Originally published by Pentera.“Defenders think in lists, attackers think in graphs” said John Lambert from Microsoft, distilling the fundamental difference in mindset between those who defend IT systems and those who try to compromise them.The traditional approach for defenders is to list security gaps directly related to their assets in the network and eliminate as […]
Category Archives: Cloud Security Alliance
Category Added in a WPeMatico Campaign
Written by Abel E. Molina, Principal Architect in Design Studio, Softchoice.IntroductionConsider the following challenge: You are presented by your leaders to tear down and remodel a cruise ship, while keeping the overall structure intact. Where do you begin? Which team/partners would you involve? What timeline would you anticipate for completion? This task might seem overwhelming, […]
Originally published by CXO REvolutionaries.Written by Rob Sloan, VP, Cybersecurity Advocacy, Zscaler.Deciding on the appropriate amount of funding for information security in the upcoming year is a tricky task. Despite gross domestic product rising, low unemployment, and falling inflation, there are still concerns about a broader economic slowdown. Chief information security officers must find the […]
Written by CSA’s Top Threats Working Group.In this blog series, we cover the key security challenges from CSA’s Top Threats to Cloud Computing 2024. Drawing from insights of over 500 experts, we’ll discuss the 11 top cybersecurity threats, their business impact, and how to tackle them. Whether you’re a professional or a beginner, this series […]
Originally published by Tenable. Written by Rémy Marot. Artificial Intelligence (AI) is transforming industries and beginning to be widely adopted by software developers to build business applications. However, it’s critical that organizations ensure the security of their users, their data and their infrastructures. In cybersecurity, a core rule is: “Never trust user inputs.” This rule […]
Originally published by Astrix.What are OAuth Tokens? OAuth (Open Authorization) Tokens are Non-Human Identities that work as a secure authentication mechanism. They delegate access to third parties or external apps without exposing your environment’s sensitive credentials. Organizations that rely on third-party applications and service integrations in their environments commonly use OAuth tokens. There are different […]
Originally published by Suridata.No More SaaS Security TradeoffsIf your organization is like most, you are probably using upwards of a hundred Software-as-a-Service (SaaS) applications. The reasons for this are many, including convenience, instant access to enterprise software, and flexibility. On the downside, SaaS security has proven to be a challenge, even if you have robust […]
Originally published by Normalyze.Written by Ravi Ithal.Over the past year, the buzz around large language models (LLMs) has skyrocketed, prompting many of our customers to ask: How should we think about securing AI? What are the security implications? To answer these questions, it’s good to actually go into learning how LLMs operate. So, let’s start […]
Originally published by CXO REvolutionaries.Written by Guido Sacchi, Former Senior Executive Vice President and Chief Information Officer, Global Payments.Over the course of my career as a consultant, executive, and advisor, I have spent a good deal of time reflecting on my personal imperatives for making IT initiatives successful. What guiding principles, honed over multiple decades […]
Originally published by BARR Advisory.In today’s digital age, all organizations are exposed to some level of risk. As a baseline, companies are expected to have appropriate controls and safeguards in place to protect their customer’s information—but even the most well-postured organizations may still fall victim to cyberattacks. A report by Vanta reveals that over two-thirds […]