A couple of weeks ago, we posted a survey so people could evaluate their cybersecurity savvy.
And the results are . . .
Well, let’s just say that most of us could brush up our security smarts.
Instead of reviewing the entire survey here, we’re going to focus on three of the questions where most of us were off the mark — and then, if you want, you can take (retake) the quiz to see how well you do. Read more “This may be the scariest thing you read today . . .”
Cybersecurity Awareness Month may be coming to a close, but we have already set our eyes on the future. The question is: How can we stay “security aware” year round and, more importantly, translate this awareness into actions that will help keep our companies secure?
Cybersecurity has never been more important than in the past few years. It seems that every week, a major new breach hits the news headlines, leaving every company more and more worried about whether they’re next. This month — National Cybersecurity Awareness Month — has been a great reminder to verify whether your security protocols and practices are up-to-date and effective. But with the state of things today, you can’t afford to stop there.
We believe that done right, security is a 24/365 operation. If you’ve been following our blog, you’ve learned that there are many ways to streamline and automate security so it doesn’t require an army to maintain.
In this post, we’re wrapping up our best pieces of advice for you so that every month going forward can be cybersecurity month at your company. Read more “Looking Back on Cybersecurity Awareness Month and a 365 Day Outlook”
It is very clear by now that the cloud has reached an inflection point. Public cloud investment continues its rapid expansion, driven in large part by business imperatives for speed and scale. Gartner projects 18% cloud growth in 2017, with an increase of 36.8% for IaaS. So, the odds are your company is running at least some of its infrastructure in the public cloud.
Of course, no matter how many benefits it offers, it is often not possible for organizations to make a clean leap to the cloud. Many find themselves with infrastructures that include cloud, multi-cloud, hybrid, on-premise, and containerized environments. So what do you need to do to protect these complex structures?
We recently conducted a survey with ESG Strategy Group (Threat Stack Cloud Security Report 2017: Security at Speed & Scale) to learn more about the realities of hybrid environments today. Below are some of our findings as well as recommendations on how to secure your environment, no matter what it consists of. Read more “Hybrid Security: How to Protect a Complex Environment”
Public cloud investment is expanding rapidly in 2017, with Gartner projecting 18% growth over the course of this year, including 36.8% growth for the SaaS market alone. We recently conducted a survey with ESG Strategy Group (Threat Stack Cloud Security Report 2017: Security at Speed & Scale) to find out what the business drivers are behind this growth. This is what we learned. Read more “What’s Driving Cloud Security Investment Today? Learnings From Our Survey”
Recognizing that the financial services industry is a significant target of cybersecurity threats, the New York State Department of Financial Services (NYDFS) recently promulgated Cybersecurity Requirements for Financial Service Companies (23 NYCRR 500).
If 23 NYCRR 500 applies to your organization, you will need to familiarize yourself with all the details, but in the meantime, here is a summary of the 6 key things every financial institution needs to know about this set of regulations. Read more “New York State Cybersecurity Requirements for Financial Services Companies — 6 Things You Should Know”
Containers are a big topic of conversation right now — and for good reason. They represent a powerful and transformative shift toward infrastructure that can enable flexibility and rapid development unlike anything we’ve seen before. However, as containers continue to proliferate, so do the security and compliance issues that surround them. Many in the market do not fully understand these concerns or how to address them. Our recent report with ESG Strategy Group (Threat Stack Cloud Security Report 2017: Security at Speed & Scale) bore this out.
Containers cannot solve every development or infrastructure problem; they are not the panacea that many believe them to be. But they do offer new opportunities that, when used properly, can move your organization forward. Read more “The State of Container Security: What We Learned From Our Survey”
We recently conducted a survey with Enterprise Strategy Group (ESG) to gather data about the state of cloud security today. As they say, numbers don’t lie, and we wanted to know what the numbers say about how well organizations today are progressing toward a more secure future.
Many of the findings were positive, but we also discovered some critical gaps that need to be filled. The survey clarified what we already suspected: As companies invest in additional cloud environments, the associated complexity can lead to significant security lapses. Below, we’ll explain what these cloud security gaps are and what can be done to bridge them. Read more “Cloud Security: Common Gaps & How to Bridge Them”
Every year around this time, Threat Stack looks forward to taking part in TUGG’s (Technology Underwriting Greater Good) ‘Tech Gives Back’ day.
Each TUGG event finds us doing something fun, different, and valuable for the community. This year we had the honor of hosting a class of grade 6 students for a fun Guppy Tank event. Yes, it’s what it sounds like… shark tank, for the littles, but with a serious business attitude. Read more “Meet the TUGG’s Guppy Tank: HiTech, the Next Generation”
Security is a big concern for organizations of pretty much every size and shape. Once you have organization-wide agreement that security is a priority (for most companies today, this is a no-brainer), it’s time to get to work.
So where do you start? Of course, you’ll need an individual or an interdisciplinary group to lead your security initiatives, but beyond that, it’s a matter of focusing on the right things at the right time to get your security program up and running as quickly and as smoothly as possible. Getting it done right should always be an objective, and getting it done quickly is also highly desirable — especially if you have a legal or customer requirement to become more secure.
In our latest webinar, “Automating Security and Compliance for Your Cloud Deployment,” Chris Gervais, Threat Stack’s VP of Engineering, and Katie Paugh, G2 Technology Group’s Security Architect discussed a simple workflow that every company can follow to successfully implement an effective security plan. Watch the full recording or read the main points below. Read more “A Straightforward Workflow to Define Your Cloud Security Strategy”
Five years is a blink of the eye in time, but in technology, a lot can happen. This year, we’re celebrating the fifth year of the Threat Stack blog. We’ve been digging around our archives and analyzing the metrics to see what’s changed in the market since our inception, how our own product has evolved, and what topics are still tried and true.
Some things changed, and some stayed the same. Most interesting, we saw five of our personal favorite topics rise to the top in terms of article popularity. Some written several years ago, some written this year, they’re indicative of how the market is shifting and what companies are focused on today.
Without further ado, here are the four most-read articles of all time on our blog, and if you haven’t read them, data says you should. Read more “5 Years in Review: 4 Can’t-Miss Posts From Our Archive of 450+”