Security News

66% of organizations store 21%-60% of their sensitive data in the cloud
2022-06-16 08:00

A Thales report, conducted by 451 Research, reveals that 45% of businesses have experienced a cloud-based data breach or failed audit in the past 12 months, up 5% from the previous year, raising even greater concerns regarding to protecting sensitive data from cybercriminals. Globally, cloud adoption and notably multicloud adoption, remains on the rise.

Cloud computing top concerns: The focus is shifting
2022-06-15 04:00

The Cloud Security Alliance released the Top Threats to Cloud Computing: The Pandemic 11 report, which found a marked change in what cloud security provider security issues are seen as concerning. New, more nuanced items, such as configuration and authentication, suggest both that consumers' understanding of the cloud has matured, and signals a technology landscape where consumers are actively considering cloud migration.

83% of IT pros are using either hybrid or multi-cloud
2022-06-13 08:00

Canonical released data from a survey revealing the goals, benefits, and challenges of cloud-native technologies. The report has surveyed more than 1,300 IT professionals over the last year about their usage of Kubernetes, bare metal, VMs, containers, and serverless applications.

Increased cloud complexity needs stronger cybersecurity
2022-06-13 03:30

A Thales report, conducted by 451 Research, reveals that 45% of businesses have experienced a cloud-based data breach or failed audit in the past 12 months, up 5% from the previous year, raising even greater concerns regarding to protecting sensitive data from cybercriminals. Despite their increasing prevalence and use, businesses share common concerns about the increasing complexity of cloud services with 51% of IT professionals agreeing that it is more complex to manage privacy and data protection in the cloud.

OMIGOD: Cloud providers still using secret middleware
2022-06-11 11:00

Few understand their attack surface, says Trend Micro. Survey results from Trend Micro indicate that, when it comes to organizations understanding their attack surfaces, most don't.

Cloud services proving handy for cybercriminals, SANS Institute warns
2022-06-09 21:30

These days, cybercriminals are living off the cloud, according to Katie Nickels, director of intelligence for Red Canary and a SANS Certified Instructor. "It's not enough to pay attention to the operating systems, the endpoints, said Nickels, speaking on a SANS Institute panel about the most dangerous new attack techniques at RSA Conference."Adversaries, a lot of their intrusions, are using cloud services of different types.

Only 13.5% of IT pros have mastered security in the cloud native space
2022-06-09 03:00

According to the survey, Kubernetes and cloud native technologies unlock innovation for organizations and allow them to achieve their goals. The benefits of cloud native technologies vary, depending on their usage and the maturity of the organizations using them, with elasticity and agility, resource optimisation and reduced service costs identified as the top benefits, and security the most important consideration.

Can’t Choose Between Public And Private Cloud? You Don’t Have To With IaaS
2022-06-06 00:00

In 2021, Dell, Intel, and VMware commissioned a custom study from Forrester Consulting to understand today's IT and business requirements for infrastructure, data storage, and application performance. We found that, though many businesses prefer to keep their infrastructure and data on-premises, they are adopting infrastructure-as-a-service to proactively optimize their deployment strategy across a hybrid of public cloud and private cloud infrastructure for IT and business gains.

Cloud security unicorn cuts 20% of staff after raising $1.3b
2022-05-27 19:19

Cloud security company Lacework has laid off 20 percent of its employees, just months after two record-breaking funding rounds pushed its valuation to $8.3 billion. A spokesperson wouldn't confirm the total number of employees affected, though told The Register that the "Widely speculated number on Twitter is a significant overestimate."

How to eliminate the weak link in public cloud-based multi-party computation
2022-05-27 04:00

Regardless of how centralized or distributed, the weak link appears when private keys or other MPC components must be computationally executed on a CPU. The point of the encryption protocols is that the algorithm is public, and the security relies only on the keys. If an attacker infiltrates multiple hosts, and gains access to the required pieces, they can perform the multi-party computation on their own and steal digital assets and funds.