Blog

It’s not enough just to rely on security certifications of cloud services providers, because that doesn’t protect you against the things people do. Vulnerabilities are driven by discrepancies. The gap between the designed intent and the actual state is your...

Conduct a ‘third-party homologation’’ process that all providers and vendors must pass. They must specify the security measures they will implement to protect your information. Consider implementing an awareness program that teaches digital natives how to better...

Micro-segmentation simplifies the use of modular access controls and auto-provisioning to more easily manage security needs of many different customers, partners and assets. With micro-segmentation, you can overlay specific controls for vulnerability scanning and...

While the cloud offers many benefits, businesses face challenges in securely managing and obtaining visibility into their assets. Organizations that adopt a hybrid approach to keep their most valuable assets on premises will need to seamlessly protect assets across...

Moving to the cloud doesn’t change what you need to secure, but it completely changes how you manage security and risk. Successfully sharing responsibility for IT security and risk management means clearly understanding where your vendor’s capabilities and...

With business groups launching and using cloud-based services, IT is no longer the gating factor for IT infrastructure. Risks change, but whether it’s in the cloud or on premises, you still have to encrypt data, only give access to those who need it, and make sure...

Modern assets are forcing a new way of approaching security, whereby everyone in the organization must take security seriously and understand the potential consequences of even the simplest action. Security teams are no longer the gating factor they once were....

Authentication is often key to protecting modern assets, regardless of the type of attack. It is important to make your attack surface as small as possible—that is, to take a close look at what you have in place and disable what you don’t need. “Some companies are...

Maintaining high-level security across all assets is a resource drain in large enterprises. Security leaders need to analyze cyber exposure so they can segment risk based on asset criticality and vulnerability. The shortage of security talent in this new world of...

The essential problems of risk management do not change. The key is expanding these methodologies to cover the new and changing IT landscape. Consolidating security functions into higher-power solutions enables greater flexibility and a deeper inspection of network...