Cybersecurity

Cloud Computing: What Google knows about data security that you should know too

Grazed from CBC. Author: Jeff Green.

A new report on cloud storage prepared for Google by a Hamilton-based risk advisor shows that businesses need to take a truly global look to completely secure data. And in an interview with the CBC, James Arlen, director of risk and advisory services for Leviathan Security Group, says the same principles of data security companies such as Google need, apply to your personal data, too.

Arlen said the average person treats their personal memories like a digital shoe box, adding it just takes one "flood" for a catastrophic loss to occur. "The person who kept all the photos of the first four years of their child's life on their computer and now their hard drive crashed," Arlen said. "Now your child's photographic life begins at four."...

Cloud Computing: Cyber Security Web Site Dedicated to C-Suite and Business Personnel Launches

Grazed from PR.Com.  Author: PR Announcement.

The proliferation of cloud computing, big data, BYOD, mobile and inter-connected networks have become opportunistic breeding grounds for cyber criminals to disrupt business operations and cause financial loss as well as to gain access to corporate and personal data. Such losses were estimated last year in excess of $500 billion effecting companies of all sizes.

The impact of a corporate security exposure or breach is staggering and prior implications have proven to result in a loss of revenue, customer confidence and litigation...

Cloud Computing: Expert Advice - How to Up Your Cyber Security

Grazed from Entrepreneur. Author: Ann C. Logue.

The average cost to a U.S. business of a lost or stolen record containing customer information is $201, according to the 2014 Cost of Data Breach Study conducted by the Ponemon Institute for IBM. The most expensive incidents are due to malicious attacks, not to human error or process failure. That’s a problem for your business.

Mega-retailer Target may have had to pay cash to counter its late-2013 data hack, which reportedly affected up to 110 million customers, but it was lucky. Similar breaches have resulted in the destruction of companies. “If you get it wrong, your business can be erased,” says Ken Ammon, chief strategy officer at Xceedium Inc. in Herndon, Va. Xceedium sells platforms used by government and major corporate customers to manage access privileges on information systems...

New Cloud Computing Security Requirements Guide - Part II

Grazed from CCSKGuide. Author: Editorial Staff.

The DoD’s new Cloud Computing Security Requirements Guide (SRG), released by the Defense Information Systems Agency (DISA), replaces their previous Cloud Security Model. The guide outlines an overall “security posture” that directs cloud service providers (CSPs) seeking to work with the DoD. This article is a continuation of a previous one, which introduced the four new information impact levels. Here, we will examine the DoD process of risk assessment of cloud service offerings, as defined by the SRG.

Risk Assessment Process

Shifting to cloud computing means that risk management processes must change as well. The goal is to address requirements and controls, relative to the criticality of DoD information in the external cloud, in a cost effective way. At the same time, it is also to assure the security of DoD core missions and networks in accordance with the DoD RMF...

Cloud Computing: Fortscale and the Enemy Inside

Grazed from VirtualizationReview. Author: Dan Kusnetzky.

Fortscale's Idan Tendler, CEO and co-founder, came by to discuss what his company has been doing since our last conversation at the Splunk user group conference roughly a year ago. Each time I have the opportunity to speak with him, I learn something more about how analysis of the organization's operational and machine logs can help.

This time Tendler pointed out that many of today's security breaches or thefts of customer data can be attributed either to malicious staff behavior, or staff not following the enterprise's data governance or security policies. Staffers are typically given access to many of the organization's data assets...

3 Cloud Computing Security Holes to Watch Out For

Grazed from SmartDataCollective. Author: Natalie Leher.

When your data and files are going to be ‘up there somewhere’, it’s only normal that you’ll want to think security in the cloud. You could of course adopt the strategy of never betting more (data) than you can afford to lose. However, the cost reductions available and the massive move of your competitors to the cloud may force you to use rather more of it than you anticipated. Gotta keep up with the neighbors, right? Well, it turns out that the applications you live next to in cloud computing can also be a source of security risk for you…

1. Not So Nice Neighbors Depending on what kind of cloud computing you want to do, other customers may affect you in a couple of ways. For example, if a multitenant cloud database is not properly designed, a flaw in somebody else’s application may open the door for a hacker to everybody’s data in that database...

Cloud Computing: Israel's Team8 attracts investment for cyber security firms

Grazed from Reuters. Author: Steven Scheer.

Team8, an Israeli venture capital fund focused on the cyber-security industry, said on Tuesday it had raised $18 million in its first round of funding, including investment from Alcatel-Lucent and Cisco . Also participating in the round were Bessemer Venture Partners, Marker LLC and Innovation Endeavors, which was founded by Google executive chairman Eric Schmidt.

Led by veterans of the Israeli army's 8200 intelligence and electronic espionage unit, Team8 aims to develop cyber-security companies that offer more in-depth protection than the usual defence against hacking attempts by generic malware. Bessemer partner David Cowan said that could set them apart from the legions of security start-ups in Silicon Valley...

The Top Two Cloud Computing Security Concerns of 2015

Grazed from CloudWedge.  Author: Sean Shado.

The most cited barrier to entry for cloud into the enterprise continues to be the security concerns involved with an infrastructure overhaul. Many IT decision makers are hesitating on making the switch to cloud as far as mission critical apps are concerned because of the unknown variables posed by cloud security risks. A KPMG report mentions that cloud security is still a top concern as IT executives look for ways to reduce costs.

The report mentions that 45% of respondents said data loss and data privacy were their top hesitations in regards to cloud implementations. What exactly are the biggest cloud computing security risks that will emerge in 2015?...

DISA Releases Cloud Security Requirements

Grazed from FedWeek.  Author: Editorial Staff.

The Defense Information Services Agency has released new cloud computing security requirements for DoD and contractors to follow.  The DoD Cloud Computing Security Requirements Guide (SRG), Version 1 supersedes the Cloud Security Model (CSM) V2.1.

The new SRG includes details on how to transition from the CSM for cloud service providers that are currently being assessed, or that have a provisional authorization. It also applies to all CSP offerings, regardless of who owns or operates the environments, according to DISA...

New Guidelines Highlight Importance of Cloud Computing Security

Grazed from MidsizeInsider. Author: Marissa Tejada.

Keeping sensitive data and information safe is top of mind for the U.S. Department of Defense (DoD). The agency's new cloud computing security requirements are relevant for cloud computing vendors seeking to help midsize firms secure their data.

What the Guidelines Mean

The DoD's new Cloud Computing Security Requirements Guide, released by the Defense Information Systems Agency (DISA), replaces their previous Cloud Security Model. According to WHIR, the guide outlines an overall "security posture" that helps guide cloud service providers seeking to work with the DoD. These new guidelines were designed with agency security in mind, outlining how the public cloud can be utilized without compromising proprietary data...