Originally published by Paperclip.Written by Mike Bridges.The culture of cybersecurity and data protection is broken. Let’s look at it from a unique point of view. You’ve got an employee who is terrible at their job, consistently makes mistakes, and puts the company in harm’s way. Even worse, when you confront them about it, they make […]
Category Archives: Cloud Security Alliance
Category Added in a WPeMatico Campaign
Originally published by BARR Advisory. Written by Cody Hewell and Brett Davis. A report by Proofpoint indicated that nearly 70% of CISOs feel their organization is at risk of experiencing a material cyber attack in the next 12 months. While annual assessments and audits will help your organization demonstrate your commitment to cybersecurity best practices, […]
Originally published by CyberArk.Written by Sam Flaster.Warm. Rich. Chocolatey. The way I see it, a proper chocolate layer cake is the best sensory experience a human can have. Let’s go a bit further still: good chocolate cake is the height of human achievement.In the world of enterprise IT, one could say the same of a […]
Originally published by Dazz.IntroductionReady to tackle a challenging topic for DevSecOps and security teams in the application security space? Ready or not—let’s talk about increasing and governing the adoption of scanners.The Application Security ProcessApplication security is a labyrinth with myriad stages and steps as applications are developed internally. Within development processes, there are multiple points […]
Recent CSA survey data shows that organizations are struggling to manage permissions and API keys. (API keys are the codes used to authenticate users and applications.) Keep in mind that API keys are also a type of non-human identity (NHI). An NHI is a digital construct used for machine-to-machine access and authentication. NHIs present unique […]
Originally published by Pentera.“Defenders think in lists, attackers think in graphs” said John Lambert from Microsoft, distilling the fundamental difference in mindset between those who defend IT systems and those who try to compromise them.The traditional approach for defenders is to list security gaps directly related to their assets in the network and eliminate as […]
Written by Abel E. Molina, Principal Architect in Design Studio, Softchoice.IntroductionConsider the following challenge: You are presented by your leaders to tear down and remodel a cruise ship, while keeping the overall structure intact. Where do you begin? Which team/partners would you involve? What timeline would you anticipate for completion? This task might seem overwhelming, […]
Originally published by CXO REvolutionaries.Written by Rob Sloan, VP, Cybersecurity Advocacy, Zscaler.Deciding on the appropriate amount of funding for information security in the upcoming year is a tricky task. Despite gross domestic product rising, low unemployment, and falling inflation, there are still concerns about a broader economic slowdown. Chief information security officers must find the […]
Written by CSA’s Top Threats Working Group.In this blog series, we cover the key security challenges from CSA’s Top Threats to Cloud Computing 2024. Drawing from insights of over 500 experts, we’ll discuss the 11 top cybersecurity threats, their business impact, and how to tackle them. Whether you’re a professional or a beginner, this series […]
Originally published by Tenable. Written by Rémy Marot. Artificial Intelligence (AI) is transforming industries and beginning to be widely adopted by software developers to build business applications. However, it’s critical that organizations ensure the security of their users, their data and their infrastructures. In cybersecurity, a core rule is: “Never trust user inputs.” This rule […]