Five years is a blink of the eye in time, but in technology, a lot can happen. This year, we’re celebrating the fifth year of the Threat Stack blog. We’ve been digging around our archives and analyzing the metrics to see what’s changed in the market since our inception, how our own product has evolved, and what topics are still tried and true.
Some things changed, and some stayed the same. Most interesting, we saw five of our personal favorite topics rise to the top in terms of article popularity. Some written several years ago, some written this year, they’re indicative of how the market is shifting and what companies are focused on today.
Without further ado, here are the five most-read articles of all time on our blog, and if you haven’t read them, data says you should. Read more “5 Years in Review: 5 Can’t-Miss Posts From Our Archive of 450+”
Want to take a peek at the World’s Worst Data Breaches? Here you go:
Now that we’ve got that out of the way, let’s start this blog post over again. Our goal isn’t to frighten you or deepen the numbness you might already be feeling from the drip, drip, drip of bad cyber news.
It’s National Cybersecurity Awareness Month (NCSAM), which was launched in October 2004 as a collaboration between the National Cyber Security Alliance (NCSA) and the U.S. Department of Homeland Security with the goal of raising awareness and providing education on cybersecurity issues.
The name is something of a misnomer, however. NCSAM is really designed to do more than make you aware of cyber risks. It’s bigger goal is to arm you with information and tools you can use to strengthen yourself, your social groups, and your businesses against the cyber criminals who prey on us.
In the spirit of NCSAM, we at Threat Stack want to do our part by sharing some of the advice our bloggers have offered on how to take action to protect yourself and your company from cyberattacks. With that in mind, here are summaries of four recent blogs. Read more “How We Can Turn National Cybersecurity Awareness Month Into Cybersecurity Action”
Whether you’re in security, operations, or another related discipline, choosing the right cloud security products can be a complex process. With thousands of options, each with their own nuances, how do you know which tool, or mix of tools, is going to be right for your organization? The following questions are designed to help you identify the solutions that will fit your specific needs and requirements. Use them as you make your decision, and the entire process will be much more seamless. Read more “11 Questions to Ask Before Investing in a Cloud Security Solution”
Cloud technologies and traditional security processes are as bad a match as stripes and polka dots. They simply aren’t built to mix well together. As companies adopt cloud technologies, security teams are scrambling to apply what they know to this new way of doing business. But they’re quickly realizing how different an on-prem mindset is from one that’s geared to the cloud. Namely because, in an on-premise environment, security is based on the perimeter. In the cloud, however, there is no defined perimeter, and a seemingly endless number of endpoints. In the face of this, security needs to shift in a major way.
In this post, we will define six ways you can effectively shift your security paradigm so it’s suited to a cloud-defined world. Read more “6 Ways to Adopt a Cloud-Specific Security Paradigm”
Considering how fast every facet of business is changing today, the job for Security teams has become much more complex — and critical. Not only are there more data and endpoints to protect, but there are also new threats and adversaries to detect.
Since speed and continuous release cycles can be a major competitive advantage for businesses, Security professionals need to identify ways of keeping up. In this post, we’ll cover seven important ways business processes are changing and how security can adapt to support the speed of business. Read more “7 Ways Business Processes Have Changed the Need for Security”
Before I started working at Threat Stack, security was not always at the top of my priority list. Now, as the CFO of a leading cloud security company, I’ve learned to take a more holistic view of security: I still view it as a necessity that ensures the safety of an organization’s data and systems, of course, but I also understand that it can be a powerful business enabler and business driver.
Put another way, I no longer view security as just an expense (a “necessary evil”?), and see it as an investment that adds ongoing value throughout the organization and beyond as it not only provides foundational security, but also bolsters corporate reputation, adds confidence to customer relations, streamlines sales cycles, reassures board members and investors, helps with achieving compliance, and so on.
In spite of the huge value it adds, security can still be something of a hard sell — especially in companies where resources, including budget, are limited. With that in mind, I want to use this post to share some of the things I’ve learned as CFO at Threat Stack. Read more “5 Security Blogs Your CFO Needs to Read”
We believe Threat Stack’s cloud security approach is validated by
inclusion in Gartner’s “Market Guide for Cloud Workload Protection Platforms” Report
Read more “Threat Stack Included in Gartner Market Guide for Cloud Workload Protection Platforms Report”
Post updated by:
Christian Lappin, Threat Stack Senior Security Engineer & David Weinstein, Threat Stack Senior Security Engineer
Four months ago we wrote the following:
The Apache Struts “vulnerability is . . . extra-concerning because exploiting it is trivial. Hackers can easily spot vulnerable systems, the Struts exploits are publicly available, and the attack is easy to carry out and repeat. Attackers need to modify just one line of code to trick servers into downloading malicious binary from the internet.”
We warned about the Apache Struts vulnerability before the massive cyber attack that Equifax Inc. experienced — or at least before Equifax announced the breach to the public. Read more “What You Need to Know About the Apache Struts Vulnerability – Updated”
Your Reference for Selecting a Cloud Security Platform
To help you through the process of matching your organization’s requirements with available security solutions, we’re offering you our free Cloud Infrastructure Security Buyer’s Guide. Read more “New eBook: Cloud Infrastructure Security Buyer’s Guide”
Threat Stack Welcomes New Massachusetts Cybersecurity Growth and Development Center
Last week, during the inaugural Cybersecurity Forum, Massachusetts Governor Charlie Baker announced the brand new, Cybersecurity Growth and Development Center at the Massachusetts Technology Collaborative. The goal of the new public institution is to unite the cybersecurity sector in Massachusetts, while also training new talent — a huge win given the acute skills shortage that exists today. At Threat Stack, we couldn’t be more pleased or supportive. Read more “Massachusetts Takes Leadership Role in Cybersecurity”