A disturbing new trend is on the rise in public cloud security breaches. Attackers are not just stealing sensitive data, but now they’re also hijacking compute power in insecurely configured Kubernetes clusters to mine for cryptocurrency. Tesla, Aviva, and other companies had their Kubernetes clusters on AWS used for cryptocurrency mining, in … [Read more...]
SecOps IT Security & Compliance Blog
Delivering effective IT security and compliance means enabling Security and Operations teams to work effectively together. This is how IT can deliver what the business needs: secure and reliable IT services.
Learn about IT Security and Compliance in BMC's complete guide.
Whether you are a security pro, software developer, security administrator, or any other role in the IT security fields, attending a conference is an excellent way to network with other professionals and extend your knowledge base. These IT security and cybersecurity conferences provide exclusive access to some of the newest innovations and ideas … [Read more...]
Researchers have discovered a new way that hackers can potentially exploit systems to expose passwords, keys, and other sensitive data - and this time it involves the physical hardware. (Source: NYTimes) These new vulnerabilities, called Spectre and Meltdown, were discovered in Intel processors, and more specifically the way that the processors … [Read more...]
I first read Dr. Covey’s 7 Habits of Highly Effective People over 25 years ago and, despite the technological revolutions in that period, it is as relevant today as it was when the earth cooled. As we look to the new year for opportunities to improve our IT operations and security, let’s remember to begin with the end in mind, as well as to put … [Read more...]
With the recent onset of ransomware plaguing the Internet, threat remediation has become an important piece of the cybersecurity puzzle for businesses who wish to protect their digital assets. But what exactly does threat remediation mean? What are the most effective methods for successful threat remediation? And how can organizations know if … [Read more...]
The first recorded data breach of our century occurred in 1984 at TRW, a credit reporting agency. One stolen password posted to an electronic bulletin board could have permitted access to the credit histories of 90 million people. Computer experts warned that prevention of such incidents demanded greater security. Thirty-three years later—the data … [Read more...]
At the risk of sounding like a geek, I could not help but notice the discussion about whether the 2016 Uber hack was ransomware or just extortion. I searched the web and the consensus definition of ransomware is “a type of malware that encrypts files so they cannot be opened, and prevents you from using your computer or accessing those files unless … [Read more...]
Staying ahead of the competition in digital business means that companies must continually innovate and deliver improved services and products to the market. The speed and agility of public cloud has proven to be a cost effective, flexible platform, but it has brought with it new security challenges. The cloud has matured and can be very secure, if … [Read more...]
No business or individual is immune to a cyber breach, yet I hear many people say they don’t think they will be affected. They believe that their company does not have anything valuable enough to be stolen, but every company and individual has data that is valuable to a cyberthief that they might overlook. While we’re all focused on our money in … [Read more...]
Maturity is typically used in the context of a person’s path to adulthood. Do they behave and act as civilized adults according to social norms? Or do they throw tantrums, speak out of turn or lack the decorum to behave appropriately for the situation? We also use maturity to describe the sophistication and completeness of an organization’s … [Read more...]