Tackling the cyber security challenges of the cloud to maximise its potential

Information age | February 05, 2020

Cloud computing has become a prevalent force, bringing economies of scale and breakthrough technological advances to modern organisations, but it is more than just a trend. Cloud computing has evolved at an incredible speed and, in many organisations, is now entwined with the complex technological landscape that supports critical daily operations. This ever-expanding cloud environment gives rise to new types of risk. Business and security leaders already face many challenges in protecting their existing IT environment. They must now also find ways to securely use multiple cloud services, supported applications and underlying technical infrastructure. The surge in business processes supported by cloud services has been well evidenced by organisations using cloud services store confidential data in the cloud environment. But when using cloud services.

Spotlight

Global health care spending continues to increase dramatically. is projected to reach $10.059 trillion by 2022. Factors impacting health care costs. life expectancy continues to climb—number of people aged over 65 globally is more than 668 million, or 11.6%, of the total global population. winning the fight against communicable diseases. non-communicable diseases (NCDs)—most prominently, cancer, heart disease, and diabetes—continue to grow.

Spotlight

Global health care spending continues to increase dramatically. is projected to reach $10.059 trillion by 2022. Factors impacting health care costs. life expectancy continues to climb—number of people aged over 65 globally is more than 668 million, or 11.6%, of the total global population. winning the fight against communicable diseases. non-communicable diseases (NCDs)—most prominently, cancer, heart disease, and diabetes—continue to grow.

Related News

SOFTWARE SECURITY

Foresite Cybersecurity Begins XDR & Compliance Platform

Foresite Cybersecurity | June 02, 2022

Foresite Cybersecurity, a leading cybersecurity and compliance provider, announced today that it is transitioning from technical services to a product-led Open XDR SaaS platform. The platform will provide a distinct edge for mid-market enterprises by allowing them to consolidate security data from several sources into a single spot to acquire a holistic view of their security and policy compliance maturity. "Our strategy is to provide our customers with an open, extensible platform to enable them to understand their risk and compliance posture. The ProVision Open XDR platform will deliver on the single vision of our customers security posture, allowing not only discovery, response, and remediation, but also providing real-time risk and maturity scores." Matt Gyde, Chairman and CEO of Foresite Cybersecurity Mid-market organizations have battled for years to achieve adequate cybersecurity due to a lack of in-house experience or funding, with many not understanding where to start. The growing trend of remote employment has only made things more complicated. Duane Shugars, Foresite Cybersecurity Chief Technology Officer said that "The market demanded an easier, more simplified model to be protected from cyberattacks and compliant to support business supply chain requirements. We are developing our Open XDR platform to easily absorb all log data, use advanced data science techniques, proprietary machine learning and natural language models, and supply chain illumination to simplify cybersecurity, maturity and compliance." ProVision Open XDR is a cloud-native platform that will be available in Q3 2022 and will employ machine learning to enable insight across the whole IT ecosystem. In the case of an attack, the vendor-agnostic platform allows any cybersecurity technology in the customer's ecosystem, including firewalls, EDR, NDR, and many more, to monitor events, resulting in quicker remediation and reduced economic damage.

Read More

PLATFORM SECURITY

Deloitte Launches Zero Trust Access, a New Managed Security Service

Deloitte | July 12, 2022

To help organizations adopt zero trust more quickly and efficiently, Deloitte is launching a new managed service – Zero Trust Access— that offers a cloud-native approach to securing communications between users, on any device, and enterprise applications, wherever they may reside. The Zero Trust concept commits to removing implicit trust within an information technology (IT) ecosystem and replacing it with a risk-based approach to accessing organizational resources across identities, workloads, data, networks and devices. This trend is gaining momentum, given legacy approaches to security architecture are no longer suitable to secure the ubiquitous nature of the modern enterprise. Part of the newly expanded Zero Trust by Deloitte, Zero Trust Access facilitates zero trust adoption and the evolving needs of organizations in protecting their applications, infrastructure, and data. Following the integration of recently acquired talent and technology into existing Deloitte services, the Zero Trust Access managed service connects users to applications through a frictionless cloud-native solution that is inherently scalable, resilient, agile, and secure. Further, the managed service is available standalone, integrated with other Deloitte offerings, or as part of a broader solution leveraging technologies from Deloitte's alliances ecosystem. "As perimeter-based approaches are no longer suitable to secure the modern enterprise, many organizations are working to enhance protection for their IT ecosystems via zero trust. "Zero Trust Access was built as a turnkey managed service helping ourselves and our clients accelerate adoption of this transformative security framework. Our goal was to create a cost-effective solution that can be delivered standalone or complementary to a broader ecosystem and ultimately help decrease the burden on IT and security teams who likely need to manage multiple heterogenous solutions to achieve similar outcomes." Andrew Rafla, Deloitte Risk & Financial Advisory's zero trust offering leader and principal, Deloitte & Touche LLP With innovative data protection leveraging device-level secure microcontainer technology, Zero Trust Access helps protect infrastructure while also enabling organizations to protect sensitive enterprise data and enforce least privilege through dynamic access control to enterprise assets. The managed service can replace remote access solutions inclusive of virtual private network (VPN), virtual desktop infrastructure (VDI), and desktop as a service (DaaS), all of which typically require significant capital expenditure for infrastructure, high operating costs, and technology management overhead. Zero Trust Access includes features such as ephemeral connectivity built upon secure peer-to-peer (P2P) communication, conditional access and continuous authorization, as well as robust data protection for data at-rest, in-use, and in-transit are consistently applied to each session, regardless of the type or location of the applications being accessed (e.g., legacy hosted applications, software as a service (SaaS), thick-client, web-based applications). Implementation of Zero Trust Access can help organizations leverage outcome-based solutions that improve business agility, enhance user productivity, and reduce cost and complexity of security operations. "Beginning zero trust adoption isn't simple, fast or easy for most organizations," Deborah Golden, Deloitte Risk & Financial Advisory Cyber and Strategic Risk leader and principal, Deloitte & Touche LLP. "We're launching Zero Trust Access as the first in many adoption-enabling services and solutions to come, so that our clients are better able to modernize their security programs, enable agile operations and confidently advance with emerging technologies and transformative risk management principles that can build more resilient security practices." About Deloitte Deloitte provides industry-leading audit, consulting, tax and advisory services to many of the world's most admired brands, including nearly 90% of the Fortune 500® and more than 7,000 private companies. Our people come together for the greater good and work across the industry sectors that drive and shape today's marketplace — delivering measurable and lasting results that help reinforce public trust in our capital markets, inspire clients to see challenges as opportunities to transform and thrive, and help lead the way toward a stronger economy and a healthier society. Deloitte is proud to be part of the largest global professional services network serving our clients in the markets that are most important to them.

Read More

PLATFORM SECURITY

Uptycs Unveils Advanced Container and Kubernetes Capabilities

Uptycs | May 27, 2022

Uptycs, the first cloud-native security analytics platform that enables both cloud and endpoint security from a single platform, today unveiled expanded container and Kubernetes security posture management (KSPM) features for its cloud workload protection platform (CWPP). These features enable real-time identification of containerized workloads, proactive scanning of container images in the CI/CD pipeline, constant compliance monitoring, and Kubernetes security policy audit and enforcement. According to Gartner, by 2026, over 90% of the world's enterprises will be operating containerized apps in production, up from less than 40% currently. Businesses, on the other hand, struggle to manage and maintain these transitory assets. Misconfigurations in the control plane and insecure policies at the single container layer are used by attackers to escalate permissions, conduct container escapes, and compromise nodes for executing code. "Organizations are rapidly scaling their Kubernetes environments and seeing tremendous gains in optimization, availability, and developer productivity, but too often Security teams are left playing catch up. With telemetry from Kubernetes systems supported by our analytics platform, Security teams know immediately what resources they have and the security posture of those resources—across public and private clouds, scaling to tens of thousands of pods. Combined with our industry-leading container security capabilities, this gives Security teams confidence that they have the proper controls in place to minimize risk while enabling innovation." Ganesh Pai, CEO and Co-founder of Uptycs Uptycs offers both fully managed (AWS EKS, Azure AKS, Google GKE) and self-managed Kubernetes environments, such as VMware Tanzu and Google Anthos. Uptycs contains a range of container runtimes (Docker, containerd, CRI-O). The latest KSPM capabilities offered by the Uptycs platform are now readily accessible and will be shown at the 2022 RSA Conference (booth #435) from June 6-9. Learn more about the Uptycs container and Kubernetes security service by visiting the Uptycs blog.

Read More