Inside Advanced Scale Challenges|Friday, May 26, 2017
  • Subscribe to EnterpriseTech Weekly Updates: Subscribe by email

WannaCry Lingers, Cyber Analyst Warns

WannaCry Lingers, Cyber Analyst Warns

One week after a ransomware attack cut a swathe across Europe and China, a range of after-action ...

New Frontiers in Cyber Security: Locomotives without Wheels, Moats, Deep Learning at the Edge

New Frontiers in Cyber Security: Locomotives without Wheels, Moats, Deep Le...

Industry analyst Bob Sorensen recently told us something most IT managers already know deep in their apprehensive ...

IoT Deployments Fuel ‘Chaotic’ Cloud Security

IoT Deployments Fuel ‘Chaotic’ Cloud Security

Cloud security remains "complex and chaotic" and the Internet of Things threatens to increase cloud security risks, ...

Overcoming Security Challenges in the Hybrid Cloud

Overcoming Security Challenges in the Hybrid Cloud

Businesses are embracing the flexibility and scalability of hybrid cloud computing, where the public cloud and ancillary ...

Security

May 19, 2017(0)
One week after a ransomware attack cut a swathe across Europe and China, a range of after-action analyses have emerged as to how the exploit unfolded and how the perpetrators leveraged recently hacked National Security Agency tools. The latest assessment of the so-called WannaCry ransomware outbreak comes from digital forensic specialist Secdo, which posits that hackers leveraged NSA's "EternalBlue" ... Full article
April 7, 2017(0)
Despite repeated assurances that Internet of Things security issues are being addressed, so-called "in-the-wild" attacks on poorly secured devices reveal that securing the IoT still has a long way to go. The latest threat comes from a new malware strain known as BrickerBot that, according to security experts, intentionally "bricks" IoT devices, meaning the malware renders the computer's motherboard ... Full article
March 29, 2017(1)
Cloud security remains "complex and chaotic" and the Internet of Things threatens to increase cloud security risks, warns a survey of IT security managers conducted during last month's RSA security conference. The survey of nearly 1,000 RSA attendees by security vendor AlienVault found that one third considered their cloud security monitoring to be "complex and chaotic." More worrying, 62 ... Full article
March 23, 2017(0)
As is often the case, network security tools are just now beginning to keep catch up with vulnerable Internet of Things deployments, particularly leading edge industrial IoT infrastructure. With that in mind, some security vendors are taking a platform approach to securing industrial IoT devices and industrial clouds that are among the earlier deployments. The latest comes from security ... Full article
February 28, 2017(0)
One of the offshoots of the open source movement has been the gradual rise of "citizen application developers" operating on enterprise-grade "low-code" platforms. While the approach is seen as one way to meet the growing demand for enterprise applications such as data capture and mobile data access, a survey warns that the development approach brings with it a new ... Full article
February 23, 2017(0)
If indeed we are operating in a "digital economy," standard security measures such as passwords are no longer sufficient to shield the underlying IT infrastructure from sophisticated hackers, asserts a panel of U.S. experts and advocates of "multi-factor" authentication technologies. A report released late last year by the U.S. Commission on Enhancing National Cybersecurity warns: "For now, technological advancement ... Full article
February 22, 2017(0)
Yet another survey, this one by an Internet of Things standards group, emphasizes the need for interoperability and security standards as more devices are connected. Moreover, the survey of consumers by the Open Connectivity Foundation (OCF) uncovered growing demand for interoperable devices and communications along with security certification in the wake of several high-profile hacks involving IoT networks. OCF ... Full article
February 14, 2017(0)
A corporate job opening typically draws as many as 250 applicants with varying qualifications. In stark contrast, a new survey of the growing cyber security skills gap reveals that just over half of U.S. companies looking to fill corporate IT security positions receive five applications. Of those, fewer than one in four candidates possess the qualifications companies are seeking. ... Full article
February 10, 2017(0)
In advance of next week’s big RSA data security show in San Francisco, we’ve received a bevy of security product announcements from companies leveraging data analytics, AI, behavior analytics and machine learning to automate threat detection, many of them touting breach prevention, rather than post-breach investigation, capabilities. “While most of this is not totally new, we expect to see ... Full article
January 31, 2017(1)
Promising stronger and faster security for application containers in production, a startup has unveiled a new continuous security approach based on adaptive behavioral learning. The approach is said to secure distributed applications delivered via containers at their most vulnerable point: in production environments where deployed and scaled across hosts and datacenters. Virtualization and security veterans from Cisco Systems (NASDAQ: ... Full article
January 25, 2017(2)
A new infrastructure vulnerability study confirms what became apparent late last year: botnets are exploiting inherent security weaknesses in Internet of Things (IoT) devices. The infrastructure security report released by Arbor Networks Inc. also warns that the release of botnet source code has greatly expanded the ability of hackers to launch distributed denial-of-service (DDoS) attacks. "The massive growth in ... Full article
January 17, 2017(1)
Threat actors are getting better, faster, and more efficient at compromising networks, taking only minutes or less to breach systems. Unfortunately, organizations are taking weeks, if not longer, to discover these breaches. In fact, over the last decade the “detection deficit” – the time it takes adversaries to compromise networks vs. the time it takes those organizations to discover ... Full article
January 11, 2017(0)
Responding to growing concerns about cloud security and data governance across different platforms, Google is expanding its cloud security options with the release of encryption key management service. The Cloud Key Management Service is intended to broaden encryption options on the Google Cloud Platform as the shift to multi-tenant cloud services expands. Google (NASDAQ: GOOGL) said Wednesday (Jan. 11) ... Full article
December 9, 2016(0)
Securing the contents of application containers based on Docker and other platforms has relied heavily on isolating individual containers from one another along with other access control approaches. Now, a data security vendor is proposing an encryption scheme that, for example, extends "data-at-rest" security capabilities to Docker encryption and those access controls. Cyber and data security specialist Thales on ... Full article
December 7, 2016(1)
A flurry of industry surveys have flagged open source and unlicensed software as growing security threats. Moreover, a review released by Flexera Software also found that the very security products designed to protect IT infrastructure are themselves riddled with vulnerabilities embedded in open source software. While agreeing that malware is a growing threat, other observers counter that the culprit ... Full article
November 17, 2016(0)
The steady shift toward purchasing IT "as a service" is accelerating the decentralization of infrastructure management, fostering growing security concerns as more enterprises shift operations to the cloud, according to study commissioned by VMware Inc. The company (NYSE: VMW) pointed to growing concerns about IT fragmentation and the resulting security gaps to pitch its "cross-cloud architecture" designed to help ... Full article
October 28, 2016(0)
As enterprises seek ways to nail down IT security for a growing list of open-source infrastructure distributions, the security sector is moving toward critical mass with an increasing number of acquisitions. This week's deal between software license optimization vendor Flexera Software and security and compliance specialist Palamida Inc. was followed by the acquisition of an application container security startup ... Full article
October 27, 2016(0)
Seeking to spot potential security vulnerabilities in systems that increasingly rely on open source software, software license optimization vendor Flexera Software has acquired a specialist in identifying potentially vulnerable software components. Flexera, Itasca, Ill., said Thursday (Oct. 27) it is acquiring San Francisco-based Palamida Inc. Terms of the transaction were not disclosed. The deal represents an expansion of Flexera's ... Full article
October 12, 2016(0)
Security remains the greatest barrier to cloud adoption as more mobile applications are hosted by outside software and infrastructure service providers, according to a new survey. The vendor poll released this week also found that only 10 percent of cloud migrations have been completed as enterprises struggle with a host of security issues. The digital transformation survey released Wednesday ... Full article
October 11, 2016(0)
U.S. government agencies' slog to the cloud, a journey that has lately been complicated by a new set of security requirements designed to fend off an outbreak of "nation-state" cyber attacks, registered some modest progress this week when another cloud services provider announced it had achieved "ready status" under a federal cloud security initiative. CloudPassage Inc., a security platform ... Full article

More articles

Share This