Articles about Cloud Security

Tornado

This tornado shlurps data, stores for less, CTERA, CTERA

Analysis The Dummies' Guide to Cloud Storage Gateways for Suppliers says: "Cloud Storage Gateways are incoming data tornadoes that will suck up data from your on-premises arrays and splat it down on cheaper competitors' kit or, worse, send it to the public cloud forever." Just kidding. That Dummies' Guide doesn't exist – we invented it …
Chris Mellor, 15 Nov 2016
Suitcase full of money

Akamai rides on the botnet's back to US$584 million quarter

Cloud computing security has driven a 6 per cent year-on-year revenue growth for Akamai, up from $US551 million last year to $584 million for Q3 2016. The company's third quarter financial report shows its performance and security business unit turned in $345 million in revenue, 19 per cent higher than for the same quarter in …

Devs! Here's how to secure your IoT network, in, uh, 75 easy pages

An in-depth security guidance report aimed at Internet of Things developers has been released by the Cloud Security Alliance. Titled Future-proofing the Connected World: 13 steps to developing secure IoT products, the report offers practical and technical guidance to devs trying to secure networks of IoT devices. “An IoT …
Gareth Corfield, 07 Oct 2016
Office 365, photo by dennizn via Shutterstock

Securing Office 365? There's always more you can do

Wherever you look there's yet another SME or enterprise migrating to Office 365. This says a lot for the attractiveness of cloud-based office suites, and perhaps it also says something about the attractiveness of letting someone else look after one's SharePoint and Exchange servers rather than having to fight with their …
Dave Cartwright, 06 Oct 2016

NHS trusts ‘complacent’ on cloud app security risks

Almost half of NHS Trusts make no attempt to monitor cloud app usage, according to the results of a Freedom of Information request. The same FOI by cloud security firm Netskope also revealed that fewer than one-fifth of NHS Trusts have visibility into all cloud app use, leaving sensitive data vulnerable to both risky apps and …
John Leyden, 30 Sep 2016
A partially-eaten langos

Cloudy with a chance of ransomware

Cybercrooks have brewed up a strain of malware that both encrypts and infects files. The Virlock ransomware is dangerous because infected files can be spread through through cloud sync and collaboration applications, putting enterprises particularly at risk of attack. Cloud security firm Netskope warns that the tactic creates …
John Leyden, 30 Sep 2016

How to create a security startup and bag VC millions – step one: Containers, AI or cloud

While venture capitalists have been tightening their belts over the past year, there’s still a lot of love and funding for security startups – especially if you’re working in the right areas. During a panel discussion at the Structure Security conference in San Francisco today, a trio of top VCs identified three key areas …
Iain Thomson, 28 Sep 2016

DDoS attacks: For the hell of it or targeted – how do you see them off?

Distributed Denial of Service (DDoS) attacks can be painful and debilitating. How can you defend against them? Originally, out-of-band or scrubbing-centre DDoS protection was the only show in town, but another approach, inline mitigation, provides a viable and automatic alternative. DDoS attacks can be massive, in some cases …
Danny Bradbury, 22 Sep 2016
Oracle Chair Larry Ellison on stage at OpenWorld 2016

Oracle takes aim at AWS with cheap, fast public and hybrid cloud

Larry Ellison kicked off Oracle's OpenWorld event in San Francisco on Sunday with news of a second-generation infrastructure-as-a-service offering. The IT giant's supremo claimed the IaaS out-performs Amazon Web Services (AWS), undercuts it on price and will also be sold as on-premises kit tied to a subscription. Ellison told …
Simon Sharwood, 19 Sep 2016
Piggy bank, image via Shutterstock

Exploding public cloud just getting bigger, will be worth $200bn in 2016 – Gartner

The global public cloud services market is set to grow by more than 17 per cent in 2016. According to Gartner, cloud services were worth $178bn in 2015. This is set to increase to $208.6bn in 2016, higher than the nominal GDP of Portugal. This growth will be driven by cloud system infrastructure services, which are projected …

A quarter of banks' data breaches are down to lost phones and laptops

One in four breaches (25.3 per cent) in the US financial services sector over recent years were due to lost or stolen devices, according to a new study. Cloud security firm Bitglass further reports that one in five recorded breaches over the last 10 years were the result of hacking. More than 60 financial sector organisations …
John Leyden, 25 Aug 2016
cable

Fake Android update menace

Crooks have begun slinging the prolific Android Marcher malware as a fake smartphone update. A site page serving the malware attempts to scare potential marks by showing that the device is vulnerable to viruses, inviting them to install a "fake" update to prevent future data theft. The tactic represents a change of tack by …
John Leyden, 17 Aug 2016

Asia’s top cloud security conference lands in London

PROMO Working in cyber-security? Come and join the experts at CLOUDSEC 2016 in London on September 6 and explore the key security issues du jour. CLOUDSEC is one of the largest internet security conferences held across Asia Pacific and Europe. These events are vendor-neutral and features presentations by industry experts who will …
David Gordon, 16 Aug 2016
Image by Maksim Kabakouhttp://www.shutterstock.com/pic-362745248/stock-photo-privacy-concept-broken-shield-on-wall-background.html

Microsoft boosts PKI, ISO certs to harden Azure cloud

Microsoft has bumped up security for its Azure cloud platform by adding support for X.509 certificates for device-level authentication, and bagging an ISO integrity ticket. Adding X.509 means Microsoft thinks its cloud will be better at handling internet-of-things traffic to the Azure IoT Hub, according to Azure partner …
Team Register, 04 Aug 2016
Man relaxes, stretches out, outs his feet up on a cloud.... Fun but hammy stock pic. Photo by Shutterstock

Getting comfortable with cloud-based security: Whom to trust to do what

There are some bits of computing that you just don’t want to trust other people with. They’re just too sensitive. But at the same time, there are some things that people can do as well or better than you, for a lower cost. Finding a balance between the two can be tricky, but useful. Take cybersecurity as an example. It’s …
Danny Bradbury, 27 Jul 2016

Exploit kit miscreants rush to plug gap in cyber-crime marketplace

Cybercrooks behind the Sundown Exploit Kit are rapidly updating the hacking tool in a bid to exploit a gap in the market created by the demise of the Angler and Nuclear exploit kits. While RIG and Neutrino have been the primary protagonists in the void left by Angler and Nuclear, Sundown is also vying for an increased share in …
John Leyden, 13 Jul 2016

Biz security deadline knocked back 3 months 'cos Brits ignored it

A deadline for businesses to make sure they were compatible with new payment security measures has been extended after around 1,000 UK companies failed to take the necessary action. These businesses risked being unable to pay staff and suppliers, forcing Bacs Payment Schemes Limited to extend its deadline by three months from …
John Leyden, 15 Jun 2016

Cloud security 101: Get a little more intimate with your provider

You can get many different services in the cloud these days, and cyber security is among them. These days, cloud service providers will take care of everything from email scanning through to watching where your employees surf (and stopping them from going there, if necessary). Most of them claim to do a better job than the …
Danny Bradbury, 16 May 2016
Cloud security image

DNS root zone key boost

The internet's DNS root zone is about to get more secure with the rollout of a 2048-bit zone signing key (ZSK), in place of today's 1024-bit RSA key. The change reflects a gradual increase in the digital security of this critical piece of internet infrastructure. With the recent introduction of DNSSEC, the 1024-bit ZSK now …
Kieren McCarthy, 09 May 2016
Microsoft's Scott Guthrie announces new Azure features at Build 2016

Microsoft explains which cloud security problems are your problem

Microsoft has issued guidelines about Azure security that spell out when a problem is your problem and when a problem is Microsoft's problem. Two documents explain Redmond's approach to problem-solving. The first is called Shared Responsibilities for Cloud Computing (PDF) and explains how Microsoft divides responsibility for …
Simon Sharwood, 15 Apr 2016

Cloud security harder than 'encrypt everything'

Australia's wildly-enthusiastic adoption of cloud computing is providing the rest of the world a crucible in which a host of security challenges can be cultured, according to F5 security researcher David Holmes. Speaking to The Register's networking desk while visiting the antipodes, Holmes said that “Australia is becoming the …
Pennies in a jar. Photo via Shutterstock

Staff 'fury' as penny pinching IBM offers legal minimum redundo payoffs

IBMers at risk of losing their jobs have reacted with “fury” to Big Blue’s confirmation it can only afford to pay the bare statutory minimum in their redundancy packages. Staff at IBM's Global Technology Services (GTS), Global Business Services (GBS) and UK Labs entered into a 45-day consultation period recently. Around 400 …
Paul Kunert, 14 Mar 2016
Rose and Jack drowning scene Titanic. Pic: Fox pictures

Cloud sellers who acted on Heartbleed sink when it comes to DROWN

Response to the critical web-crypto-blasting DROWN vulnerability in SSL/TLS by cloud services has been much slower than the frantic patching witnessed when the Heartbleed vulnerability surfaced two years ago. DROWN (which stands for Decrypting RSA with Obsolete and Weakened eNcryption) is a serious design flaw that affects …
John Leyden, 08 Mar 2016
norse

Securo-bods snigger into sleeves at Norse Corp as conf sponsor

RSA 2016 Judging from comments both public and private, a lot of attendees at this year's RSA 2016 conference were somewhat surprised to pick up badges and lanyards emblazoned with the logo of threat intelligence firm Norse Corp. RSA badge Norse shows it's still out there The firm has had a rocky road over the last few months, …
Iain Thomson, 03 Mar 2016

HTTPS DROWN flaw: Security bods' hearts sink as tatty protocols wash away web crypto

The discovery of a HTTPS encryption vulnerability, dubbed DROWN, again proves that supporting tired old protocols weakens modern crypto systems. DROWN (aka Decrypting RSA with Obsolete and Weakened eNcryption) is a serious design flaw that affects HTTPS websites and other network services that rely on SSL and TLS – which are …
John Leyden, 01 Mar 2016
Paul Winchell and dummy

Cisco leans in close, coughs, whispers: If you want 100GE for 40GE prices, I know a person...

Cisco Partner Summit Cisco has announced new Nexus 9000 and 3000 switches with a theme of 25 and 100 gig Ethernet for 10 and 40 gig prices, calling them cloud-scale products. It's also buying cloud app wrangler startup CliQr. Switchzilla has adding the 9200, 9300 and 9500 models to its 9000 family. The latest gear sports a new ASIC delivering 10/ …
Chris Mellor, 01 Mar 2016

Go full SHA-256 by June or get locked out, say payments bods Bacs

Online businesses in the UK will have to update their systems and adopt SHA-2 before June in order to avoid losing access to vital payment and money transfer services. Failure to change before a 13 June deadline will leave merchants unable to use Bacs Payment Schemes Limited (Bacs) to make salary or supplier payments or to …
John Leyden, 17 Feb 2016
White Hat for Hackers by Zeevveez, Flickr under CC2.0

School network manager wins £10,000 in NCC Group Cyber 10K challenge

The second edition of a business-development focused cyber security challenge, the Cyber 10K, has concluded – with the worthy winner receiving £10,000 to further develop an innovative security dashboard tool. The challenge was run by the information assurance firm NCC Group supported by a judging panel including your …
John Leyden, 11 Feb 2016
Cisco RFGW-1-D Edge QAM

Enterprise network spend hits the brakes – and Cisco's OK with that

The financial market turmoil that's characterized 2016 has led Cisco to set modest expectations for the coming three months. Having said that, the networking giant is pleased with its performance in Q2 of its fiscal 2016, aka the quarter to January 23. Its US$11.8bn second quarter revenue (normalized to exclude the cable …

Dragons and butterflies: The chaos of other people's clouds

Cloud computing was meant to solve the reliability problem, but in practice, it still has a long way to go. Is that an endemic problem with the complexity of cloud computing, or a problem with the way people use it? Cloud infrastructures are meant to be resilient, because they tend to use lots of cheap servers and scale out. …
Danny Bradbury, 05 Feb 2016
The Seeing Eye by Valerie Everett, Flickr, CC2.0

Computer sales not a matter of life and death, they're more important than that

Warmer business sentiments towards Windows 10, Intel’s latest chip architecture and stabilising currencies still won’t translate into swelling PC sales this year. The entrail pokers at Gartner have spoken, and while device shipments are tipped to grow 1.9 per cent in 2016 to 2.44bn units, it won’t be the classic computer that …
Paul Kunert, 20 Jan 2016

Cloud Security Alliance says infosec wonks would pay $1m ransoms

Some companies will pay hackers up to US$1 million in ransoms to claw back stolen data according to a poll by the Cloud Security Alliance. The survey garnered 209 respondents of which half were in IT security and a third from tech with most hailing from companies with up to 1000 staff and a quarter from large enterprises with …
Team Register, 14 Jan 2016

Last call for the NCC Group Cyber 10K challenge

Competition The November 30 deadline for entering NCC Group’s Cyber 10K challenge is coming up fast – so get those entries in now. To recap, the Cyber 10K is designed to encourage students and recent grads to take up careers in IT security. NCC Group challenges entrants to put forward fresh and innovative ideas to help solve cyber security …
David Gordon, 26 Nov 2015

Shocker: Smut-viewing Android apps actually steal your data

A brace of supposed porn apps for Android actually push ransomware or steal personal data from mobile device, cloud security firm Zscaler warns. One strain of Android malware scares the user with a warning screen that falsely accusing them of watching images of child abuse. After installing the app on a device, the user will …
John Leyden, 23 Nov 2015
Broken piggy bank with coins surrounding it. Image via Shutterstock

NCC Group sowing the seeds of disruption in the cyber security industry

Competition It's 2015, the cyber attacks keep on coming, and the bad guys appear to be winning – some may argue this is because devastating data breaches are more newsworthy than businesses upping their security defences. We see a relentless battle between businesses trying to protect themselves and those with malicious intent attacking …
David Gordon, 20 Nov 2015

UK cyber-spy law takes Snowden's revelations of mass surveillance – and sets them in stone

IPB The encryption bothering parts of the UK's Investigatory Powers Bill have left IT security experts flabbergasted. Introducing the draft internet surveillance law in the House of Commons on Wednesday, Home Secretary Theresa May presented it as consolidating and updating existing investigatory powers. She spun it as a break from …
John Leyden, 05 Nov 2015

Cisco takes Security Everywhere™ to throw blanket over shadow IT

Cisco wants you to know it has Security Everywhere™, but that it doesn't mean it is Gossamer Thin. Rather, the messaging from the Borg is that its newly-boosted security suites cover just about everything that needs to be securable. That it says includes the things you don't know you even own, or to use advertising lingo, …
Darren Pauli, 04 Nov 2015
Chef Logo 648p

Chef kicks off London conference with buyout and product releases

Chef served up a surprise acquisition and a flurry of enterprise friendly product releases at its UK summit today. However, the automation developer also yanked a trio of recent builds of its Reporting product. Chef said it had “recently acquired” a German security software outfit, Vulcanosec, which markets a Compliance …
Joe Fay, 03 Nov 2015

Akamai buys out Scottish web security firm Bloxx

Scottish websec firm Bloxx has been acquired by American giants Akamai in a cash deal, for an undisclosed amount, to shore up its cloud security services. Bloxx, established in 1999, had 55 employees spread between its facilities in West Lothian and Massachusetts. There has been no comment regarding restructuring at the …
Oracle OpenWorld cloud

Oracle's Hurd mentality: We (and one other) will own all of cloud by 2025

Two companies will own 80 per cent of the software-as-a-service market by 2025 and one of them will be Oracle, the firm's co-CEO Mark Hurd has predicted. Speaking at his keynote on the second day of Oracle OpenWorld in San Francisco, Hurd said that Oracle has spent the last five years rewriting its code base with the cloud in …
Iain Thomson, 26 Oct 2015

Malware, restoring data: What keeps data center techies up all night

A majority of organizations polled in a data center and cloud security survey are dissatisfied with their malware containment and recovery times. More than half (55 per cent) of survey respondents were dissatisfied with the length of time it takes them to contain and recover from hacker infiltrations and malware infections, …
John Leyden, 15 Oct 2015

DDoS defences spiked by CloudPiercer tool - paper

The real IP addresses of some 70 per cent of websites protected by popular distributed denial of service attack protection providers like CloudFlare, Prolexic and Incapsula can be revealed using a simple web tool built on newly uncovered flaws, according to a recent paper. Sensitive websites admins wishing to protect against …
Darren Pauli, 08 Oct 2015
Bulls_eye_target

Barracuda misses Q2 results target

Cloud security and storage supplier Barracuda recorded growing revenues in its latest quarter, but fell short of expectations and made a loss because of poor sales in Europe and large deal push-outs. However, it announced it was buying a managed service provider software company to grow its market. Revenues for the second …
Chris Mellor, 01 Oct 2015
trolley_shopping_648

Cisco borgs UK infosec bods

Cisco Systems is buying Portcullis Computer Security, a UK-based firm specialising in consulting to enterprise and government clients. Both firms are staying tight-lipped about the value of the deal which is expected to complete early in 2016. When that happens Portcullis employees will become part of the Cisco Security …

IT security spending to hit $75.4bn in 2015 despite currency issues, says Gartner

Worldwide spending on information security will reach $75.4bn in 2015 – an increase of 4.7 per cent over 2014 – despite a currency-driven price hike causing some customers to delay purchases until next year. Government initiatives, increased legislation and high-profile data breaches are the hot topics shaping the latest …
John Leyden, 23 Sep 2015
Sheriff Woody

IBM: Listen up, we're the sheriffs of this leaky external app town

IBM is finally waking up to the potential threat that employees’ Bring Your Own Cloud-based apps pose for corporate enterprises, prompting it to roll out a security service. The Cloud Security Enforcer includes ID management-as-a-service and scans the corporate network to discover external apps that workers are using, then …
Paul Kunert, 22 Sep 2015

Students! Graduates! Win £10,000 with the Cyber 10K challenge

Competition In a bid to help address the cyber skills gap in the UK, NCC Group is calling on Britain’s students and graduates to solve the cyber security challenges both businesses and consumers face today. The winner of the Cyber 10K challenge will receive £10,000 and expert advice from the company to develop their own security solution …
David Gordon, 14 Sep 2015
storage arrays superimposed on cloudy sky

HP overtakes Cisco in cloud infrastructure revenues

HP sells more cloud infrastructure equipment than anyone else, including Cisco, which was shunted into second place for the first time in Q2, 2015. Cisco is unlikely to be too dismayed, as both companies are recording "stellar growth in the burgeoning market", running at some $16bn a quarter and growing 25 per cent year on …
Drew Cullen, 10 Sep 2015
Microsoft monopoly

Microsoft in SaaS-y cloud data security slurp

Microsoft has acquired cloud security outfit Adallom. Adallom was founded in 2012 and follows the “R&D in Israel, sales in Silicon Valley” template for a range of data security products for clouds. The company's wares bring data loss prevention and reporting to cloud storage services, offering users the chance to see just who' …
Simon Sharwood, 09 Sep 2015
£10 notes. Pic: Howard Lake

Show us your security chops with the Cyber 10K challenge

Competition NCC Group has devised a lovely cyber security competition, Cyber 10K, which sees the winning contestant receive £10,000 and expert advice from the company to develop their own security solution.Enter and find out more here. We like the Cyber 10K concept so much that El Reg’s very own John Leyden, who has covered the IT …
David Gordon, 20 Aug 2015