Cybersecurity

Protecting Your Organization's Cloud

As organizations move to the cloud, the next evolution of Network Access Control takes shape to meet business demands.
 

What are the chances that your organization has moved some of its data, systems, programs and applications to the cloud? Quite high. According to a Synergy Research survey of IT professionals, spending on private cloud and cloud-enabled solutions grew by 16% between the second quarters of 2015 to 2017. During that same period, traditional, non-cloud data center hardware and software dropped 18%. It is easy to understand why these days, cyber security threats are coming in through many new channels and vulnerabilities that are not part of the traditional IT infrastructure such as, mobile devices and cloud-based applications. The following prevalent trends in the enterprise highlight why it is essential to monitor your network with a Cloud Network Access Control (Cloud-Based NAC). 

Company Networks Go Global

Organizations are becoming perimeter-less. Traditional IT perimeters have been torn down by the adoption of BYOD, IoT devices, telecommuting and cloud computing. Therefore, one can no longer look at the network as a defined infrastructure within a physical firewall. The network is essentially global without boundaries. According to a Gallop News Service poll from 2015, 37% of U.S. workers had telecommuted for work, and this was up by 30% from the last decade but four times greater than the 9% found in 1995. Perimeter-less companies require continuous risk-monitoring and risk-assessment that can match the ever increasing mobile and cloud-based reality and this can be performed best via the cloud. 

WhiteHat Security Delivers New Crash Course Series to Grow AppSec Expertise

Written by David Marshall

Today, WhiteHat Security, leading application security provider, launched its "Crash Course" series, which includes three webinars run by Kimberly Chung, who runs the Threat Research Center's WhiteHat Academy.

"WhiteHat has made a major commitment to educating and training the wider security and developer community. The WCSD program, Crash Course series and on-demand technical webinars-all provided for free-- demonstrate the company's long-term commitment to supporting industry professionals and helping them fulfill their potential," commented Eric Sheridan, chief scientist at WhiteHat and leader of the WCSD program.

The series complements the successful WhiteHat Certified Secure Developer (WCSD) program, which has enrolled more than 3,300 people and certified more than 500 developers in 2017 alone. The series is specifically tailored for application developers, security analysts, architects, managers or auditors and any security professionals interested in learning how web application security is key to vulnerability management. 
 

2 Ways To Keep Your Business More Secure

While it may be impossible to remain 100% protected at all times, it is increasingly important that every company is making the most of its security. The growing threat of cybercrime means that alongside the huge number of benefits that the internet offers, it also comes with some substantial risks. It is this reason why it has never been more important that you look at your online security and critically view it regarding its strengths. Identifying your weak security points is the first stage of addressing them, so here are the key ways that you can assess your business security and help to keep your business much more secure. 

Bitdefender Launches High Performance Virtualization Security for MSPs

Grazed from Bitdefender

Bitdefender, a leading global cybersecurity technology company protecting 500 million users worldwide, today announced its Security for Virtualized Environments (SVE) is now available for MSPs. Expressly designed to help service providers protect their customers' virtual desktops and servers without slowing performance or affecting users, it delivers full-fledged, multi-layered defense, including machine learning, anti-exploit and continuous process monitoring, all within a lightweight footprint.

To ensure maximum performance and protection, Bitdefender's SVE for MSPs offers a highly resilient virtual machine (VM) security architecture that offloads scanning to hardened, virtual appliances with load balancing and failover capabilities. Available as a monthly-billed service, it addresses challenges related to poor performance and user experience, inefficient security management, VM security and compliance gaps, which MSPs have been struggling with for years.

New Cloud Security Report Reveals Rising Cybersecurity Concerns and Lack of Expertise

Crowd Research Partners today released the 2018 Cloud Security Report revealing that security concerns are on the rise, exacerbated by a lack of qualified security staff and outdated security tools - while data breaches are at an all-time high.

Download the complete 2018 Cloud Security Report here.

"While workloads continue to move into the cloud, the study reveals that cloud security concerns are on the rise again, reversing a multi-year trend," said Holger Schulze, CEO of Cybersecurity Insiders and founder of the 400,000-member Information Security Community on LinkedIn which commissioned the study. "With half of organizations predicting a rise in cloud security budgets, protecting today's cloud environments require more and better trained security professionals and innovative, cloud-native security solutions to address the concerns of unauthorized access, data and privacy loss, and compliance in the cloud."

Key takeaways from the report include:

Limelight Networks Helps Companies Defend against Cyber Threats with New Bot Management Solution

Grazed from Limelight Networks

With cyberattacks increasing in scope, sophistication and frequency, Limelight Networks, Inc., a global leader in digital content delivery, today announced a new Advanced Bot Manager option for its Limelight Web Application Firewall (WAF) solution for protecting digital content.

Global internet traffic generated from bots is higher than human-generated traffic, according to Mary Meeker's annual internet trends report. And more than half of bots are malevolent and engaging in destructive activities such as seeking vulnerabilities on websites and committing fraud, stealing corporate and personal data, and launching DDoS attacks. At the same time, the internet depends on beneficial bots that power search engines and digital assistants.

Box and Palo Alto Networks Strengthen Integration to Protect the Extended Enterprise

Grazed from Box and Palo Alto Networks

Box, a leader in cloud content management, and Palo Alto Networks, the next-generation security company, today announced the expansion of their existing integration to now automatically classify sensitive content and enforce policies to prevent users from accidentally or intentionally sharing confidential information.

The integration, offered through Box Governance, is the result of partnerships between Box and Palo Alto Networks, as well as other cybersecurity industry leaders. Palo Alto Networks Aperture SaaS security service delivers complete visibility and granular enforcement across all user and data activity within enterprise SaaS applications like Box, providing detailed analysis and analytics on usage without requiring any additional hardware or software.

Bromium Application Isolation Now Available for Citrix XenServer

Grazed from Bromium

Bromium, Inc., the pioneer and leader in virtualization-based enterprise security that stops advanced malware attacks, today announced it now supports Citrix XenServer 7.3 nested virtualization with superior performance. Citrix XenServer is an open source platform for cost-effective application, desktop, cloud, and server virtual infrastructures. When Bromium is used for cybersecurity, any supported application or task is completely isolated inside a micro virtual-machine (micro-VM) so that any malicious behavior is contained and cannot impact the host or VDI environment. Adding application isolation as a security layer is the smartest way to allow employees to get back to work while containing malware.

"As the most integrated hypervisor with world's leading VDI and application delivery product, XenDesktop, Citrix XenServer gives our customers an enterprise hypervisor platform for hosting their virtual desktop workloads on-premises," says David Cottingham, Director of XenServer Product Management & Partner Engineering at Citrix. "With today's ever-increasing sophistication of threats, additional layers of protection are more important than ever. Bromium Secure Platform gives our customers a unique solution for protecting their virtual desktop infrastructure in new ways to safeguard against ransomware - combating sophisticated threats with sophisticated protection."

Signal Sciences Partners with Optiv Security to Bring Application, Cloud and DevOps Security Solutions to the Enterprise

Grazed from Signal Sciences

Signal Sciences today announced a partnership with Optiv Security, a market-leading provider of end-to-end cyber security solutions, to bring application, cloud and DevOps security solutions to enterprise-class organizations. Signal Sciences Web Protection Platform (WPP) empowers organizations to enable cloud and DevOps while protecting their most critical web applications, APIs and microservices from security threats. By combining Signal Sciences WPP with Optiv's technology expertise and comprehensive security services, enterprise application development and cloud security programs become more effective, manageable and measureable.

"The rapid and widespread adoption of DevOps, agile and cloud infrastructure for application development has brought significant security issues for organizations of all kinds," said Andrew Peterson, CEO of Signal Sciences. "We're incredibly excited to help Optiv reduce the complexity of enterprises' cloud, DevOps and application security programs while improving the overall efficiency and effectiveness of those critical areas."

Acronis Releases a Free, AI-based Ransomware Protection Tool

Grazed from Acronis

Acronis, a global leader in hybrid cloud data protection and storage, today released Acronis Ransomware Protection, a free, stand-alone version of its unique AI-based Acronis Active Protection technology, which stops ransomware attacks in real-time and helps users to recover data without paying the ransom.

Recent ransomware attacks exposed the vulnerability of endpoint devices, showing that new strains of ransomware can easily bypass traditional anti-virus software to encrypt user data. Acronis Ransomware Protection provides an additional level of defense that can be used together with other data protection solutions already installed on the device, such as anti-virus and backup software. It monitors system processes in real-time to automatically detect and stop the attacks other solutions can't. In event of a ransomware attack, Acronis Ransomware Protection blocks the malicious process and notifies the user with a popup. If any files were damaged in the attack, it facilitates the instant recovery of those affected files.