According to a study by LogicMonitor, the number of applications hosted on-premises will decrease by 10%, to 27%, by 2020. In comparison, the number of cloud-native, more specifically serverless hosted applications, like AWS Lambda, Google Cloud and Microsoft Azure, will increase to 41%.
The trend to cloud, specifically serverless, and away from on-prem, is not new and of no surprise, as serverless hosted applications provide developers with a faster speed to market and allows for them to release new functionality on a more frequent basis. In addition, it can save organizations bundles in infrastructure costs. It has however left DevSecOps and security teams in a quandary. While they don’t want to impede development efforts, they are left with no choice but to place the security of serverless applications in someone else’s hands.
To alleviate this issue, there are several serverless security best practices that must be put in place in order to properly secure serverless apps launched by the developer.
Continue reading
Businesses need to take their cyber security seriously. There are huge financial implications for being hacked, not just from the perspective of lost revenue and weakened reputation, but also in the form of stricter regulations from laws such as the General Data Protection Regulation (GDPR). However, there are a number of myths about cyber security that make it difficult for companies to know what the best course of action is. Here are four myths about cyber security that are still affecting British businesses.
Myth #1: Cyber security is purely dealt with by the IT department
One commonly held myth that can actually put businesses at risk is the idea that cyber security is something that the IT department (and only the IT department needs to be concerned about). Of course, it is necessary to provide your IT team with the budget and resources to defend your business against the risk of a cyber-attack.
Continue reading
Amazon Web Services (AWS) offers a huge variety of benefits for businesses, and organisations are increasingly opting for cloud solutions for their data, website, and applications. However, there are still some businesses using AWS that have not put the proper cyber security controls in place. Here we take a look at ten great tips to improve your AWS cyber security.
- Understand your responsibilities
When you work with any kind of web services provider you need to understand what you are responsible for and what will be managed by the provider. This is absolutely true in terms of AWS – where Amazon runs its so-called ‘shared responsibility model’. In this model AWS is responsible for protecting the infrastructure of the AWS cloud system including hardware, software, and networking.
On the other hand, you as the customer is responsible for customer data, identity and access management, firewall and anti-virus configuration, and issues such as data encryption. It can sometimes be necessary to work with outside agencies to manage your own cyber security.
Continue reading
Cyber Security and data privacy have always been a hot topic when we talk about IT. There are many places where people can find interesting news, analysis, comments and get informed about the latest threats and how to deal with them efficiently. From developers to security researchers, software companies to security websites and magazines everyone has an opinion on the subject. It is never easy to distinguish between them and when you search for ‘online security blog/news’ you will get thousands of different results.
The following article will try to give you a starting point for which are the top security blogs to get the latest trends and insights. We hope that the following list will be able to spark your interest and broaden your knowledge on this topic. These bloggers are ready to discover major security tricks, tutorials and solutions to problems that people experience on a daily basis.
Continue reading
CyberDB research about Phishing covers different types of phishing techniques, tools and service offering from vendors, market overview and common anti-phishing challenges organizations face.
To download the free report press here
Continue reading
Connected cars are exposed cyber threats. Security vendors are now looking to secure these vehicles in a fast growing sector of the cyber industry- this post is an extract from CyberDB reserach paper regarding this market. To download the complete report, please follow this link
Continue reading
RSAC 2017 is behind us. It has been bigger, noisier and more crowded than any cybersecurity event in history. It’s so big, it’s overwhelming. And if you consider the off-site meetings, mini-conferences, meetups and parties you can forgive an average visitor if he or she feels kind of fuzzy afterward. Vendors don’t have it easy, either. With more than 700 companies and organizations presenting, trying to stand out or simply gauge the competition is extremely difficult.
Continue reading
Israel is a major force in cybersecurity innovation and development, and Israeli cybersecurity companies are at the forefront of technology, rubbing shoulders with global industry giants. In fact, according to CyberDB data-bank, Israel has the second largest amount of cybersecurity companies in the world, second only to the US. In terms of actual sales Israel cybersecurity exports account for anything between 5-10% of the global cybersecurity market , an amazing figure given Israel’s miniscule size and small population.
Continue reading
In late September and late October 2016 two massive distributed denial-of-service (DDoS) attacks successfully targeted and impacted the operations of their targets. In the October DDoS against Dyn, a cloud-based Internet Performance Management company, several high profile organizational websites (Twitter, Pinterest, Reddit, GitHub, Etsy, Tumblr, Spotify, PayPal, Verizon, Comcast, to name a few ) for a substantial part of the day. While Dyn was ultimately able to mitigate the three-wave attack, it did impact users’ abilities to access these sites.
Continue reading
In my previous post on Cyber Threat Intelligence (CTI) I discussed at least one immediate benefit of CTI as a means of cutting the cost of vulnerability and patch management by potentially obviating the need to trigger a patch management exercise.
Continue reading
