Newly discovered microarchitectural data sampling flaws in Intel processors - collectively dubbed "ZombieLoad" - could be exploited to steal private data from PCs and servers, including shared cloud environments. Intel, Microsoft, Apple and others have begun to ship patches designed to help mitigate the problems.
While cloud computing offers many advantages, a major disadvantage has been security, because data physically resides with the cloud service provider (CSP) and out of the direct control of the owner of the data. For enterprises that elect to use encryption to protect their data, securing their encryption keys is of...
Attackers exploiting a buffer overflow in WhatsApp's signaling software to automatically infect devices with malware - without users even having to answer their phone - and then alter call logs to hide attack traces is "a bit of a nightmare scenario," says cybersecurity expert Alan Woodward.
Stories, practical experiences, anecdotes and a bit of humor about creating and managing cloud security programs and the journey to devsecops. This will be an interactive session.
The session will cover:
Key components of cloud security programs and the basics of devsecops
Real world challenges and practical...
With IT environments more complex and dynamic than ever, micro-segmentation is the clear choice for isolating communication flows and hardening your security posture. The right provider should help you accurately visualise and map all of your application flows and dependencies and then enable micro-segmentation...
Complex configurations don't mix well with rapidly spun-up components, and when your company uses multiple cloud providers to host your critical assets, the odds of a major security event get that much higher.
So how do you close visibility gaps and integrate conflicting datasets from different providers, and how do...
As banking firms evolve their business models to fight obsoletion and stay competitive in a rapidly changing space - digital transformation initiatives are on everyone's priority list. According to Forrester (source: The Path To Digital Transformation In High Speed Financial Services, December 2016) financial services...
With 96% of businesses now relying on cloud computing,
including 81% that use multiple cloud environments*, cloud
adoption is no longer a trend but the new normal.
This requires enterprises to place more emphasis on a critical
issue related to cloud computing and storage: how to ensure the
integrity and...
How far does an organization's risk surface extend, and who are the custodians of all that data? A new research report aims to answer those questions. In a joint interview, Kelly White, of RiskRecon and Wade Baker of the Cyentia Institute offer an analysis.
An unsecured database hosted on Microsoft's cloud platform contained personal information on nearly 80 million U.S. households, according to two researchers who found it. What does Microsoft have to say about the mysterious database?
What does it take to securely migrate nearly all your systems and data onto the cloud, phase out your own on-premises data center, and build shared cyber risk responsibility with third-parties? That's a journey under way at health insurer Wellmark. The health insurer's vice president and CISO Thien La will describe...
Two third-party Facebook application developers exposed users' personal information by leaving the data exposed without a password in unsecured Amazon Web Services S3 buckets, researchers from UpGuard say. One data set contained 540 million unsecured records, the report found.
An essential component of protecting payment information is devaluing the data that is transmitted so it's of no use to hackers, says Lance Johnson, executive director of the PCI Standards Security Council.
In just five years' time, the public cloud security conversation has changed dramatically, says Matt Chiodi of Palo Alto Networks. But security leaders still struggle with visibility and compliance.
Business perimeters are becoming far more difficult to secure in the age of multicloud. Laurence Pitt of Juniper Networks discusses security strategies for the new era.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
