Shadow IT has emerged in recent years due to misaligned objectives among teams and the fluid nature of DevOps. We’ve written before that although it may achieve short-term goals for the business units it serves, Shadow IT is detrimental for the long-term stability of organizations, and despite its good intentions, puts companies at greater security risk.
In this post, we’ll explore how development, security, and operations can work together to prevent the need for Shadow IT. Read more “The Hidden Dangers of Shadow IT to Cloud Security”
Las Vegas — Tuesday, November 28, 2017
I’m out in Las Vegas at the AWS re:Invent conference, and it is definitely the best re:Invent I’ve ever attended. Like everything in Vegas, it is larger than life! Read more “Live From AWS re:Invent 2017 — Massive Scale in Real Life”
Your Guide to Intrusion Detection for Modern Infrastructure
Many organizations that need cloud security are laboring behind a cloud of myths — unable to clearly define their requirements and match them to technology solutions and best practices that will enable them to operate securely at speed and scale in the cloud. Our new eBook — Myth Busting Intrusion Detection — is designed to clarify these issues. Read more “New eBook: Myth Busting Intrusion Detection”
This year’s Cyber Security Summit: Boston was a tremendous success. It was rewarding to see so many business leaders, cyber experts, government officials, and thought leaders in one place, all dedicated to advancing the security of our cyber environment.
The event’s mission is to connect C-Suite and Senior Executives responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts.
Parsed out, this meant that the event offered up a lot of valuable insights into the state of cyber security, an exhibit floor filled with leading solution providers demonstrating the latest products and services, and much practical advice on a multitude of security and compliance-related topics.
Threat Stack was honored to be a Gold Sponsor. We were also an exhibitor, and Sam Bisbee, our CSO, was well received for his contribution to one of the main panel discussions.
As usual with these gatherings, there was far too much going on to give a full recap here. However, I do want to focus on some of the highlights from the “Compliance Nightmare” panel, because it reminds us that we should never forget the basics. Read more “Taking Care of Basics — Lessons From the Boston Cyber Security Summit”
Public cloud investment is expanding rapidly in 2017, with Gartner projecting 18% growth over the course of this year, including 36.8% growth for the SaaS market alone. We recently conducted a survey with ESG Strategy Group (Threat Stack Cloud Security Report 2017: Security at Speed & Scale) to find out what the business drivers are behind this growth. This is what we learned. Read more “What’s Driving Cloud Security Investment Today? Learnings From Our Survey”
Containers are a big topic of conversation right now — and for good reason. They represent a powerful and transformative shift toward infrastructure that can enable flexibility and rapid development unlike anything we’ve seen before. However, as containers continue to proliferate, so do the security and compliance issues that surround them. Many in the market do not fully understand these concerns or how to address them. Our recent report with ESG Strategy Group (Threat Stack Cloud Security Report 2017: Security at Speed & Scale) bore this out.
Containers cannot solve every development or infrastructure problem; they are not the panacea that many believe them to be. But they do offer new opportunities that, when used properly, can move your organization forward. Read more “The State of Container Security: What We Learned From Our Survey”
Want to take a peek at the World’s Worst Data Breaches? Here you go:
Now that we’ve got that out of the way, let’s start this blog post over again. Our goal isn’t to frighten you or deepen the numbness you might already be feeling from the drip, drip, drip of bad cyber news.
It’s National Cybersecurity Awareness Month (NCSAM), which was launched in October 2004 as a collaboration between the National Cyber Security Alliance (NCSA) and the U.S. Department of Homeland Security with the goal of raising awareness and providing education on cybersecurity issues.
The name is something of a misnomer, however. NCSAM is really designed to do more than make you aware of cyber risks. It’s bigger goal is to arm you with information and tools you can use to strengthen yourself, your social groups, and your businesses against the cyber criminals who prey on us.
In the spirit of NCSAM, we at Threat Stack want to do our part by sharing some of the advice our bloggers have offered on how to take action to protect yourself and your company from cyberattacks. With that in mind, here are summaries of four recent blogs. Read more “How We Can Turn National Cybersecurity Awareness Month Into Cybersecurity Action”
Whether you’re in security, operations, or another related discipline, choosing the right cloud security products can be a complex process. With thousands of options, each with their own nuances, how do you know which tool, or mix of tools, is going to be right for your organization? The following questions are designed to help you identify the solutions that will fit your specific needs and requirements. Use them as you make your decision, and the entire process will be much more seamless. Read more “11 Questions to Ask Before Investing in a Cloud Security Solution”
Considering how fast every facet of business is changing today, the job for Security teams has become much more complex — and critical. Not only are there more data and endpoints to protect, but there are also new threats and adversaries to detect.
Since speed and continuous release cycles can be a major competitive advantage for businesses, Security professionals need to identify ways of keeping up. In this post, we’ll cover seven important ways business processes are changing and how security can adapt to support the speed of business. Read more “7 Ways Business Processes Have Changed the Need for Security”
We believe Threat Stack’s cloud security approach is validated by
inclusion in Gartner’s “Market Guide for Cloud Workload Protection Platforms” Report
Read more “Threat Stack Included in Gartner Market Guide for Cloud Workload Protection Platforms Report”