Cisco News

7 Questions about the Firewall: A Chat with Cisco featuring Gartner

The firewall remains the front line of cyber-defense for most organizations. The firewall protects an organization’s network, and that function isn’t going away anytime soon. Remember when people used to say, “the firewall is dead”? The numbers tell a different story. Gartner forecasts that this
/
MIT tech review

A new deepfake detection tool should keep world leaders safe—for now

Donald Trump, Elizabeth Warren, and other presidential hopefuls will be protected against AI doppelgängers thanks to a technique that looks at how they move. An AI-produced video could show Donald Trump saying or doing something extremely outrageous and inflammatory. It would be only too believable,
/

Cloud Security Practitioners And Auditors

Today we have seen relatively few data breaches in the cloud despite its growing use for mission-critical workloads. However, as cloud increasingly becomes the backend for our mobile devices, for the Internet of Things (IoT) and for other daily life functions, we can safely predict that hackers will set their sights on such troves of personal data.

This year’s data breaches have been characterized by massive exposures of personal information and identities. With the Internet of Things’ devices introducing streams of data that are far more personal and intimate than the current digital economy and those streams providing increased pathways to the cloud, it makes cloud an increasingly attractive target for data breaches.

Have We Become Too Trusting Of The Cloud?

Though cloud is recognized as a different paradigm to en premise security, it seems that many of the same security standards and frameworks still apply. Auditing practices and toolsets in the cloud are still immature compared to their enterprise counterparts and lack of visibility across the entire stack is still a challenge for most cloud consuming organizations. Additionally, the “castles in the cloud” syndrome still applies with many cloud providers taking the approach of fortifying their environment but not focusing on the different types of data being transacted on or traveling to and from their clouds.

Compliance Does Not Necessarily Equal Trustworthiness

Many of the standards and regulations that today’s cloud providers and cloud consuming organization have to abide by are largely focused on assessing capabilities to process and store information – they don’t guarantee the safety or trustworthiness of your data in the cloud. Trust is the key factor! Just as warning labels don’t’ make you safer – for example, you could still get hurt even though your car may come with warnings for seat belt usage – compliance certification doesn’t protect your data. Compliance and certification implies that the provider, the consumer or both have a well-controlled environment. The focus should be much more on the data, its access and its usage.

Focusing On What Really Matters To Build Consumer Trust

 

Cloud providers and cloud consuming organizations have the opportunity to put in place stronger data protection measures that align to today’s business and personal usage contexts. Security practitioners and auditors need to be able to talk about data protection in business consumable terms so that developers and business leaders can understand which types of data they need to especially focus protection measures on. It’s this rather than having a secure and compliant infrastructure that will help retain consumer trust in the long term and potentially help mitigate data breaches in the future.

Data classification schemes are going to have to be based on a variety of contextual measures and on different levels of personal and privacy-related data given our highly digitized personal and business futures. There won’t be any one scheme that will apply universally and it will need an industry-wide approach to ensure a cohesive strategy. If we don’t start focusing in this direction now, we will face even more egregious data exposures in the not so far future.

By Evelyn de Souza

Evelyn de Souza

Evelyn de Souza focuses on developing industry blueprints that accelerate secure cloud adoption for business as well as everyday living. She currently serves as the Chair of the newly formed Cloud Security Alliance (CSA) data governance and privacy working group. Evelyn was named to CloudNOW's Top 10 Women in Cloud Computing for 2014 and SVBJ’s 100 Women of Influence for 2015. Evelyn is the co-creator of Cloud Data Protection Cert, the industry's first blueprint for making data protection "business-consumable” and is currently working on a data protection heatmap that attempts to streamline the data privacy landscape.

Bryan Doerr

Cyber-Threats and the Need for Secure Industrial Control Systems

Secure Industrial Control Systems (ICS) Industrial Control Systems (ICS) tend to be “out of sight, out of mind.” These systems ...
My Fascination with Amazon Go

My Fascination with Amazon Go

Amazon Go Recently, Amazon unveiled the world’s first completely self-service, no checkout, grocery store — and it’s really captured the public’s imagination. Lines ...
SolarWinds Survey Showcases the DevOps Disconnect

SolarWinds Survey Showcases the DevOps Disconnect

Survey Showcases the DevOps Disconnect The increasingly distributed nature of today’s tech environments has amplified the demand for DevOps practitioners ...
Ronald van Loon

What Skills Do I Need to Become a Data Scientist?

Becoming a Data Scientist Leveraging the use of big data, as an insight-generating engine, has driven the demand for data ...
IBM News

IBM to win unconditional EU okay for $34 billion Red Hat deal: sources

/
BRUSSELS (Reuters) - U.S. tech giant International Business Machines Corp is set to secure unconditional EU approval for its $34 billion bid for software company Red Hat, people familiar with ...
Tech Crunch

Three years after moving off AWS, Dropbox infrastructure continues to evolve

/
Conventional wisdom would suggest that you close your data centers and move to the cloud, not the other way around, but in 2016 Dropbox undertook the opposite journey. It (mostly) ended its ...
Tech Crunch

Libra currently looks more like a fiat currency than a cryptocurrency

/
Facebook unveiled a cryptocurrency called Libra yesterday as well as the Libra Association, a not-for-profit that will oversee all things Libra. While Libra’s white paper draws a lot of inspiration from other cryptocurrencies, the current ...