Blog Categories Application Security Cloud Security Compliance Container Security & Orchestration DevSecOps General Professional Development SOC Threat Intel Threat Stack General 2 Min Read The Weekly Security and DevOps News Brief The Threat Stack Team January 29, 2016 A lot happened in the world of security and DevOps this week. Here are the top posts we saw: Cloud security culture a building block for today’s businesses Jason Sparapani wrote a piece in SearchCIO about cloud security for today’s businesses, and called attention to a new report saying that as organizations today move more data to the cloud it’s important to cultivate a cloud security culture and enlist a CISO. In order to mitigate risk, security practices need to be communicated throughout an organization and embedded into the organizational structure. Read the full piece. Understanding the three variants of cloud security Security is still a thorn in the side of cloud computing, according to an article by Chloe Green in Information Age. Despite the ability of the cloud to inspire new ways of thinking – free of the limitations of infrastructure, scaling or logistics – a recent survey found that an overwhelming 90 percent of organizations are still concerned about cloud security. However, as Ms. Green noted, most of these concerns are just an unrealized opportunity. Read the full piece. 5 tips for securing your AWS cloud Brandon Butler addressed Amazon Web Services (AWS) security best practices, in a piece published in Network World. According to the article, AWS released a white paper outlining best practices for using its cloud. Tips included: apply security layers, enable traceability, and enforce privilege management. Read the full piece. Amazon, IBM, HPE: Government Cloud Security Process Broken An industry group representing Amazon, IBM, HPE, and other companies, as well as some federal agencies and lawmakers, is calling on the government to fix its process for certifying government cloud service providers as fit for serving the federal government, reported an article in Data Center Knowledge. Read the full piece. DoD’s Interim Rule Seeks to Extend Contractors’ Compliance With NIST Cloud Security Requirements According to an article in Executive Gov, the Defense Department released a draft regulation that seeks to amend the Defense Federal Acquisition Regulation Supplement in an effort to provide additional time for contractors to comply with the National Institute of Standards and Technology’s security requirements for cloud services. Read the full piece. What interesting security and DevOps news did you read out there this week? Let us know in the comments. Tags:AWSCloudCloud SecurityGovernmentGovernment ITSecurity Request a Demo Share this Blog