paid upwards of $225 million in cash for ...
When organizations look to protect sensitive data at rest in the cloud or in transit on the way to it, there are two primary obfuscation strategies most consider – tokenization or encryption. But some enterprises may not know the details of how these methods work or how they differ. A...
Every day, employees make tradeoffs between productivity and security, which means routine security training is necessary for safeguarding company and customer data. Common sense alone is inadequate. For instance, do most of your employees think it’s okay to connect an encrypted USB st...
With Cloud Expo New York | 12th Cloud Expo [June 10-13, 2013] starting next week, here's a look at one of the distinguished individuals in our incredible Speaker Faculty for the technical and strategy sessions at the conference coming up June 10-13 at the Jacob Javits Center in New Yor...
CloudPassage, the security SaaS start-up, has gotten a big, embracing US patent on its Halo cloud infrastructure security technology. It’s patent No. 8,412,945 B2. It’s reportedly the first company to get a US patent on universal cloud infrastructure security.
Imagine if you could take a time machine five years into the future, so that you would know which of today’s new technologies panned out and which did not. Most companies have only started using cloud in the past two years. But there are some companies that have been using cloud for...
These days, it seems that every cloud provider claims that cloud is safer than your traditional datacenter. Is it though? In his General Session at 12th Cloud Expo | Cloud Expo New York, McAfee expert Rishi Bhargava will help you explore and address the security challenges and consider...
You may have heard that cloud computing and Software-as-a-Service (SaaS) models can turn software technology into a pay-as-you-go utility that businesses can “plug in to” and use like electricity? Perhaps — however, software technology is far more varied, nuanced and diverse than el...
From its origin in 1995, SSH, the secure shell data-in-transit protocol, has been used the world over as a method to transfer data between machines, as well as a tool to provide remote administrator access. Some variation of the protocol is packaged free in every version of Unix, Mac O...


ADS BY GOOGLE