Cloud Security: The Next-generation Security Framework

Aashish Yadav | August 20, 2022 | 2068 views | Read Time : 02:50 min

Cloud Security: The Next-generation Security Framework

The world is undergoing rapid a digital transformation, and cloudification is also an important part of this transformation. As per Statista, over 60% of all corporate data is stored in the cloud as of 2022. The increased use of the cloud and rapid cloud migration have also raised security-related concerns. This concern is important too. With a rise in the number of businesses adopting the cloud, more and more data will be at risk if cloud security is not taken seriously.


The discipline and practice of securing cloud environments, applications, data, and information are referred to as cloud security or cloud computing security. Cloud security involves protecting cloud environments against unauthorized access, distributed denial of service (DDOS) attacks, hackers, viruses, and other threats. Although cloud security refers to security in cloud settings, cloud-based security is the software as a service (SaaS) delivery model of security services that are hosted in the cloud instead of implemented through on-premise hardware or software.


Cloud Security Challenges: Most Security Professionals Are Finding It Hard to Deal With

According to the TripWire Survey, 76% of cybersecurity experts have found it difficult to manage cloud-related security challenges. A recent Lacework analysis highlights the problems that developers and security professionals have when dealing with cloud security concerns. According to the survey, just one out of every three developers feels that the time they invest in cloud security is productive.

According to these statistics and reports, security experts are struggling to deal with cloud security concerns. The following are some of the common challenges that have hindered the cloud security environment.

Lack of Visibility

One of the biggest challenges for security pros is gaining complete access to the cloud computing system and its data. According to an Ixia study of 338 IT security professionals, less than 20% believed they had complete insight into cloud systems and data packets. According to the same research, 87% of respondents thought that the cloud computing system's lack of visibility led to the complexity of data security threats.

Because several cloud services are used outside of corporate networks as well as through third parties, it's easy to miss the sight of how and by whom your data is being viewed.


Lack of Proper Tools to Manage, Detect, and Prevent Cloud Security Threats

Businesses have only provided mediocre tools that are ill-equipped to combat security tools. A flawless cloud security product should be well-positioned to provide an immediate and clear view of all potential security risks that a business confronts across its cloud computing infrastructure and resources.

Web Application Firewalls, misconfiguration monitors, access control tools, and biometric authentication technologies are good for verifying users' identities and should be accessible to a business. However, SSL certificates, which are a core data encryption tool, are crucial. As a result, security professionals no longer need to be concerned about data security as it moves between cloud storage platforms.


Misconfigurations

In 2019, incorrectly configured assets were responsible for 86% of all records that were compromised, making unauthorized insider access a primary concern for cloud computing systems. It's possible to make an error in setup by, for example, keeping the administrator passwords set to their defaults or failing to provide proper privacy settings.


C-Suite and Cloud Security: Key Strategies


Walking a Thin Line

Never forget that for corporate leaders, it is a continuous challenge to safeguard current revenues and generate a profit by balancing successful business investments with (unprofitable) security investments. They might perceive it as an additional cost, but you must explain why native public cloud security is insufficient and why the obligation to protect their own data cannot be neglected. Data kept on the cloud is no more secure than data maintained elsewhere in the organization. As a result, it is essential to execute extra, targeted security measures in order to fully integrate cloud security protocols with the rest of your security architecture and automate security operations wherever possible.


Consistency Is the Key

Cloud security isn't any different from other types of cybersecurity, so a consistent strategy to maintain security across the whole company, irrespective of where information or applications reside, is necessary. Managing and orchestrating different security methodologies and solutions complicates the security environment, increasing the possibility of errors and vulnerabilities. Emphasize the significance of a consistent, strategic approach to cybersecurity in general.


Make It Visual

While discussing concerns about cybersecurity, non-tech savvy-board members usually drop out. Instead, use their language and structure the discussion around business risk. Highlight how the cloud is just another risk that must be addressed and help board members understand the reality and possible consequences of security issues. For example, show them how common data breaches or loss situations have resulted in CEOs apologizing to the public. This should spark their interest. The idea is to address cloud and cyber risk like any other risk by finding gaps and managing them to the most significant degree possible.


Why Do Businesses Need Cybersecurity Mesh for Cloud Security?

According to Fortune, the worldwide cybersecurity industry will exceed USD 375 billion by 2029. Organizational resources are becoming more likely to be situated outside of an organization's localized security zone, and growth patterns indicate that enterprises of all sizes must be nimble enough to scale quickly without risking network security.

As an organization grows beyond its physical boundaries, each node has become a possible access point that could be utilized to compromise the entire network. Hackers are increasingly launching attacks like ransomware and other types of malware through these insecure access points. The annual cost of such attacks is estimated to be approximately $6 trillion and growing.

The most practical and adaptive solution to dealing with these dangers in an enterprise-level organization is cybersecurity mesh. It extends security throughout your architecture, allowing you to safeguard all systems and access points with a single, unified set of technologies. A cybersecurity mesh can also develop when new threats arise since it is driven by the most recent threat intelligence.

Enterprises require cybersecurity mesh to support core business operations such as:
  • Making use of third-party applications and services
  • Creating new distribution channels
  • Introducing new initiatives


How can you Improve Cloud Security Hygiene?

We believe we understand the concept of hygiene, but how about cloud security hygiene? Although our computers don't have teeth to brush, that concept provides a starting point for a different view of security hygiene. If you have a task that you must complete on a regular basis, you must complete it everywhere. It is not acceptable to clean your teeth just once a year or to brush only the front teeth. Similarly, you cannot patch software or verify your security setups just once a year or simply for your most visible systems.

Suggestions for smarter and more systematic cloud security hygiene:
  • Sort the categories of cloud coverage
  • Determine the range of your controls.
  • Consider the situation within your cloud.
  • Cancel the confidence!


Least Privilege Access for Cloud Security

The POLP (Principle of Least Privilege) also known as POLP, is an essential security principle. When it comes to public cloud security, the Principle of Least Privilege approach states that all identities, both human and non-human, should be permitted the least amount of access necessary to carry out their respective tasks. Moreover, an often overlooked guideline is that those identified should provide access for just the period required to fulfill their mission.

Why should you consider implementing Least Privilege?

  • Protect Against Risks
  • Limit Damage
  • Classify Data
  • Improve Security
  • Reduce Liability


Must-Have Cloud Computing Security Features

Companies of all sizes must be hyper-vigilant when it pertains to cybersecurity, regardless of whether they utilize traditional on-premises technology or cloud-based infrastructure. Businesses are at the mercy of hackers due to slow responses to cyber-attacks and ineffective security measures.

According to Economist data, "the average duration between an attacker breaching a network and its owner discovering the intrusion is 205 days." During that period, hackers can cause immeasurable damage to the company and its consumers.

The issue is that putting in place robust security features might be cost-prohibitive for the organization making the investment. Utilizing a cloud service provider can reduce the substantial upfront capital costs associated with cutting-edge cyber security measures.

Must-have cloud computing security features are as follows:
  • Top-of-the-Line Perimeter Firewall
  • Intrusion Detection Systems with Event Logging
  • Internal Firewalls for Individual Applications and Databases
  • Data-at-Rest Encryption
  • Tier IV Data Centers with Excellent Physical Security


Closing Lines

Since most businesses already use cloud services in some way or another, cloud security has become a necessity. Gartner predicted that the worldwide market for public cloud services would rise 23.1% in 2021, reflecting the rapid pace of adoption of these services.

Protecting data and business data, like customer orders, confidential design blueprints, and financial records is a critical component of cloud security. Preventing data breaches and theft is crucial for retaining your customers' confidence and safeguarding the assets that lead you to a competitive edge.


FAQ

What is the most reliable form of cloud computing security?

Encryption is among the most effective ways to protect your cloud computing platforms. There are numerous ways to use encryption, and they can be provided by a cloud provider or by a separate cloud security solutions supplier.


How is cloud security provided?

To safeguard your data, cloud service providers employ a variety of approaches. Firewalls are an essential component of cloud infrastructure. Firewalls safeguard the edge of your network security as well as your end users. Firewalls also protect traffic between various cloud-based apps.


What are the three most important areas of cloud security?

Below are the key areas for cloud computing security. If your cloud provider's solution lacks security in any one area, your company's important data might be at risk.
  • Physical Security
  • Software Security
  • Infrastructure Security

Spotlight

Testpoint™

Testpoint™ is a leader in delivering Enterprise Quality Assurance and Software Testing services, driving efficiency, governance and speed to market as a vantage point for its customers utilising its vansah™ technology platform. Testpoint™ assures technology for re-platforming, solution upgrades and modernisation with confidence of real-time decision making, IT cost optimisation, visibility to quality and alignment to strategic business outcomes.

OTHER ARTICLES
Data Security, Platform Security, Software Security

Transformative Cybersecurity Detection Reshapes the Battle Against Constantly Evolving Cyber Threats

Article | March 29, 2023

Embrace cybersecurity as transformative detection techniques to revolutionize the fight against ever-changing cyber threats. In an interconnected world, cybersecurity poses a growing threat to businesses, capable of wreaking havoc on their operations, reputations, and financial standings. Cyber threats have reached alarming levels, affecting every industry. Successful attacks can lead to data theft, financial losses, reputational damage, and business disruption. These sophisticated attacks exploit vulnerabilities in digital infrastructure. Yet, the challenge of cybersecurity extends beyond the mere presence of threats. It lies in the relentless evolution and adaptability of these malevolent forces. Traditional security measures, once considered sufficient, are now rendered ineffective against their cunning tactics. The landscape of cybercrime is a perpetually shifting entity, leaving organizations in a constant state of vulnerability. At the onset of the COVID-19 pandemic, organizations witnessed a significant surge in cyber threats or alerts, with 61% reporting a substantial increase of 25% or more. With users accessing cloud applications and corporate networks remotely, hackers actively sought to exploit potential security gaps. Protecting Businesses: The Importance of Cybersecurity Detection Early threat detection is a fundamental aspect of effective cybersecurity. By closely monitoring network traffic, system logs, and user behavior, businesses can swiftly detect suspicious activities that may signal an ongoing or imminent cyber-attack. Such proactive detection enables organizations to respond promptly, mitigating potential financial losses from data breaches, system downtime, regulatory fines, legal battles, and reputational damage. For businesses entrusted with sensitive customer data, cybersecurity detection plays a vital role in maintaining trust and complying with data protection regulations. By monitoring data access, identifying unauthorized activities, and promptly detecting breaches or data exfiltration attempts, organizations can safeguard customer information and avoid legal complications. Moreover, cybersecurity detection protects a company's intellectual property, ensuring the integrity of trade secrets, proprietary algorithms, and other confidential information. By effectively identifying and preventing unauthorized access or theft attempts, businesses can maintain their competitive advantage. Compliance with industry regulations is an essential consideration for businesses. Cybersecurity detection helps companies demonstrate proactive measures in detecting security incidents and potential data breaches, ensuring adherence to data security and privacy requirements and avoiding penalties, legal liabilities, and reputational damage associated with non-compliance. Furthermore, effective cybersecurity detection enhances reputational trust. Businesses that invest in robust detection measures are committed to safeguarding sensitive information, thus fostering trust among customers, partners, and stakeholders. Guard Against Cyber Threats with onShore Security’s Panoptic Cyberdefense Panoptic Cyberdefense by onShore Security is a Managed Cybersecurity Detection solution that recognizes security as an ongoing process, not just a mere product. For effective cybersecurity operations, round-the-clock monitoring is required using Security Operations Center (SOC) offered by onShore’s cyberdefence solution. To maximize visibility, businesses need to immediately respond to security threats while also requiring to identify non-threatening data. Leveraging Panoptic Cyberdefense helps streamline identifying, monitoring, and detecting cyber threats. During a conversation with Media 7, Stel Valavanis, CEO, onShore Security highlighted the impact of cyber threats and talked about cybersecurity detection solutions. We have developed our detection platform, the Panoptic Sensor and the Panoptic SIEM over many battle-hardened years. And the process is well-oiled, as you can imagine, involving tiers and workflow communication for alerting, analysis, tuning, and threat-hunting. As cyber threats evolve in complexity and frequency, businesses must remain vigilant in safeguarding their digital assets. onShore Security's Panoptic Cyberdefense offers a comprehensive suite of solutions, including Panoptic Sensor and the Panoptic SIEM, to help organizations mitigate risk, protect sensitive data, elevate their security team, and meet compliance requirements. Through Panoptic Sensor, organizations gain proactive threat intelligence, enabling the early detection and prevention of potential security breaches. Complementing this, the Panoptic SIEM provides powerful analytics and monitoring capabilities, empowering businesses to swiftly identify, investigate, and respond to security incidents. To navigate complex data protection and privacy regulations, minimizing the risk of non-compliance penalties and legal ramifications is needed. Panoptic Cyberdefense offers three levels of cybersecurity detection. The levels of detection, response and analysis include managed detection and response (MDR), second level has both network detection response (NDR) + MDR, and the third level is security orchestration. Harness the Power of Detection By integrating detection capabilities into every layer of protection systems, including user involvement, businesses can establish a formidable defense against cyber threats. Consolidating data from various sources into a centralized platform for analysis becomes essential. Implementing a managed detection and response process enables continuous analysis of this data, empowering early detection of potential attackers and facilitating ongoing security enhancements. Collaborating with government and industry partners can further demonstrate a commitment to high-security standards and compliance requirements. Remaining prepared for potential attacks is crucial. In the event of an incident, prompt response becomes paramount. Equipped with comprehensive data providing attestation of methods and impact, organizations can swiftly and effectively address any cybersecurity breaches.

Read More
Data Security, Platform Security, Software Security

Identity-Based Authentication Sets New Industry Standards for Secure and Streamlined User Onboarding

Article | August 12, 2022

Embrace the transformative power of identity-based authentication to establish new industry standards for safe and seamless user onboarding processes, enhancing security, workflows & user experience. The increasing adoption of decentralized identity systems, including blockchain-based solutions, introduces intricate challenges in the verification and authorization of identities across distributed networks. During interoperability, the threat to privacy and security within these systems is emerging at an alarming rate that requires urgent attention. Additionally, combating synthetic identity fraud poses a significant hurdle as fraudsters adeptly combine genuine and false information, making it arduous to differentiate between authentic and fraudulent identities. Deepfakes are the rising concern, which generate remarkably realistic audio, video, or images, mimicking genuine individuals and heightening the difficulty of detecting and preventing impersonation attacks. Password fatigue stems from the constant need to create and remember multiple passwords, leading users to choose weak or reused ones. Reusing passwords increases the risk, as compromising one account grants access to others. Password theft is a concern, with attackers employing phishing attacks and malware. A study by Google found that passwordless authentication can reduce password-related help desk tickets by up to 60%. (Source: PYMNTS) Complex password requirements can be challenging, pushing users towards weaker options. Password resets are time-consuming and frustrating. Solutions should alleviate fatigue, promote secure practices, and offer robust protection against theft and unauthorized access. All service providers or product companies confront a common challenge in this novel era of vulnerabilities, the question of creating an optimal and seamless user onboarding cycle while adhering to the necessary standards. This keeps them up at night as they attempt to find the optimal balance between seamless and secured-data onboarding. In this digital age, identity-secure data is the most valuable asset and a transformative resource. Organizations with data stored in cloud storage and password-based authentication systems are vulnerable to cybercrime. These are susceptible to numerous security threats, including phishing, social engineering, and brute-force attacks. These hazards may result in security breaches and sensitive data loss. Additionally, password management becomes burdensome for users, resulting in password fatigue, weak practices, and IT department involvement for password resets. This impacts user experience and productivity. Identity-Based Authentication (IBA) comes into action while implementing this secure identity verification. To ensure widespread adoption of IBA, the industry must standardize two crucial aspects of identity: ‘Identification Verification’ and ‘Passwordless Authentication’. Automating identity verification fundamentally transforms the onboarding work processes by shifting administrative burden to user endpoints and automating data capture, credential validation, and document workflow. This leads to increased user satisfaction and faster access to required services, driving efficiency and reducing the time to generate revenue for customers. BlockID Verify by 1Kosmos prevents such fraudulent accounts through an identity proofing process that verifies identity anywhere, anytime, and on any device with over 99% accuracy, thereby preventing the use of stolen or synthetic identities during customer onboarding. During a conversation with Media 7, Michael Cichon, CMO, 1Kosmos stressed on the implementation of identity proofing and authorization. At 1Kosmos we bring our solutions to the market through three distinct products. One product focuses on workforce authentication, another caters to business-to-consumer use cases, and the third product revolves around self-service identity proofing. These give organizations the ability to remotely verify an identity on the web with a high level of assurance, and then verify that identity at every access attempt. Onboarding users with security and data protection is a critical activity. It is a one-time action that must be combined with an authentication mechanism for long-term identity to be genuinely effective. Organizations with data stored in cloud storage and password-based authentication systems are vulnerable to cybercrime. While these are susceptible to numerous security threats, including phishing, social engineering, and brute-force attacks, these hazards can result in security breaches and sensitive data loss. A recent report by Verizon demonstrated that 61% of all data breaches are caused by compromised credentials. (Source: 1Kosmos) The catch that robust identity verification alone does not guarantee future authentication, calls for FIDO (Fast Identity Online). It is backed by an industry-leading organization 1Kosmos, which provides solutions for Identity Based Authentication. FIDO uses cryptography in the form of a public and private key to authenticate a user. With FIDO2 authentication, employees can authenticate into corporate systems and applications using their personal devices. This eliminates the need for conventional passwords and reduces the likelihood of security vulnerabilities resulting due to password-related attacks. With FIDO2, the user's keys are stored on their devices and not the service provider's server and thus proves to be less vulnerable to identity theft and phishing attempts. This is where the password to cryptographic passkeys adoption comes into picture. BlockID Workforce by 1Kosmos implements password-less authentication using FIDO, and has thus become a necessity, adopting self-service identity verification serving as a credential service provider. The ‘Identity Proofing’ together with ‘Passwordless Authentication’ results in a seamless user experience addressing credential theft, eliminating unauthorized users logging in corporate IT network and thus preventing data breaches, financial fraud, and ransomware.

Read More
Software Security

Urgent Redefinition of Data Loss Prevention to Address Increasing Global Data Threats

Article | September 6, 2023

Discover the significance of data protection in today's vulnerable world. Gain insights into the far-reaching impacts of data loss and the importance of proactive data security practices for businesses. Understanding Data Protection’s Significance in an Ever-Vulnerable World In today's highly competitive business landscape, organizations must recognize the immense value of their data resources and prioritize implementing robust data protection measures. Safeguarding data from external threats and internal vulnerabilities is paramount to ensuring businesses' smooth and secure operations. In an era of increasingly complex IT environments, data protection becomes an increasingly challenging endeavor, necessitating organizations to maintain a vigilant stance in safeguarding their critical information. According to Ponemon Institute statistics, 77% of companies are woefully ill-prepared and planned when it comes to thwarting an attack or a data breach. Protecting sensitive data, such as intellectual property, personally identifiable information, and financial records, poses a significant challenge for organizations. The modern workplace, characterized by extensive data collaboration across networks, devices, and applications, further amplifies the risk of data security incidents. Furthermore, limited resources often hinder organizations from keeping pace with the ever-growing array of data security risks. However, as data volumes continue to expand, the escalating concerns surrounding data protection highlight the severe consequences organizations face in terms of financial loss, reputational damage, and legal repercussions resulting from data breaches. To mitigate these risks, they must adopt a proactive approach to data protection. This encompasses the implementation of robust security protocols, using encryption technologies, conducting regular security audits, and providing ongoing employee training on data security best practices. This proactive approach enables businesses to operate with greater confidence, trust, and resilience. It is important to note that organizations must view data protection as an essential aspect of their overall business strategy and continually adapt and improve their data security practices. Only by protecting their data can organizations maintain a competitive edge, preserve customer trust, and uphold their reputation as reliable and secure entities in the marketplace. The Far-Reaching Impacts of Data Loss Data protection is a critical concern that applies to organizations of all sizes, and falling into the trap of thinking it only affects large enterprises can have devastating consequences. In fact, small businesses are often targeted by data theft attempts, as they may have fewer resources and can be more susceptible to attacks. Failing to keep up with data security measures and strategies results in severe repercussions for businesses. It damages their reputation, increase operational downtime, leave sensitive data unprotected, and even attract legal action. With organizations increasingly relying on cloud and online transactions, cyber threats now pose a significant risk to data integrity. Data breaches can lead to the theft of valuable information, which can be sold to other parties or used for fraudulent activities. The financial impact of these breaches and losses is substantial. When a company fails to protect its sensitive information and allows data breaches to occur, it not only incurs financial losses but also experiences a significant blow to its reputation. Dissatisfied customers may take their business elsewhere, resulting in decreased revenue. Communicating a data loss incident to customers, while essential, can also erode trust and lead to discontentment. This can further drive customer churn and harm the business's overall reputation, especially if customer data is compromised. Rebuilding customer relationships in the aftermath of a data loss incident requires significant time and resources, as the consequences can persist for years. Data Loss Prevention: An Essential Ingredient Data loss prevention (DLP) is an integral part of a comprehensive data protection strategy, aiming to prevent unauthorized access, use, or disclosure of sensitive data. A well-implemented DLP system can help organizations proactively safeguard their data, mitigate risks, and avoid the aftermath of data loss incidents. As Alexey Raevsky, CEO, Zecurion rightly stated in an interview with Media7, If any organization has a mature DLP in place, there is no need of combating the aftermath of data loss. A robust DLP system comprises advanced security protocols, encryption technologies, and continuous monitoring mechanisms. These components work together to identify vulnerabilities, prevent data breaches, and address potential threats. The other key advantage of an effective DLP system is establishing and enforcing stringent access controls. This ensures that only authorized individuals can access and manipulate sensitive data, reducing the risk of data breaches caused by internal or external factors. Encryption technologies employed by DLP systems further enhance data protection by securing data at rest and in transit, making it challenging for malicious actors to compromise sensitive information. Navigating Data Protection World with Enterprise DLP ‘Zecurion’ An enterprise DLP system offers a comprehensive solution designed to address organizations' complex data landscapes and security challenges. It provides centralized control and visibility over data across multiple systems, networks, and endpoints within the enterprise. Organizations can effectively manage and protect data throughout its lifecycle, regardless of location or format, by implementing a unified DLP framework. This is where Zecurion becomes essential. It is a next-gen DLP provider that specializes in researching, investigating, and monitoring activities to prevent data loss incidents. Its DLP solution offers various features to enhance data protection and incident response: User Behavior Analytics (UBA) with fast risk-based assessment: This feature provides visibility into employee activities and evaluates them based on parameters such as risk, productivity, policies, and emotional state. The Security Officer can closely monitor high-risk employees while allowing low-risk ones to operate with fewer limitations. Screen Photo Detector: This feature detects attempts to photograph a screen using a smartphone by utilizing webcams. It employs two neural networks to ensure reliable smartphone detection and quickly identifies cybersecurity incidents in a fraction of a second. Investigation Workflow Automation: This module simplifies investigations and streamlines the incident response cycle. It provides a comprehensive view of ongoing tasks, including their statuses, relevant data, assigned personnel, and deadlines. Cybersecurity team members can collaborate, leave comments, discuss progress, and attach supporting documents and incidents for efficient and effective incident resolution. Stand Out from Completion with the Next-Gen DLP Zecurion stands out from its competitors due to its ease of implementation and successful use cases demonstrating its instrumental value. One notable example is its pivotal role in a recent forensic investigation conducted for an oil refinery. The investigation uncovered fraudulent activities by intermediaries selling the refinery's products at inflated prices. Zecurion's DLP solution played a critical role in identifying the involvement of a group of managers, including a C-level executive, who had gone to the extent of forging documents to conceal their actions. A financial and legal audit conducted with the help of Zecurion revealed that the fraudsters' actions had resulted in a loss of over $25 million for the organization. The DLP solution proved invaluable in enabling the refinery to take legal action against the perpetrators and terminate the employment of the three key individuals involved in the scam. The success of Zecurion's DLP solution in this particular use case further establishes its reputation as a trusted and effective solution for safeguarding organizations against data loss and fraudulent behavior. Privacy and Protection: Balance is Crucial It is important to note that while organizations must prioritize data security, balancing security measures and respecting employee privacy and autonomy is equally important. While a robust data security framework is essential and ensures that sensitive information is adequately protected, employees must feel that their personal information is handled with care and that their privacy is respected. This can be achieved through clear and transparent data usage policies, consent-based data collection practices, and strict adherence to data protection regulations. Organizations can create a culture of trust and accountability by establishing these guidelines and practices, instilling confidence among employees that their privacy is valued and protected. Additionally, organizations can foster a culture of data security awareness and education among employees. Regular training and updates on data security best practices can turn employees into proactive participants in maintaining a secure work environment. This not only enhances data security but also cultivates a sense of shared responsibility and accountability among employees. When employees feel that their privacy is respected and they are given the autonomy to perform their duties effectively, they are more likely to adhere to data security protocols and actively contribute to the organization's overall security posture.

Read More
Network Threat Detection

Software Supply Chain Attacks: How Can Code Signing Help?

Article | July 12, 2023

Software supply chain attacks, such as the recent one involving MOVEit Transfer, are a serious issue for modern enterprises. Their dependency on third-party software makes it difficult to successfully vet the security integrity of every product used by enterprises. Software is especially difficult to assess securely, as it can be modified through updates throughout its lifecycle. For threat actors, targeting popular enterprise software tools is a lucrative and time-efficient way to gain access to the systems of a large number of corporate users. Verifying the integrity of software, and using attestation services, is one way to minimize the threat surface. So how can these concepts be leveraged in software? Software integrity (also known as code integrity) refers to the quality of the source code and allows the determination of the safety, security, and reliability of the software. It can mean that the code is unaltered by unauthorized parties, or it can also provide protection against hacks and guarantee privacy. Integrity checking can be relatively complex, but includes, at a minimum (from a security perspective), security features and ensures that security vulnerabilities have been eliminated. It does what it should, can be tested, and is easy to understand and edit, without introducing new errors or flaws. There are code analysis tools that can enable this. Beyond that, the code can be signed through the application of a digital signature to seal that integrity check. This can happen several times during the lifetime of that software: at production, for upgrades and patching, etc. This provides assurance that the software came from the developer and that it has not been changed in an unauthorized manner. This proof of authenticity becomes important in supply chain scenarios, and can be an important tool for brand protection of the developers. Code signing makes use of digital certificates; the signature is cryptographically hashed and packaged in a certificate. This certificate can then be verified by the user of the software through a Public Key Infrastructure (PKI), with a certificate authority validating (or refuting) the applied signature. There are various types of code signing certificates: standard and extended. The latter involves a more complex process and stricter requirements for validation and key management. Software attestation is essentially the other side of that process. It’s a trust mechanism that allows the user to independently validate the integrity asserted by a provider. Attestation might require not just the vendors name, version of the software, and origins of the code, but also other software artifacts, such as statements to the effect that they have followed secure development practices, information on external dependencies used to build it, the build process itself, the test suites that were run, and any security checks passed. Together, these artifacts form the metadata of the software, which then can be independently signed. A PKI can then be leveraged to verify the applied digital signature. There are software attestation standards that can be leveraged, including open ones (in-tot and Binary Authorization being two popular ones). The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is working on a self-attestation form (Secure Software Development Attestation Common Form) for software producers serving the federal government. The form will require them to confirm implementation of specific security practices. This was following the White House’s 2021 Executive Order 14028 and the Office of Management and Budget’s (OMB) M-22-18, “Enhancing the Security of the Software Supply Chain through Secure Software Development Practices.” Digital signatures for code integrity and software attestation will increasingly be in demand, especially as governments on both sides of the Atlantic (in the European Union and the United States) are pushing for policy and regulation on mandatory Software Bills of Materials (SBOMs). The goal is to make software developers and device manufacturers accountable for the components that make up their products. An SBOM will have to list known vulnerabilities associated with each component (open source and third party), pushing security rights to the forefront of product development. This visibility will allow for product development teams, DevOps, and implementers to address vulnerabilities and thereby strengthen security. SBOMs will likely form part of the software’s metadata, so signing will have a role to play here. In short, code signing and software attestation can both confer a level of security that can minimize the threat of a supply chain attack. It’s important to keep in mind, however, that they won’t address all issues, and will not be 100% fool-proof either. Of course, threat actors know this, and many are already targeting the code signing process in order to inject malicious code. This requires threat actors to compromise development platforms where code signing takes place. Ultimately, the use of digital signatures, from creation to management, is another aspect that will need to be secured from a developer perspective. DevSecOps will also have an important role to play here in order to avoid such malicious tactics, thereby providing a holistic security context for using digital signatures. But there is no doubt that digital signatures are a key technology for code integrity and software attestation, and will have a positive impact on thwarting the progress of supply chain attacks, if used widely. Sources: CISA WH EO 14028 OMB

Read More

Spotlight

Testpoint™

Testpoint™ is a leader in delivering Enterprise Quality Assurance and Software Testing services, driving efficiency, governance and speed to market as a vantage point for its customers utilising its vansah™ technology platform. Testpoint™ assures technology for re-platforming, solution upgrades and modernisation with confidence of real-time decision making, IT cost optimisation, visibility to quality and alignment to strategic business outcomes.

Related News

Data Security, Platform Security, Software Security

Laminar Adds SaaS and Deepens Data Warehouse Support for its Data Security Platform

Businesswire | July 20, 2023

Laminar, the leading agile data security platform provider, today announced it has added Microsoft SharePoint Online and Google BigQuery to its existing support for Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure, and Snowflake. The additions make the Laminar Data Security Platform the first and only cloud-native data security solution to support all major cloud service providers (CSPs), leading data warehouses, and common software-as-a-service (SaaS) applications used by today’s top enterprises. The cloud’s limitless potential is rooted in the data that an organization has, and what they do with it. To power innovation, 94% of enterprises use cloud services and applications. Microsoft SharePoint is the third most popular enterprise application, with 65% of its users adopting the cloud version, SharePoint Online. Employees routinely collaborate on shared content, and developers work with it as well to automate business processes, track progress, and share information across departments or with partners. Similarly, Google BigQuery is one of the top three data warehouse solutions. It is a powerful analytics platform that excels at processing and analyzing massive volumes of data quickly and efficiently. With its scalable architecture and advanced querying capabilities, BigQuery enables organizations to gain valuable insights from their data in real time, empowering data-driven decision-making and accelerating business growth. Both solutions enable developers, data scientists, and other innovators to be creative and extract the maximum value from their operational data. For instance, business intelligence staff may use these tools to analyze customer purchase patterns or sales trends, while data scientists may look out for hidden associations within the data to inform new strategies. Unfortunately, these same activities also open organizations up to significant risk by generating unknown or “shadow” data — a top concern for 93% of data security and governance professionals. Data security needs to be agnostic to the infrastructure in which data resides. Security posture must also travel with the data, as it moves through the cloud and the related data warehouses and applications. By adding support for Microsoft SharePoint Online and Google BigQuery, customers using the Laminar Data Security Platform can now discover, classify, and secure data in even more environments. Thus, data security and governance teams can see and secure their organizations’ data consistently across the entire digital landscape. "Data security is different, and more challenging in the cloud. Shadow data is everywhere and data security pros want to know where their sensitive data is, how it is accessed, used, and protected. Whether its structured, unstructured, managed, in SaaS, data warehouse, or embedded database” said Amit Shaked, CEO and Co-Founder, Laminar. “They are not experts in SaaS/PaaS/IaaS and certainly not individual data storage services. They want visibility into all their cloud data from a single source. Our continued support for the diversity of cloud environments, including now SaaS, means customers can have a unified, consistent approach to data security.” The news continues Laminar’s ongoing product innovation, following the announcement of support for GCP and Snowflake, as well as data detection and response (DDR) and data access governance (DAG) capabilities. About Laminar Laminar is the leading agile data security platform and provides organizations with the visibility and control they need to achieve data security, governance, and privacy in the cloud. Our cloud-native data security solution continuously discovers and classifies all cloud data, structured and unstructured, across managed and self-hosted data stores, including unknown shadow data, without the data ever leaving your environment. It analyzes access, usage patterns, and security posture, and provides actionable, guided remediation for data security risk. Laminar connects to your multi-cloud environment including AWS, Azure, GCP, Snowflake, BigQuery and SaaS applications via APIs and is agentless, asynchronous, and completely autonomous.

Read More

Network Threat Detection

Kyndryl Announces Strategic Global Alliance with Palo Alto Networks to Provide Industry Leading Network and Cybersecurity Services

PR Newswire | October 04, 2023

Kyndryl (NYSE: KD), the world's largest IT infrastructure services provider, today announced a strategic global alliance with Palo Alto Networks to provide end-to-end network and cybersecurity services, including the launch of a new service offering, powered by Prisma SD-WAN for enterprises and Industry 4.0 customers. The alliance brings together Palo Alto Networks industry-leading platform security capabilities with Kyndryl's advanced network security services expertise to design, build, manage, and modernize mission-critical networking for customers across industries. The companies are joining forces to capitalize on emerging opportunities in the SD-WAN infrastructure market that IDC estimates will grow at a compound annual growth rate of 10.1% through 2027. As the demands of enterprise mobility accelerate, enterprises are looking for greater operational agility to support their digital transformation. Businesses need to support the growing number of devices used to access the corporate network and cloud-based applications, while also meeting evolving security and compliance requirements. Kyndryl and Palo Alto Networks are partnering to help businesses deliver consistent security and an enhanced user experience for customers everywhere, and across industries such as services, manufacturing, energy, healthcare, and retail. Kyndryl's new SD-WAN offering, powered by Prisma SD-WAN, will enable customers to transform and modernize their networks and meet the growing bandwidth demands of the proliferation of devices and cloud traffic. The new approach to network connectivity will provide a single pane of glass management to their networks, and simplifies deployment to branch-offices and edge services. By helping customers transition into a flexible and scalable network, Kyndryl will be able to help enterprises build a roadmap and incorporate new security paradigms such as SASE with Kyndryl Consulting services. At Kyndryl, we are at the forefront of helping enterprises with their network transformation to meet the growing trends of remote work, multi-devices usage, and cloud and data access. As organizations move away from traditional hardware-centric models to OPEX consumption models, the need for agile, highly secure and reliable networks is imperative, said Stephen Leonard, SVP of Global Strategic Alliances, Kyndryl. We are delighted to partner with Palo Alto Networks to provide robust and versatile network security services that will provide many benefits to our customers. "Together with Kyndryl, we are enabling enterprises to digitally transform confidently and innovate securely, while reaping the benefits of consolidating disparate security solutions into an integrated, best of breed platform," said Prem Iyer, SVP of Global Ecosystems for Palo Alto Networks. "We are committed to helping our joint customers achieve better security outcomes while protecting the modern connected organization from increasingly sophisticated attacks." The global partnership between Kyndryl and Palo Alto Networks builds on the companies' established collaboration around security services and solutions. In July Kyndryl launched its new Security Operations as a platform (SOaap) solution leveraging Palo Alto Networks Cortex technology to drive operational savings and time-to-value through automation and orchestration. Earlier this year, Kyndryl and Palo Alto Networks, together with Nokia, established an innovation lab in support of joint enterprise customers. By the end of the year, customers will be able to view innovative industrial edge use cases running on cloud, 4.9G/LTE and 5G private wireless connectivity. This will include remote manufacturing process control and real-time analytics on factory production sites, provisioning and management of mobile devices to improve the employee and frontline worker experience for onboarding and communication, and IT and OT security integration for worker safety and operational efficiencies. Kyndryl's industrial edge platform will be integrated with a multi-factor zero trust model built on Palo Alto Networks next-generation firewalls, run on Nokia's MXIE Industrial edge as part of Nokia Digital Automation Cloud (DAC)'s solutions, and with end-to-end managed services provided by Kyndryl. About Kyndryl Kyndryl (NYSE: KD) is the world's largest IT infrastructure services provider, serving thousands of enterprise customers in more than 60 countries. The company designs, builds, manages and modernizes the complex, mission-critical information systems that the world depends on every day. For more information, visit www.kyndryl.com.

Read More

Platform Security

BeyondID Introduces Identity-First Model for Zero Trust Maturity

PR Newswire | October 04, 2023

BeyondID, a leading managed identity solutions provider, today announced the industry's first solution that accurately conveys the true nature of identity within the zero trust security framework. BeyondID's Identity Fabric Model for Zero Trust promises optimal threat detection, investigation, and round-the-clock remediation via the BeyondID Security Operations Center (SOC). The Zero Trust Maturity Model by CISA has gained widespread acceptance and acknowledges the importance of identity as a pillar in modern security, but it undervalues the critical role of identity in ensuring security, stated Arun Shrestha, co-founder and CEO of BeyondID. The effectiveness of your security posture depends on how quickly and accurately you can detect behavioral discrepancies, as recent high-profile security breaches demonstrate. Zero trust cannot be achieved without identity as the fabric. BeyondID is the first managed identity services provider delivering a holistic approach to zero trust. Its Identity Fabric Model supports seamless user experience outcomes by implementing a strong digital identity strategy across the board from devices to network, to apps and workload, to data. This holistic approach ensures optimal threat detection, continuous compliance, risk mitigation, and a high return on IT and security investments. The company also announced that it can provide organizations with the breach protection they need, including a service that can identity, isolate and remediate threats in as little as seven days. Utilizing BeyondID's SOC enables companies to get their zero trust solution up and running quickly, offering 24x7 protection from the persistent threat of cybersecurity attacks. As an esteemed Okta Apex Partner and Okta's most trusted implementation ally, BeyondID is committed to modernizing identity management and digital transformation. BeyondID is launching its next-gen zero trust services at Oktane23. Oktane23 attendees will be offered an exclusive, complimentary Zero Trust Assessment. About BeyondID BeyondID is a leading managed identity services provider that the most successful brands trust to bring their digital identity strategies to life. BeyondID helps organizations streamline their adoption process and ensure their implementations are secure, agile, and future proof. A few of the valued customers that trust BeyondID to keep their organizations secure include ATN International, Discount Tire, Johnson Financial Group, Major League Baseball, Mayo Clinic, Northern Trust, TDECU, and VF Corp. More information about BeyondID can be found at www.BeyondID.com.

Read More

Data Security, Platform Security, Software Security

Laminar Adds SaaS and Deepens Data Warehouse Support for its Data Security Platform

Businesswire | July 20, 2023

Laminar, the leading agile data security platform provider, today announced it has added Microsoft SharePoint Online and Google BigQuery to its existing support for Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure, and Snowflake. The additions make the Laminar Data Security Platform the first and only cloud-native data security solution to support all major cloud service providers (CSPs), leading data warehouses, and common software-as-a-service (SaaS) applications used by today’s top enterprises. The cloud’s limitless potential is rooted in the data that an organization has, and what they do with it. To power innovation, 94% of enterprises use cloud services and applications. Microsoft SharePoint is the third most popular enterprise application, with 65% of its users adopting the cloud version, SharePoint Online. Employees routinely collaborate on shared content, and developers work with it as well to automate business processes, track progress, and share information across departments or with partners. Similarly, Google BigQuery is one of the top three data warehouse solutions. It is a powerful analytics platform that excels at processing and analyzing massive volumes of data quickly and efficiently. With its scalable architecture and advanced querying capabilities, BigQuery enables organizations to gain valuable insights from their data in real time, empowering data-driven decision-making and accelerating business growth. Both solutions enable developers, data scientists, and other innovators to be creative and extract the maximum value from their operational data. For instance, business intelligence staff may use these tools to analyze customer purchase patterns or sales trends, while data scientists may look out for hidden associations within the data to inform new strategies. Unfortunately, these same activities also open organizations up to significant risk by generating unknown or “shadow” data — a top concern for 93% of data security and governance professionals. Data security needs to be agnostic to the infrastructure in which data resides. Security posture must also travel with the data, as it moves through the cloud and the related data warehouses and applications. By adding support for Microsoft SharePoint Online and Google BigQuery, customers using the Laminar Data Security Platform can now discover, classify, and secure data in even more environments. Thus, data security and governance teams can see and secure their organizations’ data consistently across the entire digital landscape. "Data security is different, and more challenging in the cloud. Shadow data is everywhere and data security pros want to know where their sensitive data is, how it is accessed, used, and protected. Whether its structured, unstructured, managed, in SaaS, data warehouse, or embedded database” said Amit Shaked, CEO and Co-Founder, Laminar. “They are not experts in SaaS/PaaS/IaaS and certainly not individual data storage services. They want visibility into all their cloud data from a single source. Our continued support for the diversity of cloud environments, including now SaaS, means customers can have a unified, consistent approach to data security.” The news continues Laminar’s ongoing product innovation, following the announcement of support for GCP and Snowflake, as well as data detection and response (DDR) and data access governance (DAG) capabilities. About Laminar Laminar is the leading agile data security platform and provides organizations with the visibility and control they need to achieve data security, governance, and privacy in the cloud. Our cloud-native data security solution continuously discovers and classifies all cloud data, structured and unstructured, across managed and self-hosted data stores, including unknown shadow data, without the data ever leaving your environment. It analyzes access, usage patterns, and security posture, and provides actionable, guided remediation for data security risk. Laminar connects to your multi-cloud environment including AWS, Azure, GCP, Snowflake, BigQuery and SaaS applications via APIs and is agentless, asynchronous, and completely autonomous.

Read More

Network Threat Detection

Kyndryl Announces Strategic Global Alliance with Palo Alto Networks to Provide Industry Leading Network and Cybersecurity Services

PR Newswire | October 04, 2023

Kyndryl (NYSE: KD), the world's largest IT infrastructure services provider, today announced a strategic global alliance with Palo Alto Networks to provide end-to-end network and cybersecurity services, including the launch of a new service offering, powered by Prisma SD-WAN for enterprises and Industry 4.0 customers. The alliance brings together Palo Alto Networks industry-leading platform security capabilities with Kyndryl's advanced network security services expertise to design, build, manage, and modernize mission-critical networking for customers across industries. The companies are joining forces to capitalize on emerging opportunities in the SD-WAN infrastructure market that IDC estimates will grow at a compound annual growth rate of 10.1% through 2027. As the demands of enterprise mobility accelerate, enterprises are looking for greater operational agility to support their digital transformation. Businesses need to support the growing number of devices used to access the corporate network and cloud-based applications, while also meeting evolving security and compliance requirements. Kyndryl and Palo Alto Networks are partnering to help businesses deliver consistent security and an enhanced user experience for customers everywhere, and across industries such as services, manufacturing, energy, healthcare, and retail. Kyndryl's new SD-WAN offering, powered by Prisma SD-WAN, will enable customers to transform and modernize their networks and meet the growing bandwidth demands of the proliferation of devices and cloud traffic. The new approach to network connectivity will provide a single pane of glass management to their networks, and simplifies deployment to branch-offices and edge services. By helping customers transition into a flexible and scalable network, Kyndryl will be able to help enterprises build a roadmap and incorporate new security paradigms such as SASE with Kyndryl Consulting services. At Kyndryl, we are at the forefront of helping enterprises with their network transformation to meet the growing trends of remote work, multi-devices usage, and cloud and data access. As organizations move away from traditional hardware-centric models to OPEX consumption models, the need for agile, highly secure and reliable networks is imperative, said Stephen Leonard, SVP of Global Strategic Alliances, Kyndryl. We are delighted to partner with Palo Alto Networks to provide robust and versatile network security services that will provide many benefits to our customers. "Together with Kyndryl, we are enabling enterprises to digitally transform confidently and innovate securely, while reaping the benefits of consolidating disparate security solutions into an integrated, best of breed platform," said Prem Iyer, SVP of Global Ecosystems for Palo Alto Networks. "We are committed to helping our joint customers achieve better security outcomes while protecting the modern connected organization from increasingly sophisticated attacks." The global partnership between Kyndryl and Palo Alto Networks builds on the companies' established collaboration around security services and solutions. In July Kyndryl launched its new Security Operations as a platform (SOaap) solution leveraging Palo Alto Networks Cortex technology to drive operational savings and time-to-value through automation and orchestration. Earlier this year, Kyndryl and Palo Alto Networks, together with Nokia, established an innovation lab in support of joint enterprise customers. By the end of the year, customers will be able to view innovative industrial edge use cases running on cloud, 4.9G/LTE and 5G private wireless connectivity. This will include remote manufacturing process control and real-time analytics on factory production sites, provisioning and management of mobile devices to improve the employee and frontline worker experience for onboarding and communication, and IT and OT security integration for worker safety and operational efficiencies. Kyndryl's industrial edge platform will be integrated with a multi-factor zero trust model built on Palo Alto Networks next-generation firewalls, run on Nokia's MXIE Industrial edge as part of Nokia Digital Automation Cloud (DAC)'s solutions, and with end-to-end managed services provided by Kyndryl. About Kyndryl Kyndryl (NYSE: KD) is the world's largest IT infrastructure services provider, serving thousands of enterprise customers in more than 60 countries. The company designs, builds, manages and modernizes the complex, mission-critical information systems that the world depends on every day. For more information, visit www.kyndryl.com.

Read More

Platform Security

BeyondID Introduces Identity-First Model for Zero Trust Maturity

PR Newswire | October 04, 2023

BeyondID, a leading managed identity solutions provider, today announced the industry's first solution that accurately conveys the true nature of identity within the zero trust security framework. BeyondID's Identity Fabric Model for Zero Trust promises optimal threat detection, investigation, and round-the-clock remediation via the BeyondID Security Operations Center (SOC). The Zero Trust Maturity Model by CISA has gained widespread acceptance and acknowledges the importance of identity as a pillar in modern security, but it undervalues the critical role of identity in ensuring security, stated Arun Shrestha, co-founder and CEO of BeyondID. The effectiveness of your security posture depends on how quickly and accurately you can detect behavioral discrepancies, as recent high-profile security breaches demonstrate. Zero trust cannot be achieved without identity as the fabric. BeyondID is the first managed identity services provider delivering a holistic approach to zero trust. Its Identity Fabric Model supports seamless user experience outcomes by implementing a strong digital identity strategy across the board from devices to network, to apps and workload, to data. This holistic approach ensures optimal threat detection, continuous compliance, risk mitigation, and a high return on IT and security investments. The company also announced that it can provide organizations with the breach protection they need, including a service that can identity, isolate and remediate threats in as little as seven days. Utilizing BeyondID's SOC enables companies to get their zero trust solution up and running quickly, offering 24x7 protection from the persistent threat of cybersecurity attacks. As an esteemed Okta Apex Partner and Okta's most trusted implementation ally, BeyondID is committed to modernizing identity management and digital transformation. BeyondID is launching its next-gen zero trust services at Oktane23. Oktane23 attendees will be offered an exclusive, complimentary Zero Trust Assessment. About BeyondID BeyondID is a leading managed identity services provider that the most successful brands trust to bring their digital identity strategies to life. BeyondID helps organizations streamline their adoption process and ensure their implementations are secure, agile, and future proof. A few of the valued customers that trust BeyondID to keep their organizations secure include ATN International, Discount Tire, Johnson Financial Group, Major League Baseball, Mayo Clinic, Northern Trust, TDECU, and VF Corp. More information about BeyondID can be found at www.BeyondID.com.

Read More

Events