IAM provides the granularity organizations need to secure their cloud workloads, but only if it's properly implemented. Refrain from making these common IAM mistakes
"Public cloud resources can be extremely secure when permissions are configured properly, but doing so requires careful consideration and forethought. Mistakes could expose sensitive workloads and data, placing a business at risk.
Cloud security revolves around the notion of permissions -- the mechanisms used to assign granular approval to entities that access cloud resources. These entities can include users, customers, partners, services and applications. Permissions are typically assigned and managed through vital cloud services such as AWS Identity and Access Management (IAM), Microsoft Azure Active Directory and Google IAM..."
Looking specifically at the most critical vulnerabilities, the average timeline to patch is 16 days
"Despite a 24% average increase in annual spending on prevention, detection and remediation in 2019 compared with 2018, patching is delayed an average of 12 days due to data silos and poor organizational coordination, ServiceNow study finds.
At the same time, the risk is increasing. According to the findings, there was a 17% increase in cyberattacks over the past year, and 60% of breaches were linked to a vulnerability where a patch was available, but not applied..."
Cyberattacks are rapidly evolving - with plenty of scary cybercrime tricks to watch out for as we near the end of 2019
"The success of WannaCry, NotPetya, GandCrab and others have inspired a new generation of hackers looking for a quick lucrative score.
While it's impossible to predict the next attack scheme and whether you'll be a target, Cybersecurity Awareness Month is a perfect time to review the threat landscape and make sure defenses are ready for the challenge.
Here's a list of the top threats that all organizations should be prepared to defend against in 2019 and beyond..."
This year's biggest and scariest security incidents, data breaches, and vulnerabilities
"Yes, this is one of those end-of-year summaries. And it's a long one, since 2019 has been a disaster in terms of cyber-security news, with one or more major stories breaking on a weekly basis.
Below is a summary for the past 10 months of security disasters, organized by month..."
See all Archived IT - Security articles
See all articles from this issue