Tackling the cyber security challenges of the cloud to maximise its potential

Information age | February 05, 2020

Cloud computing has become a prevalent force, bringing economies of scale and breakthrough technological advances to modern organisations, but it is more than just a trend. Cloud computing has evolved at an incredible speed and, in many organisations, is now entwined with the complex technological landscape that supports critical daily operations. This ever-expanding cloud environment gives rise to new types of risk. Business and security leaders already face many challenges in protecting their existing IT environment. They must now also find ways to securely use multiple cloud services, supported applications and underlying technical infrastructure. The surge in business processes supported by cloud services has been well evidenced by organisations using cloud services store confidential data in the cloud environment. But when using cloud services.

Spotlight

Those high profile data breaches led to a swift response from the Government with the penalties for serious or repeated privacy breaches increased from $2.22 million to a minimum of $50 million at the end of December. Since then, the Government has released the Privacy Act Review Report and the 2023-2030 Australian Cyber Security Strategy that signpost a significant shift for Australia’s cyber landscape. Critical infrastructure; personal information; cyber security; dealing with ransomware attacks – all are likely to be shaken up.

Spotlight

Those high profile data breaches led to a swift response from the Government with the penalties for serious or repeated privacy breaches increased from $2.22 million to a minimum of $50 million at the end of December. Since then, the Government has released the Privacy Act Review Report and the 2023-2030 Australian Cyber Security Strategy that signpost a significant shift for Australia’s cyber landscape. Critical infrastructure; personal information; cyber security; dealing with ransomware attacks – all are likely to be shaken up.

Related News

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

AdaCore Launches RecordFlux

Businesswire | March 28, 2023

AdaCore, a trusted provider of software development and verification tools, today announced the launch of its new RecordFlux technology, designed to ease the development and security of binary communication protocols. The technology comprises a Domain Specific Language (DSL) to precisely describe complex binary data formats and communication protocols, and a toolset to verify specifications and generate provable SPARK code that can be executed on a target CPU. Through RecordFlux, users can define and implement complex communication protocols and prove security properties, such as memory safety, at much less cost and effort than would be possible with a manual approach. The precision of the RecordFlux DSL ensures that the specifications are unambiguous, the high-level nature of the DSL makes the specifications easily understandable by domain experts, and the expressive power of the DSL can capture the most complex real-world protocols. And since the RecordFlux code generator produces source code in the formal methods-based SPARK language, users can obtain automated proofs of a wide range of security properties in the resulting software. The net effect is more secure and reliable code, at lower cost. “Interaction between software components is governed by protocol and format specifications. Unfortunately, most specification documents are complex texts written in English which need to be translated to software implementations manually, leaving room for human error,” said Alex Senier, AdaCore’s RecordFlux Team Lead. “Logic errors and critical flaws are often poorly mitigated by the widespread use of unsafe programming languages, resulting in severe security vulnerabilities. With RecordFlux, we aim to provide a solution that saves time and money by automating provable code generation while ensuring the absence of low-level vulnerabilities like buffer overflows that attackers could exploit.” About RecordFlux RecordFlux is a toolset for creating high-assurance implementations of binary data formats and communication protocols. The technology includes a Domain Specific Language, a comprehensive toolset, and customized expert support. By using SPARK Pro, developers can take the SPARK code generated from RecordFlux specifications and automatically prove that the code is free of run-time errors and respects the original specification. Code generated by RecordFlux is also compatible with GNAT Pro Assurance, AdaCore’s complete solution for projects with the most stringent requirements for reliability, long-term maintenance, or certification. The compiler-hardening options provided by GNAT Pro Assurance can be used to mitigate further attacks on network-facing protocol-handling code. About AdaCore Founded in 1994, AdaCore supplies software development and verification tools for mission-critical, safety-critical, and security-critical systems. Over the years, customers have used AdaCore products to field and maintain a wide range of critical applications in domains such as commercial and military avionics, defense systems, automotive, railway, space, air traffic management/control, medical devices, and financial services.

Read More

PLATFORM SECURITY, SOFTWARE SECURITY, CLOUD SECURITY

Deepwatch and Lacework Partner to Deliver Unrivaled Cloud Security Solutions

Businesswire | June 09, 2023

Deepwatch, the leader in advanced managed detection and response (MDR) security, today announced a global strategic partnership with Lacework, the data-driven cloud security platform, to offer organizations comprehensive and proactive security solutions. This strategic partnership combines Deepwatch's MDR expertise with Lacework's advanced cloud security analytics, providing enterprises with an unmatched level of protection against modern cyber threats. With the increasing adoption of cloud technology, organizations face unique security challenges that require robust solutions. "This partnership allows us to deliver a best-in-class cloud security solution that addresses the unique challenges faced by organizations in today's cloud-centric landscape," said Wes Mullins, CTO at Deepwatch. "By combining our MDR capabilities with Lacework's advanced cloud security analytics, we empower organizations to confidently embrace the cloud while maintaining robust cybersecurity posture." Deepwatch and Lacework address these challenges head-on, offering: Complete Cloud Security: Deepwatch and Lacework deliver end-to-end cloud security solutions that cover the entire attack surface within cloud environments, including workloads, containers, Kubernetes, and serverless architectures. This partnership ensures that critical assets remain secure while organizations leverage the benefits of cloud technology. Proactive Cloud Threat Detection: By combining expert security analysts and advanced threat detection capabilities, the partnership empowers organizations with proactive identification and swift response to emerging threats targeting cloud workloads. This proactive approach mitigates potential risks, safeguarding sensitive data and critical infrastructure. Advanced Security Analytics: Deepwatch's MDR services are enhanced by Lacework's powerful cloud-native application protection platform. This integration allows for extensive cloud security telemetry collection and correlation, enabling organizations to gain deep insights into their cloud environments. With holistic visibility, organizations can enhance threat hunting, incident investigation, and overall security posture. Efficient Incident Response: In the event of a security incident, Deepwatch and Lacework streamline the incident response process. The seamless integration between the platforms facilitates quick and effective incident containment, eradication, and recovery of threats targeting cloud workloads. This minimizes disruption to business operations and mitigates potential financial and reputational damages. Industry Expertise: Deepwatch's team of experienced security analysts, supported by their SOC-as-a-Service model, provides round-the-clock monitoring and actionable insights. Lacework's cloud security expertise, complemented by their machine learning capabilities, delivers unparalleled cloud threat intelligence. Together, they offer organizations the combined strength of their specialized knowledge to combat evolving cyber threats effectively. “The new partnership of Lacework and Deepwatch empowers customers by taking the cloud security burdens off of organizations and allowing them to instead focus on innovating and achieving their business outcomes,” said Brian Lanigan, VP of World Wide Channels and Alliances from Lacework. “The combination of Lacework’s best-in-class cloud security offerings and Deepwatch’s skilled personnel and industry-leading expertise allows us to provide our customers with solutions that continue to provide greater fidelity to help manage risk and further drive our focus on simplifying security for our customers.” Deepwatch and Lacework's collaboration enables organizations to proactively detect and respond to cyber threats, ensuring the protection of critical assets within cloud environments. With this partnership, enterprises can confidently navigate their digital future while minimizing risk and safeguarding their valuable data. About Deepwatch Deepwatch is the leader in managed detection and response, protecting organizations from ever-increasing cyber threats. Powered by Deepwatch’s cloud security platform, Deepwatch provides the industry’s fastest, most comprehensive detection and automated response to cyber threats together with tailored guidance from dedicated experts 24/7/365 to reduce risk and improve security posture. The world’s leading companies, from the Fortune 100 to mid-sized enterprises, trust Deepwatch to protect their business. Visit www.deepwatch.com to learn more. About Lacework Lacework offers the data-driven security platform for the cloud and is the leading cloud-native application protection platform (CNAPP) solution. Only Lacework can collect, analyze, and accurately correlate data — without requiring manually written rules — across an organization’s cloud and Kubernetes environments, and narrow it down to the handful of security events that matter. Security and DevOps teams around the world trust Lacework to secure cloud-native applications across the full lifecycle from code to cloud. Get started at www.lacework.com.

Read More

PLATFORM SECURITY, SOFTWARE SECURITY, CLOUD SECURITY

Lacework Unifies Entitlements Management and Threat Detection for Simplified Cloud Security

Prnewswire | June 07, 2023

Lacework, the data-driven security platform, today announced new CIEM functionality that empowers teams to gain observability of all cloud identities, know precisely who can perform what actions, and easily identify which identities pose the greatest risk. Furthermore, Lacework's actionable approach to CIEM provides customers with recommendations on how to reduce their identity risk. By combining these new capabilities with cloud security posture management, attack path analysis, and threat detection into a single platform, Lacework gives customers a clear understanding of their cloud identity landscape, visibility into cloud identity and access management (IAM) misconfigurations and exposed secrets, and continuous discovery of identity threats. The benefits of public cloud come with complex challenges in managing identity risk. With over 35,000 granular permissions across hyperscale cloud providers, organizations struggle to limit unnecessary access. Most cloud users and instances are granted far more permissions than they actually need, leaving organizations highly exposed to cloud breach, account takeover, and data exfiltration. And the fact that machine identities in the cloud typically outnumber humans by an order of magnitude intensifies the issue. "Enforcing least privilege and having visibility of identities and entitlements is a top cloud security challenge for IDC clients. With this innovation from Lacework, security teams can automatically see which identities are overly-permissive, and zero in on the ones that pose the greatest risk," said Philip Bues, Research Manager for Cloud Security, at IDC. "Beyond prioritizing risks, this will also allow teams to confidently suggest policy changes and reduce their overall attack surface risk." Preventing Cloud Identity Risk with New Entitlement Management Technology Lacework dynamically discovers cloud user, resource, group and role identities and their net-effective permissions and then automatically correlates granted versus used permissions to determine identities with excessive privileges. The platform calculates a risk score for each identity, determines the riskiest identities based on attack path analysis, and auto-generates high-confidence recommendations for right-sizing permissions based on historical observations. This means Lacework not only informs customers of risky identities and entitlements, but also shows those identities that are hardly used or even need entitlements to begin with. "CIEM is a vital facet of a comprehensive cloud security strategy," said Paolo del Mundo, Director of Application Security, The Motley Fool. "It's encouraging to see Lacework incorporating this into their well-rounded CNAPP solution, potentially providing a robust response to the challenge of managing cloud access permissions effectively." Combined with Lacework's ability to prioritize risks from an attack path context, as well as detect user and entity behavior anomalies, customers are able to: Continuously comply with IAM security and regulatory compliance requirements. Identify cloud user, application and service identities, know exactly what actions each can take, and prioritize the identities that pose the greatest risk. Limit the blast radius of compromised cloud accounts, achieve least privilege, and establish trust with engineering teams. Continuously discover risky behavior, including lateral movement and privilege escalation, without needing to write rules or stitching together disparate alerts. Rapidly detect insider threats associated with malicious or accidental abuse of permissions. "Our customers need to know what entities are actually doing in their cloud and whether it's malicious or inappropriate, and it can't get in the way of their ability to move fast," said Adam Leftik, Vice President, Product, Lacework. "Now Lacework customers can address both sides of the identity security issue with a single platform that prevents identity risk exposure and detects identity threats at scale, with the context to quickly investigate, prioritize, and respond to identity alerts. It's the latest step in our mission to give enterprises the confidence to rapidly innovate in the cloud and drive their business forward." About Lacework Lacework offers the data-driven security platform for the cloud and is the leading cloud-native application protection platform (CNAPP) solution. Only Lacework can collect, analyze, and accurately correlate data — without requiring manually written rules — across an organization's AWS, Azure, Google Cloud, and Kubernetes environments, and narrow it down to the handful of security events that matter. Security and DevOps teams around the world trust Lacework to secure cloud-native applications across the full lifecycle from code to cloud. Get started at www.lacework.com.

Read More