Welcome!


Latest Blogs from Cloud Security
Disaster recovery (DR) has traditionally been a major challenge for IT departments. Even with the advent of server virtualization and other technologies that have simplified DR implementation and some aspects of on-going management, it is still a complex and (often extremely) costly un...
Cloud computing delivers on-demand resources that provide businesses with flexibility and cost-savings. The challenge in moving workloads to the cloud has been the cost and complexity of ensuring the initial and ongoing security and regulatory (PCI, HIPAA, FFIEC) compliance across priv...
SYS-CON Events announced today that Key Information Systems, Inc. (KeyInfo), a leading cloud and infrastructure provider offering integrated solutions to enterprises, will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Con...
SYS-CON Events announced today that Cloud Raxak has been named “Media & Session Sponsor” of SYS-CON's 17th Cloud Expo, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Raxak Protect automates security compliance across private and p...
Cybersecurity is top of mind for corporations around the world. The quantity of recent data breaches and the dollar loss associated with some of them indicates either an underinvestment in cybersecurity or a failure to properly invest in people, security training or technology. While b...
SYS-CON Events announced today that Alert Logic, the leading provider of Security-as-a-Service solutions for the cloud, has been named “Bronze Sponsor” of SYS-CON's 17th International Cloud Expo® and DevOps Summit 2015 Silicon Valley, which will take place November 3–5, 2015, at the Sa...
SYS-CON Events announced today that Alert Logic, the leading provider of Security-as-a-Service solutions for the cloud, has been named “Bronze Sponsor” of SYS-CON's 17th International Cloud Expo® and DevOps Summit 2015 Silicon Valley, which will take place November 3–5, 2015, at the Sa...
As a business communications tool, email is the dominant option, and many corporations have policies that allow the use of personal email on corporate computers. In a recent Adobe Systems commissioned online survey of 400 U.S. white-collar, adult workers, more than 90 percent of them a...
A recent report from The Infoblox DNS Threat Index (in conjunction with Internet Identity) shows that phishing attacks has raised the DNS threat level to a record high of 133 for second quarter of 2015, up 58% from the same time last year. The biggest factor for the jump is the creatio...
Where is your data right now? The explosion of cloud computing and consumer IT means that your data, as well as data about you, can be virtually anywhere. Having your data and the data about you virtually everywhere is, in fact, key to the cloud computing business model. This means th...
In a recent blog article, I discussed the difference between cloud backup and cloud disaster recovery (or “DR”). In a nutshell, with cloud backup, you basically pay a third-party service provider a monthly fee to have them back up your firm’s data and store it in the cloud, so it can b...
‘FDA tells hospitals to stop using a pump that is vulnerable to hackers.’.This headline was all over the internet and news this weekend, with the pump in question being a medical infusion pump that automatically administers dosages of medication to patients in a hospital. A vulnerabili...
The world of software is completely crazy about automation. Thanks perhaps to DevOps, if anything, the mania is increasing. Some companies are eliminating the tester role in favor of tools smiths with programming experience who can build frameworks; sometimes this is called "developer ...
The mobility and flexibility of modern business practice has created a demand to extend any application to virtually anyone. While this can bring many benefits to organisations, such as enabling employees to work remotely, cutting costs by using the cloud to simplify IT deployment and ...
Mobile testing is getting harder: more devices, multiple operating systems, higher quality expectations and shorter development cycles. In his session at DevOps Summit, Tom Chavez, Senior Evangelist at SOASTA, will discuss the seven steps to improving your mobile testing process. To...
Whether you like it or not, DevOps is on track for a remarkable alliance with security. The SEC didn’t approve the merger. And your boss hasn’t heard anything about it. Yet, this unruly triumvirate will soon dominate and deliver DevSecOps faster, cheaper, better, and on an unprecedente...
In their Live Hack” presentation at 17th Cloud Expo, Stephen Coty and Paul Fletcher, Chief Security Evangelists at Alert Logic, will provide the audience with a chance to see a live demonstration of the common tools cyber attackers use to attack cloud and traditional IT systems. This...
Organizations from small to large are increasingly adopting cloud solutions to deliver essential business services at a much lower cost. According to cyber security experts, the frequency and severity of cyber-attacks are on the rise, causing alarm to businesses and customers across a ...
Cloud security is at the top of every CIO’s list. It is also the first subject that comes up when you engage in a discussion about the cloud. For those of us who followed the recent Ashley Madison story (from a tech perspective), you would agree that while the breach happened for so ma...
In 2011, then United States CIO Vivek Kundra released the US Federal Cloud Computing Strategy [1]. In the executive summary he pointed to cloud computing as a key component of the US Federal Government’s information technology modernization efforts: “Cloud computing has the potential ...
Disaster Recovery isn’t a new concept for IT folks. We’ve been backing up data for years to offsite locations, and used in-house data duplication in order to prevent the risks of losing data stores. But now that cloud adoption has increased, there have been some shifts in how tradition...
There’s really an unlimited number of ways in which programmability in the network (data path scripting) can solve problems, address risk, and simplify architectures. In the area of DevOps it can be used to facilitate continuous delivery (CD) initiatives by supporting the implementatio...
In 2011 the US Federal Government issued a Cloud First policy mandating that agencies take full advantage of cloud computing benefits to maximize capacity utilization, improve IT flexibility and responsiveness, and minimize cost. Cloud computing is a design style that allows for effici...
After the deluge of data breaches in 2014 and more emerging every day, security is without a doubt a top strategic initiative for just about every enterprise in 2015. Along with top-notch security, it is imperative for organizations – particularly cloud-driven ones – to also have leadi...
Ski helmets, seat belts, and encryption. What comes to your mind when you read these words? You may immediately think “safety,” and you’d be right, but how about “speed enablers”? At first blush, that may not be the first concept that comes to mind, but there’s a pretty compelling c...
Many organizations’ virtualization strategies begin and end with deploying VMware vSphere or Microsoft Hyper-V to virtualize as many servers as possible. But there’s so much more that an enterprise can do to extend the benefits of virtualization. In addition to virtualizing, a workflow...
One of the first considerations that IT managers struggle with is how to handle security and compliance. Both security and compliance are aspects of a larger, more strategic concern: governance. Governance essentially represents a set of processes for creating, communicating, and enfor...
It seems like every time I write a blog, a new breach has occurred (for an up-to-date look at local, state and federal breaches I suggest you periodically review the Identity Theft Resource Center’s running list). Since I last penned a post, we’ve seen breaches of the Mayo Clinic, Citi...
Most home security systems have a panic button - if you hear something go bump in the night you can push a panic button to starts the sirens wailing, call the cops and hopefully sends the bad guys scurrying. As useful as this is for home owners, enterprises need a security panic button...
Picking up a newspaper and turning on the TV, one is instantly confronted with news of yet another cyber hack. With cyber attacks headlining the news, millions of people are concerned with whether their personal information has been breached. These attacks are becoming more and more so...
Recent unauthorized access to a U.S. government database led to thecompromise of information on at least 21.5 million individuals. This massive background investigation data breach also compromised usernames, passwords, mental health records and financial information. Although a securi...
RackWare and WSM International have announced an agreement that brings together RackWare automated cloud management software and WSM migration services specialists to assist customers with transitioning workloads to public cloud computing resources. WSM is now a certified RackWare Par...
Do the ‘darker’ channels and means that exist for searching the web in anonymity ultimately spell doom for the wider march towards open data? So-called ‘open data’ is supposed to be an instrument for breaking down information gaps across industries and letting companies share benchmar...
SYS-CON Events announced today that Logz.io has been named a “Bronze Sponsor” of SYS-CON's @DevOpsSummit Silicon Valley, which will take place November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Logz.io provides open-source software ELK turned into a log analy...
It's been three years since I compared medieval security to web security, and a few things have happened. Mobile and wireless have evolved as the dominant platforms, while the life between personal computing and business computing has continued to fray. And, of course, thanks to web se...
The cyber security, resiliency and accountability of IT systems at financial services organizations is rarely out of national headlines. Firms that operate in the financial space hold extremely sensitive data, so therefore attackers usually consider the effort and risk of attacking th...
The Federal Government’s “Cloud First” policy mandates that agencies take full advantage of cloud computing benefits to maximize capacity utilization, improve IT flexibility and responsiveness, and minimize cost. The Federal Risk and Authorization Management Program (FedRAMP) is a mand...
I spent a few days in New York City last week attending a couple of meetups, including speaking at a New York City Web Performance Meetup on Thursday night. I had several great conversations around real user monitoring, data science and analytics, and, of course, testing in production ...
A recent purchase of mine was a 2015 Jeep. Until now, I thought it was a safe and reliable car, but that is not the case anymore. As technology advances and cars become smarter and more technologically savvy, they become another target for hackers. Imagine speeding down the highway,...
Access is everything. It is the fundamental pillar that determines whether critical enterprise assets are safe or exposed. Knowing the answers to the questions of who is accessing what, where they are accessing that information from, why they are accessing that information and, finally...