Cybersecurity

How to approach cloud computing and cyber security in 2017

Grazed from Information-Age. Author: Ben Rossi.

The adoption of cloud computing has been on the up since as far back as 2008, when a survey conducted by the Pew Research Institute found that cloud services were used by nearly 69% of Americans. Since then, the industry has experienced hyper-growth and exceeded the already vast predictions of how big it would become.

IDC predicts that the cloud computing market in 2017 will be worth $107 billion and, according to Gartner, by 2020 a corporate ‘no-cloud’ policy will be as unusual as a ‘no-internet’ policy would be today. Indeed, it would be difficult to imagine an organisation in 2017 that did not use webmail, file sharing and storage, and data backup...

BeyondTrust Announces Support for Microsoft Azure

Grazed from BeyondTrust

BeyondTrust, a leading cyber security company dedicated to preventing privilege misuse and stopping unauthorized access, announced support for the Microsoft Azure cloud platform, providing privileged access management (PAM) and vulnerability management (VM) solutions that can now be hosted in and manage Azure instances.

According to the 2016 Gartner Magic Quadrant for Public Cloud Storage Services Worldwide, 80 percent of cloud breaches through 2020 will occur due to customer misconfiguration, mismanaged credentials or insider theft. As the cloud ecosystem evolves it is increasingly critical to ensure visibility and security. However, many traditional security tools that are architected for on-premises environments and extended to the cloud present critical blind spots that put an organization at risk.

Information Security Basics Your Small Business Needs Today

We have covered a number of security-related topics in past articles here at CloudCow, but that doesn't change the fact that security awareness is still very low, especially among business users. Recent ransomware attacks crippling the NHS in the UK and several banks in Spain have illustrated just how vulnerable these large companies are.

The outlook is grim for small businesses, despite the fact that they are targeted more frequently. Budget remains a big obstacle and real solutions are still not being implemented properly. Taking basic steps today can help save your business from future security issues. Here are the first steps to take for better information security.

Get a Vulnerability Assessment

The minimum you should do is get your systems checked. A network and application vulnerability assessment is a standard procedure that will help you identify risks and potential security problems. At the very least, you will know the kind of risks you're facing when you don't have proper security measures in place.

RapidFire Tools Inc. Launches Unlimited-Use Internal Cyber Security Service Delivery System For MSPs

Grazed from RapidFire Tools, Inc.

RapidFire Tools Inc. has bundled together a powerful new set of tools that, for the first time, allows MSPs to roll-out a high-value, automated and branded internal IT security service that can be offered to all of their clients. The new product, called Detector SDS (Service Delivery System), includes an unlimited-use license for its unique Detector™ cyber security alerting appliance, plus additional new tools that the MSP can use to define the level of service, dynamically build marketing materials to help sell the services they create, and built-in workflow automation to easily manage the cyber security alerts through a common interface. Everything in the system, including the unlimited-use Detector appliance license, is covered by a low monthly subscription.

The Detector SDS solution comes pre-configured with a set of three "white-labeled" cyber security service plans -- "Silver," "Gold" and "Platinum." MSPs can deliver these as-is, "out-of-the-box," or modify them to meet the needs of individual clients using the built-in, menu-driven "Service Plan Creator." The pre-configured services, as well as the customized ones, can all be renamed and branded by the MSP. Once the plans are created, the MSP can quickly and easily select one or more plans to present to a client or prospect, and the system will automatically generate a professionally-formatted and branded "Plan Matrix" sales sheet. The Plan Matrix has a column for each service plan, in addition to neatly organized check-boxes that allow the client to easily see the differences in the individual plan features and deliverables. In addition, the system can automatically generate a branded Service Catalog for each Plan Matrix, providing more details about each of the deliverables included with each different level of service.
 

AlienVault Takes Proven Unified Security Management Platform to the Cloud

Grazed from AlienVault

AlienVault, the leading provider of Unified Security Management (USM) and crowdsourced threat intelligence, today announced the availability of USM Anywhere, the first all-in-one Software-as-a-Service (SaaS) security monitoring platform designed to centralize threat detection, incident response, and compliance management of cloud, hybrid cloud, and on-premises environments from a single cloud-based console.

Built natively in the cloud to monitor hybrid cloud environments, USM Anywhere is a comprehensive, unified solution that significantly simplifies security and reduces deployment time, so that companies of all sizes can go from installation to first insight within minutes. USM Anywhere also provides advanced automated response orchestration with external security tools and applications, making it easier for IT teams to respond quickly and efficiently to identified threats.

Simplifying Threat Detection and Response

ServiceNow Resolves Real Security Threats Fast

Grazed from ServiceNow

ServiceNow, the enterprise cloud company, today announced integrations from leading cybersecurity companies into ServiceNow Security Operations solution. With ServiceNow customers can prioritize threats and use a structured response engine to resolve real security threats fast. Now security analysts can easily enrich threat information, map those threats to the underlying business service at risk, and easily collaborate with IT to automatically resolve them. This replaces the manual, slow and ineffective back-and-forth resolution process of the past.

While enterprises have invested heavily in protection and detection tools, security response is often left unaddressed. Determining whether an alert constitutes an actual threat can take hours. Security analysts use email, phone calls and spreadsheets to coordinate remediation with IT teams. These manual processes are error-prone and unwieldy, leading to lengthy breach containment times of 70 days on average, according to the Ponemon Institute.

ServiceNow Security Operations replaces the manual work patterns of the past with intelligent workflows of the future and just added several new automation integrations from leading security vendors. In as little as 20 seconds, Security Operations automatically enriches each security incident with threat intelligence, including information from potentially affected endpoints. This allows security analysts to spend less time on researching problems and to get to resolution faster. In addition, ServiceNow Security Operations eliminates the need for manual data collection by automatically generating a post-incident report for later analysis, reporting or audit.

Cloud Computing: Sophisticated Phishing - Beware the Latest Gmail Phishing Attack

Grazed from Sci-Tech Today. Author: Editorial Staff.

Hackers have reportedly devised a new phishing method which seems to be tricking even the most experienced and tech savvy users into revealing their account details. The highly effective phishing campaign seems to be running on a sophisticated automation feature that pounces on newly compromised Gmail accounts to mount a secondary attack on users in the contact list.

Once hackers have taken over a Gmail account, they launch their secondary attack by sending out emails disguised under recently sent attachments and a relevant subject line. The email contains a thumbnail version of the attachment which, when clicked, opens up a convincing Gmail login box a trap that tricks users in revealing their Gmail account password...

Cloud Computing: Building your data castle - Protecting from ransomware and restoring data after a breach

Grazed from CloudTech. Author: David Trossell.

The data centre is the castle. You can pull up the drawbridge, fill up the moat, or pull down the portcullis. But at some point, you have to let data in and out, and this opens up the opportunity for ransomware attacks. No longer is it a matter of pride and peer recognition in the hacker community for circumnavigating and exposing the security of an organisation because it is now a fully-fledged industry in its own right with the use of ransomware.

That cybersecurity company Herjavec Group estimates to top a $1 Billon in 2016. In the past, those under siege used to flood the moats, pull up the drawbridges and drop the portcullis to protect themselves but with the modern data centre organisations life blood is the movement of data in and out of the data centre...

Cloud Computing: Preparing for a year of ‘unknown unknowns’ in cyber security

Grazed from CloudComputing. Author: Mike East.

Today’s threat landscape is constantly evolving. In 2016 in particular, we’ve seen a huge shift with adversaries penetrating organisations from the DNC to WADA and gaining access to sensitive documents that were later leaked to embarrass individuals. Yet, while many believe that this trend starts and ends with a contentious election, it’s not something that’s going away in 2017.

In fact, we’re starting to see continued and varied threats, most recently with DDoS attacks taking down the likes of the EU commission. Overall, the pace and variation of exploits driven by technically astute adversaries, will only gain momentum in the coming year if not managed effectively...

Read more from the source @ http://www.cloudcomputing-news.net/news/2016/dec/07/preparing-year-unknown-unknowns-cyber-security/

Employees Are One of the Biggest Cyberthreats to Businesses in North America

Grazed from Kaspersky Lab

Kaspersky Lab today released a report, Business Perception of IT Security: In the Face of an Inevitable Compromise, revealing the current state of security threats among businesses and how their perception of threats compares to the reality of cybersecurity incidents experienced over the past year, both in North America and worldwide. A top concern of North American businesses and a leading cause of successful cyberattacks in these organizations are also the most important asset: their employees.

The findings are a subset of data from the 2016 Kaspersky Lab Corporate IT Security Risks survey, which confirms cyberattacks are not uncommon to businesses throughout the world. In just the last 12 months on a global scale, 43 percent of businesses experienced data loss as a result of a breach. When taking a closer look at businesses in North America, the data reveals that these organizations are significantly less protected against attacks compare to businesses worldwide. For enterprises, nearly half (44 percent) in North America suffered four or more data breaches in the past 12 months alone, which is double the amount that businesses worldwide suffered (20 percent).