Just a couple of days back, media around the world exploded with news of another ransomware attack. Petya, a ransomware wormed its way into information systems in ports, law firms, ad agencies, and supermarkets, besides its favorite victims – firms in the financial and healthcare domains. Its intention, as reported, is to destroy and cause mayhem in the information world bringing businesses to a halt. With systems compromised and data loss, revenue will take a big hit.
It is appropriate to ask now– how did this ransomware attacks computer, and worse, how did it spread? Continue reading
Security concerns form the main reasons for the reluctance among businesses to move to public cloud applications. However, paradoxically, the advanced technologies and protocols that modern cloud service providers offer improved security for the applications. Cloud computing and IT security are often seen as divergent concepts but from a wider perspective, cloud computing technologies actually help propel IT security.
With better encryption, better tools and processes the shortcomings and concerns of cloud computing from a security perspective are being addressed. With cloud architectures that are virtualized and automated, infrastructure administrators now have a greater degree of control over the design and deployment of an infrastructure, with little scope for human error. In addition, the wide availability of security tools with very low upfront costs and the distributed nature and fault-tolerant architecture allows the cloud to offer the best security tools and services. Continue reading
Lord Hewart coined the phrase “Not only must justice be done; it must also be seen to be done” way back in 1923. With a little adaptation, Lord Hewart’s words are as relevant in the corporate data center as they once were in the courtroom. What we end up with is something like “Not only must security controls be implemented; they must also be seen to be implemented.” Continue reading
The cyberattacks that happened between 2014 and 2015 affected many large companies and affected millions of consumers. These crimes happened in a matter of seconds and the high profile information hackers stole were sold in the black market within few days. From eBay, Anthem, Target, J.P.Morgan Chase to Staples, Primera Blue Cross, Sony Pictures, and The Home Depot, every company acquired huge losses and suffered severe reputational damage. The list does not stop here. These are just a few names out of a bunch of other large and small companies that were victims of cybercrimes. Continue reading
The IT security landscape is in flux and, subsequently, it affects how IT security experts function. Keeping data of companies safe is an increasingly uphill task given the growing number and intensity of threats. Configuration Management is an option that has been ignored for long due to its laborious nature. But, in the future, companies may no longer have this choice.
What is it?
Configuration Management (CM) is a systems engineering process for establishing and maintaining consistency of a product’s performance, functional and physical attributes with its requirements, design and operational information throughout its life1. In software engineering, software CM tracks and controls changes in software and included revision control. Continue reading