ENTERPRISE SECURITY

Confluera Cloud Research Finds Cybersecurity Concern as Biggest Obstacle to Cloud and Multi-Cloud Adoption

Confluera | February 19, 2022

Confluera, the leading provider of next-generation cloud cyber attack detection and response, today released the findings of their latest research report, which explores how IT leaders detect, evaluate, and act against cybersecurity threats in today's cloud environment. The study, 2022 Cloud Cybersecurity Survey Report, showcases the perspective of 200 U.S. IT leaders at medium to large sized organizations and how they are tackling the increasingly complex remote, cloud-centric IT security landscape.

The majority of organizations are accelerating their cloud adoption with 97% of IT leaders surveyed stating that their strategy includes the expansion of cloud deployments. The strategy includes expansion in scale and in many cases, the adoption of multiple platforms such as AWS, Google Cloud and Azure. This strategy is not without its challenges, however. Approximately, 63% of IT professionals identified cyberthreats designed to target cloud services as the top obstacle to their cloud strategy.

Cloud and multi-cloud adoption has greatly increased the workload of already burdened IT teams. Of the 200 IT leaders surveyed, only about half of the respondents said that they are adequately staffed to manage the frequency of alerts they receive. IT teams spend 54% of their time investigating security alerts, with over half of those alerts turning out to be false or benign alarms. As threats within the cloud proliferate, IT leaders are looking for solutions to help them quickly separate the signal from the noise so they can act on the real threats promptly. Some key findings of the survey as it relates to cloud deployments are below.

  • More than 65% of IT leaders said cloud IaaS adoption (AWS, Azure, Google Cloud, etc.) was the primary contributor to their increased workload in 2021
  • When asked what challenges were associated with adopting multiple cloud platforms,
  • 69% said maintaining consistent cybersecurity coverage across all cloud infrastructures
  • Nearly 50% said securing the resources to manage different cloud infrastructures
  • Nearly 45% identified the difficulty detecting threats progressing from one cloud infrastructure to another

"While accelerated cloud adoption continues to be a critical element in adapting to the new way of doing business, it has strained IT leader's ability to manage their workload, Organizations need to ensure proper people, processes, and tools are in place for the team to expand the complex cloud environments without sacrificing their attention to security."

John Morgan, CEO of Confluera

Morgan continued, "To make matters worse, the Great Resignation has demonstrated the burnout that workers across the U.S. economy are feeling, and nowhere is this burnout more obvious than in the cybersecurity teams. Organizations must ensure frequent conversations between executives and cybersecurity managers to ensure they are well equipped to adequately manage alerts, maintain systems, and avoid burnout within their teams.

Other key findings include the following:

  • 85% of IT leaders said that they experienced increased workload due to shift in work model including remote workers
  • Nearly 70% of IT leaders said that the change in work model has made it more difficult to keep company resources secure
  • Nearly 59% of all alert investigations turn out to be false alarms or benign activities
  • 90% of IT leaders said they create threat storyboards but close to 60% rely on third-party services to create storyboards after the incident

Not all findings in the report were so glum, however. In a positive sign, 84% of IT leaders were optimistic about their cybersecurity readiness for 2022. The majority of respondents note the availability of new cybersecurity tools as the reason for their positive outlook, with 59% saying that a Detection and Response solution for the cloud, or CxDR, is the innovation they are most excited about for future deployment.

"2021 was a tough year for many IT leaders, but the market is now providing organizations with the tools they need to effectively manage the infrastructures they have and even expand them further," added Morgan. "Given proper resources and effective communication, IT leaders have every right to be positive as we move into the new year."

About the Study
Confluera commissioned an independent research firm to survey U.S. IT leaders using a national network of verified panel providers. A total of 200 respondents completed the survey, which was conducted between December 3-7, 2021. Those surveyed included those with senior titles, including Manager, Director, and VP/C-level. The margin of error for this study is +/-5.9% at the 95% confidence level.

About Confluera
Confluera is the leading provider of next-generation Cloud eXtended Detection and Response (CxDR) solutions. Recognized by Forbes as one of the Top 20 Cybersecurity Startups to Watch in 2021, Confluera's storyboard technology automates cyber attack analysis making small and large security teams more efficient.  The solution has unprecedented visibility of attacks in the cloud and modern application architectures, reveals threats in real-time, and will shut down advanced multistage attacks.

Spotlight

Today's data center demands an advanced, end-to-end network security solution that can address evolving and multi-faceted security challenges. Juniper Networks new network data center security solution is addressing these challenges by focusing on three areas: making security dynamic and providing application visibility and identity-aware networking. The result is a cloud-ready data center network with security that is both intelligent and elastic.


Other News
SOFTWARE SECURITY

Guidepost Solutions Acquires Significant Equity Interest in Cybersecurity Solutions Firm Truvantis, Inc.

Guidepost Solutions LLC | March 29, 2022

Guidepost Solutions LLC, a global leader in domestic and international investigations, compliance solutions, monitoring, and security and technology consulting, announced that it has acquired a significant equity stake in Truvantis, Inc., a cybersecurity company formed in 2010. Truvantis provides best-in-class cyber and privacy services to secure infrastructure, data, operations, and products. This strategic partnership allows both Guidepost and Truvantis to offer a wide-ranging suite of cybersecurity solutions and consulting services, at a time when cybersecurity risks are evolving and affecting all business operations. Truvantis is led by its founder and CEO, Andy Cottrell. With more than 25 years of experience in IT and cybersecurity, Cottrell has designed and implemented security solutions, launched innovative security products to market, and helped countless small and large companies improve their security posture. “I am pleased to announce this partnership with Truvantis, as part of our firm’s continued efforts to grow its capabilities and footprint in the cybersecurity arena. We are committed to providing our clients with unique solutions to defend against one of the greatest risks facing their companies – cyber threats. This partnership significantly expands our ability to fulfill that commitment.” Julie Myers Wood, Guidepost Solutions CEO This new alliance enables clients to leverage comprehensive threat, risk, vulnerability management, privacy, and assessment services to protect against a full spectrum of cyber and physical security issues and address a variety of regulatory and business-critical requirements. Today’s companies are faced with an increasing number of requests for independent verification of their cybersecurity and privacy policies and practices. Whether it’s an assessment against a security framework like the NIST CSF, ISO 27001, or CIS Controls, addressing compliance with privacy laws and requirements like the PCI DSS, or preparing for a SOC2 or HITRUST audit, companies are seeking help from highly qualified, credentialed consultants who can help address these complex cybersecurity and privacy challenges. The Guidepost/Truvantis team will afford clients a depth of expertise as well as a breadth of services to address a broad range of risk mitigation needs. “Guidepost Solutions is a leader in investigations, compliance, and physical security consulting and we’re excited to bring these capabilities to our clients to provide comprehensive risk management solutions,” said Andy Cottrell, CEO, Truvantis. “As the market continues to evolve toward consolidated physical, personnel, and cybersecurity management, this partnership enables us to provide the most comprehensive solutions in the market.” Through this investment and partnership, Guidepost Solutions and Truvantis are positioned to enhance cyber and physical security defenses for clients and provide resiliency for their critical systems. Specific security services include risk assessments, security testing, cyber investigations, cybersecurity governance, data protection, privacy consulting, operational security design and project management, vCISO, and remediation services. About Guidepost Solutions LLC Guidepost Solutions is a leader in domestic and international investigations, compliance solutions, monitoring, and security and technology consulting. We work wherever your needs take us – whether on the ground around the globe – or from one of our offices located in Bogotá, Boston, Chicago, Dallas, Honolulu, London, Los Angeles, Miami, New York, Palm Beach, Philadelphia, Phoenix, San Francisco, Seattle, Singapore, Walnut Creek, and Washington, DC. About Truvantis Inc. Truvantis® is a cybersecurity consulting organization providing best-in-class privacy and cybersecurity services to secure your organization’s infrastructure, data, operations, and products. We specialize in helping our customers improve their cybersecurity posture by implementing, testing, auditing, and operating information security programs.

Read More

PLATFORM SECURITY

Cloud Security Alliance Offers Governance Best Practices for Protecting Data Throughout Software-as-a-Service (SaaS) Lifecycle

Cloud Security Alliance | June 10, 2022

The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today released Software-as-a-Service (SaaS) Governance Best Practices for Cloud Customers. Drafted by the SaaS Governance Working Group, the paper provides a baseline set of SaaS governance best practices for protecting data within SaaS environments, enumerates and considers risks according to the SaaS adoption and usage lifecycles, and finally, provides potential mitigation measures from the SaaS customer’s perspective. The SaaS environment ultimately presents a shift in the way organizations handle cybersecurity that introduces a shared responsibility between producers and consumers. While the domain of cloud adoption and security continues to evolve, not much guidance is available regarding SaaS governance and security. This, despite the reality that increasingly, different departments within an organization (Shadow IT) are occasionally utilizing SaaS offerings to power their critical business processes and functions and often storing sensitive data in SaaS environments. “SaaS requires a different security governance mindset. Because SaaS apps allow businesses to quickly and easily optimize business operations, adoption has come at the price of security. Few recognize how complex the configuration and permission settings of SaaS apps can be, which results in numerous misconfigurations, giving attackers the potential to access sensitive data,” said Amir Ofek, CEO of AxoniusX, the new innovation unit of Axonius, which sponsored the paper. “By following a widely adopted security framework, such as NIST CSF, coupled with the best-practices and recommendations in this document, organizations will be able to better establish SaaS governance and security processes to mitigate risk associated with SaaS usage, eliminate misconfigurations, and gain full control over their entire SaaS environment.” “While SaaS offers tremendous opportunities for organizations to change the way they operate, consume innovative capabilities, and offload many of the operational burdens associated with both creating and maintaining applications, it isn’t without its concerns. As organizations continue to adopt SaaS-based applications and solutions, traditional organizational cybersecurity must be updated to reflect this new operating model. Failing to do so can increase the potential risk and ramifications of security incidents associated with the consumption of SaaS.” Chris Hughes, co-founder and CISO at Aquia and project lead/lead author of the paper The guide defines three necessary components that, when combined into a cohesive strategy, can provide integrated security for SaaS systems and solutions: Process security. Protects the integrity of procedural activities to ensure the input and output of processes aren’t easily compromised. These are the managerial aspects, including policies and procedures, to ensure that an organization’s processes are consistent. Platform security. Deals with the security strength of the platform and the underlying dependencies of a SaaS service. These include the SaaS infrastructure, operating systems, and its potential suppliers. Application security. Deals with the security of the SaaS application itself. A SaaS application can only stay secure if it does not contain exploitable vulnerabilities and has implemented hardened configurations aligned with organizational and vendor security best practices, as well as compliance requirements. The Software-as-a-Service (SaaS) Governance Working Group aims to benefit all parties in the SaaS ecosystem by supporting a common understanding of SaaS related risks from the perspectives of the cloud customer and cloud service provider. Individuals interested in becoming involved in future research and initiatives are invited to join the working group. SaaS Governance Best Practices for Cloud Customers was sponsored by Axonius, a leader in cybersecurity asset management and SaaS management. CSA research prides itself on vendor neutrality, agility, and integrity of results. Sponsors are CSA Corporate Members who support the findings of the research project but have no added influence on the content development or editing rights to CSA research. About Axonius Axonius gives customers the confidence to control complexity by mitigating threats, navigating risk, automating response actions, and informing business-level strategy. With solutions for both cyber asset attack surface management (CAASM) and SaaS management, Axonius is deployed in minutes and integrates with hundreds of data sources to provide a comprehensive asset inventory, uncover gaps, and automatically validate and enforce policies. Cited as one of the fastest-growing cybersecurity startups, with accolades from CNBC, Forbes, and Fortune, Axonius covers millions of assets, including devices and cloud assets, user accounts, and SaaS applications, for customers around the world. About Cloud Security Alliance The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, training, certification, events, and products. CSA's activities, knowledge, and extensive network benefit the entire community impacted by cloud — from providers and customers to governments, entrepreneurs, and the assurance industry — and provide a forum through which different parties can work together to create and maintain a trusted cloud ecosystem.

Read More

PLATFORM SECURITY

Veracode Research Reveals Software Supply Chain Security Shortfalls for Public Sector

Veracode | March 30, 2022

Veracode, a leading global provider of application security testing solutions, has released new findings that show the public sector has the highest proportion of security flaws in its applications and maintains some of the lowest and slowest fix rates compared to other industry sectors. Analysis of data collected from 20 million scans across half a million applications revealed these sector-specific findings as part of Veracode’s annual report on the State of Software Security (SOSS). "Public sector policy makers and leaders recognize that dated technology and vast troves of sensitive data make government applications a prime target for malicious actors. That’s why the White House and Congress are working together to update regulations governing cybersecurity compliance. In the wake of May 2021's Executive Order to improve the nation's cybersecurity and protect federal government networks, the U.S. Office of Management and Budget, Department of Defense and the White House have issued four memos addressing the need to adopt zero trust cybersecurity principles and strengthen the security of the software supply chain. Our research confirms this need.” Chris Eng, Chief Research Officer at Veracode No Time to Waste: Fix More Flaws Faster Veracode’s research found that compared to other industries, the public sector has the highest proportion of applications with security flaws, at 82 percent. When it comes to how quickly organizations fix flaws once detected, the public sector posts the slowest times on average—roughly two times slower than other sectors. The research also revealed that 60 percent of flaws in third-party libraries in the public sector remain unfixed after two years, which is double that of other sectors and lags the cross-industry average by more than 15 months. Finally, with only a 22 percent fix rate overall, the public sector is challenged to keep software supply chain attacks from impacting critical state, local, and educational applications. Eng continued, “Organizations in this sector must act with urgency. They can improve their secure DevOps practices significantly by using multiple types of scanning—static, dynamic, and software composition analysis—to get a more complete picture of an application’s security, which in turn will help them to improve remediation times, comply with industry regulations, and make the case for increasing application security budgets.” High Severity Flaws Are Priority One Demonstrating a positive trend, the public sector ranks highly when it comes to addressing high severity flaws. The research reveals that government entities have made great strides to address high severity flaws, which appear in only 16 percent of applications. In fact, the number of high severity flaws has decreased by 30 percent in the last year alone, suggesting that developers in the sector increasingly recognize the importance of prioritizing flaws that present the greatest risks. This is encouraging and may reflect growing understanding of new software security guidelines, such as those outlined in the U.S. Executive Order on Cybersecurity and the U.K. Government Cyber Security Strategy 2022 – 2030. Eng closed, "Recognizing that time is of the essence, public sector leaders are beginning to set timelines. For example, in “Moving the US Government Toward Zero Trust Cybersecurity Principles”, Shalanda Young has set a deadline of September 30, 2024 for all US federal agencies to meet specific cybersecurity standards. We think that the progress made against high security flaws is a great starting point and support all public sector agencies who seek to gain better control over their software supply chains." About the State of Software Security Report The twelfth volume of Veracode’s annual report on the State of Software Security (SOSS) examines historical trends shaping the software landscape and how security practices are evolving along with those trends. This year’s findings are based on the full historical data available from Veracode services and customers and represent a cross-section of large and mid-sized companies, commercial software suppliers, and open-source projects. The report contains findings about applications that were subjected to static analysis, dynamic analysis, software composition analysis, and/or manual penetration testing through Veracode’s cloud-based platform. About Veracode Veracode is a leading AppSec partner for creating secure software, reducing the risk of security breach, and increasing security and development teams’ productivity. As a result, companies using Veracode can move their business, and the world, forward. With its combination of process automation, integrations, speed, and responsiveness, Veracode helps companies get accurate and reliable results to focus their efforts on fixing, not just finding, potential vulnerabilities.

Read More

ENTERPRISE SECURITY

CyberRes Completes Acquisition of Debricked to Further Expand Software Supply Chain Security

CyberRes | March 15, 2022

CyberRes, a Micro Focus line of business, today announced the acquisition of Debricked, a developer-centric open source intelligence company aimed at innovating how organizations secure their software supply chain for today and the future. The addition of the cloud-native software composition analysis platform and AI/ML capabilities further drive CyberRes' strategy in the future of software resilience and DevSecOps. These aligned capabilities, combined with their vision of how developers evaluate, consume, and secure open-source components customized to their organization's need, make Debricked an extremely valuable addition to CyberRes' application security portfolio. "Nearly 90 percent of companies are developing software using open source components to accelerate their development speed to keep pace with business demands, which comes with accelerated risk," said Tony de la Lama, VP Product Management. "Our aim is to invest in and build solutions that allow organizations to secure their applications while maintaining the speed of development. Debricked is uniquely positioned in the market with their portfolio of solutions to address open source security and adds to an already robust portfolio in CyberRes to secure the software supply chain." Debricked's SaaS solution enables more intelligent selection of open source while drastically reducing the risks typically associated with it, both core requirements of modern DevSecOps programs. The service runs on state-of-the-art machine learning which enables the data quality to be extremely accurate as well as instantly updated whenever a new vulnerability is discovered. High precision, combined with developer focused UX and unique abilities to customize the service to your company's needs, makes Debricked unique in the world of open source security and positioned for accelerated growth. "We are excited at becoming a part of Micro Focus and CyberRes. Combining our team with such an industry-leading organization enables us to accelerate Debricked's journey toward our vision of making it easier for companies to use open source securely. We are also excited at the opportunity to present our customers with a full scale, robust security offering." Debricked CEO and co-founder Daniel Wisenhoff Key attributes of Debricked technologies include: Open Source Intelligence: With their latest innovation, Open Source Select, Debricked aims to make searching and comparing open source packages faster. By providing an in-depth analysis of the community health and offering contextualization, developers can make much more informed decisions. Security Vulnerabilities: Continuously and automatically identify, fix and prevent vulnerabilities in open source dependencies. Scan at every commit and get notified when new vulnerabilities appear. License Compliance: Ensure and maintain open source compliance with automated and enforceable pipeline rules, along with enabling creation of software bill of materials (SBOMs). Calculate risk levels for your repositories based on intended use. CyberRes is aimed at building the most complete portfolio that helps enterprises prepare for, respond to, and recover from cyber threats. With this acquisition, Micro Focus continues to show strong commitment and continued investment to Security and the ability to help customers and partners improve their cyber resilience posture. This additional investment includes a series of acquisitions made over the last two years, which strengthen our robust portfolio of security solutions, all focused on delivering business and technical outcomes to support cyber resilience. The latest example of how these investments come together is the recent launch of Galaxy, an immersive cyber threat experience built for CISOs and analysts. About CyberRes CyberRes is a Micro Focus line of business. We bring the expertise of one of the world's largest security portfolios to help our customers navigate the changing threat landscape by building both cyber and business resiliency within their teams and organizations. CyberRes is part of a larger set of digital transformation solutions that fight adverse conditions so businesses can continue to run today, keep the lights on, and transform to grow and take advantage of tomorrow's opportunities.

Read More

Spotlight

Today's data center demands an advanced, end-to-end network security solution that can address evolving and multi-faceted security challenges. Juniper Networks new network data center security solution is addressing these challenges by focusing on three areas: making security dynamic and providing application visibility and identity-aware networking. The result is a cloud-ready data center network with security that is both intelligent and elastic.

Resources