Posts by tag

Security

189 posts
View Post
  • 2 min

IBM To Help Automate Cloud Data Protection With Acquisition Of Polar Security

IBM is announcing it has acquired Polar Security, an innovator in technology that helps companies discover, continuously monitor and secure cloud and software-as-a-service (SaaS) application data – and addresses the growing shadow data problem. Today’s news marks IBM’s 5th acquisition in 2023. Since Arvind Krishna became CEO in April 2020, IBM has acquired more than 30 companies, bolstering its hybrid cloud and artificial intelligence (AI) capabilities. The pandemic drove a sharp increase in cloud adoption, leaving organizations to grapple with a deluge of cloud data that led to more silos and “shadow data”– sensitive data not being tracked or managed.…
View Post
Share
View Post
  • 3 min

The State Of XOps Report Reveals IT And InfoSec Alignment Increases IT Security Confidence By Three Times

SaltStack®, the creators of intelligent automation for security operations and IT teams, today released the findings of its inaugural research survey, The State of XOps Report, Q2 2020. The survey revealed that organizations using software to help IT and InfoSec alignment are three times more confident in the effectiveness of their information security efforts.  Despite the obvious security benefits of improving team alignment, 54 percent of InfoSec leaders say they communicate effectively with IT professionals, while 45 percent of IT professionals agree. This was particularly true among respondents working in the financial services vertical where large enterprise teams struggle to collaborate…
View Post
Share
View Post
  • 6 min

Introducing AI-Powered Insights In Threat Intelligence

Our new Security AI WorkKbench, announced today at RSA Conference in San Francisco, uses the recent advancement in Large Language Models (LLMs) to address three of the biggest challenges in cybersecurity: threat overload, toilsome tools, and the talent gap. Threat intelligence is an area that suffers from all three problems, and LLMs have the capability to transform how it is operationalized to help secure businesses. At Google Cloud, our threat intelligence offerings are grounded in three core principles: Deliver the most trusted threat intel AI is as valuable as the data it operates on. Using LLMs to summarize irrelevant, open-source…
View Post
Share
View Post
  • 4 min

How Google And Intel Make Confidential Computing More Secure

Confidential Computing has quickly emerged as a critical technology to ensure confidentiality and security of sensitive data while it’s being processed. It performs computation in a hardware isolated environment that is encrypted with keys managed by the processor and unavailable to the operator. These isolated environments help prevent unauthorized access or modification of applications and data while in use, thereby increasing the security assurances for organizations that manage sensitive and regulated data in public cloud infrastructure.  Raising the bar for Confidential Computing  Google is committed to ensuring Confidential Computing technology is as secure as possible before releasing products to customers.…
View Post
Share
View Post
  • 4 min

A Trust Service Startup Inside the Chip Company

Behind the Builders: Raghu Yeluri conceived Project Amber to fill a gap within confidential computing and decided ‘we have to build it’ — adding another set of eyes to ensure trust.  Among the movie-inspired AI doomsday scenarios that people worry about is a possibility both more mundane and yet far more plausible: The AI that’s spot-checking welds on an automotive assembly line or running a robot ultrasound scan of your brain has been tampered with to do something bad. It’s not the AI that’s the worry — it’s the humans potentially messing with it. As plausible as it is, a forthcoming Intel study found that security professionals worry least about…
View Post
Share
View Post
  • 3 min

3 Overlooked Cloud Security Attack Vectors

Enterprises are putting their sensitive data in the cloud but both sides are responsible for security. Be sure your cloud provider is aware of these threats. A 2022 Thales Cloud Security study revealed that 88% of enterprises store a significant amount (at least 21%) of their sensitive data in the cloud. No surprise there. Indeed, I thought the percentage would be much higher. The same report showed that 45% of organizations have experienced a data breach or failed an audit involving cloud-based data and applications. This news is less surprising and less encouraging. As I covered previously, humans create most cloud computing security…
View Post
Share
View Post
  • 6 min

The Changing World Of Java

Vaadin’s State of Java Report is a treasure trove of knowledge about how developers are using Java today. Let’s dig in. Vaadin recently released new research on the state of Java in the enterprise. Combined with other sources, this survey offers a good look into Java’s evolution. The overall view is one of vitality, and even a resurgence of interest in Java, as it continues to provide a solid foundation for building applications of a wide range of sizes and uses. I dug into Vaadin’s 2023 State of Java in the Enterprise Report, along with a few others. This article summarizes what I…
View Post
Share
View Post
  • 1 min

Linux Foundation Launches Cybersecurity Essentials

New Must-know Cybersecurity Essentials Teaches Everything You Need to Keep Data Safe SAN FRANCISCO, April 5, 2023 – Linux Foundation Training & Certification today launched Cybersecurity Essentials (LFC108) designed to teach every employee the must-know cybersecurity topics, terms and practices everyone needs to keep themselves, their employer and their data safe when using technology at home, on-the-road or in the office. The course discusses security risks and precautions when using technology for personal and professional purposes including strategies to protect information during daily activities and transactions; prevent exposure to account and data compromises; and what to do if a data breach occurs. The course includes…
View Post
Share
View Post
  • 4 min

Helping U.S.-Based Financial Services Firms Manage Third-Party Due Diligence Requirements When Using Google Cloud

Financial services institutions increasingly rely on external service providers for a variety of technology-related services, including cloud computing. This trend materialized as firms recognized the value in focusing on their core competencies while using third party solutions to gain business, operational, security, resiliency, and other efficiencies. As the financial services sector is one of the most heavily regulated, firms need to carefully consider which third parties they engage and for what types of services, as they remain ultimately accountable for the performance of such services in the eyes of both their customers and regulators. In the United States, financial services…
View Post
Share
View Post
  • 3 min

Why (And How) Google Cloud Is Adding Attack Path Simulation To Security Command Center

As cloud environments scale and evolve based on changing business priorities, security teams may struggle to understand where their biggest risks are and where to focus their security controls. Some cloud security products have begun to incorporate attack path analysis to address this prioritization problem. Attack path analysis is a technique of discovering possible pathways that adversaries can take to access and compromise IT assets. A common approach in implementing attack path analysis is to produce a graph of all assets, and then query the map to discover possible exploit paths. While this may produce impressive-looking graphs, it requires the…
View Post
Share