Operations | Monitoring | ITSM | DevOps | Cloud

You’ve secured your cloud identities. You’ve hardened your cloud security posture. You’ve configured strong cloud access controls. But there’s still one more thing you need in order to secure your cloud environment: a cloud workload protection platform, or CWPP. Cloud workload protection platforms secure the workloads that run on your cloud — which are distinct from the infrastructure, user identities and configurations that form the foundation of your cloud environment.

As digital transformation accelerates and more organizations use software solutions to facilitate work operations, security threats have become more commonplace. Cybercriminals tirelessly develop ways to exploit software application vulnerabilities to target organizational networks. A notable example is the 2017 Equifax data breach, which exposed the personal details of 145 million Americans.

The rolling thunder of cybersecurity warnings has built to a crescendo this year. According to HelpNetSecurity, cybercriminals launched over 9.75 million DDoS attacks in 2022. The Cloudflare Attack Trends 2022 Q1 Report published yesterday shows an alarming increase in application-layer DDoS attacks. And our own Doug Madory has been sharing analysis on the impact of cyberattacks, too.

As an IT operations manager, you spend a lot of your time mitigating service outages and service level risks. You worked diligently to get the right people, products, processes, and partners in place to meet your goals. You managed to ensure continued uptime. You’ve reduced the number of tickets and the cost per ticket. And for your efforts, you’re rewarded with managing your company’s cybersecurity program. The problem? You’re not a security specialist.

Technologies exist to limit and spot the number of phishing emails that come into your business. Still, humans are the last line of defense against social engineering attacks like this at the end of the day. At some point, you're going to "be beat" as an employer or MSP. Instead of locking everything down and slowing business communications, staff from the c-suite on down need to be equipped to identify phishing emails, so the worst happens in a training environment and not the real thing.

Good security may come from strong defenses, but strong security comes from a good offense. This is especially true for network security, where minutes can make the difference between a breach and a near miss. For example, if an unknown IP address triggers an alert for suspicious or abusive behavior, the faster you can isolate and block that address, the less likely it is that the person or entity at the other end can do damage.

Data masking is a technique of hiding sensitive data from certain users who should not be able to view or access the actual values. This post will look at the reasons why you might choose to implement data masking and discuss both dynamic and static data masking techniques, and when it is appropriate to use each of these.

Over the past few weeks, we’ve all been paying very close attention to the events unfolding in eastern Europe. As an individual, it’s heartbreaking to see a war break out and the impact it’s having across the region. We know that cyberattacks are now a part of war. We also know cyberattacks can be targeted, but also have the potential for unintended consequences and increased impact as they can spread outside of the initial target.