Thursday, July 7, 2022
  • CyRC Vulnerability of the Month: curl
  • 7 Common Internet of Things (IoT) Attacks that Compromise Security
  • CISO Talk Ep 23: The Changing Role of CISOs
  • 5 Website Security Threats and How to Prevent Them
  • Google Cybersecurity Action Team Threat Horizons Report #3 Is Out!

Security Boulevard Logo

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Events
    • Upcoming Events
    • Upcoming Webinars
    • On-Demand Events
    • On-Demand Webinars
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
  • Library
  • Related Sites
    • Techstrong Group
    • Container Journal
    • DevOps.com
    • Security Boulevard
    • Techstrong Research
    • Techstrong TV
    • Devops Chat
    • DevOps Dozen
    • DevOps TV
    • Digital Anarchist
  • Media Kit
  • About Us

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Cloud Security Data Security Security Bloggers Network 

Home » Cybersecurity » Cloud Security » The Sky Is Falling! No Wait, That’s Just Our Data in the Cloud!

SBN

The Sky Is Falling! No Wait, That’s Just Our Data in the Cloud!

by Irfahn Khimji on August 27, 2018

Back in the good old days, we used to have to order physical servers to run our applications. When servers became too expensive, we found efficiency in virtualization. Why have one box running one server when I could have 10 or more on a single box? Who would have thought I could simply push a button and have a server ready in minutes as opposed to weeks?

DevOps Connect:DevSecOps @ RSAC 2022

Well, guess what? It now takes weeks to get a virtual server. Who has time for that? As the information age has evolved, agile development teams can’t wait weeks for a server let alone a virtual server. When peak business times hit and an increase in load is needed, there has to be a better way!

Lo and behold, someone started deploying servers in the cloud. Why should we wait to deploy our own servers when we can simply use a public cloud service? It’s brilliant! There’s no need to go through all the company red tape; it’s so cheap that I can even bill it on my credit card if I have to.

Well, as security professionals, our goal is to protect the organization. So how can we protect the enterprise from the additional risk introduced by these developers? We have regulators to answer to, and we have a security posture to maintain to protect our customers.

Developers? They don’t necessarily care about us. Their goal is to make a product their customers (and actually our customers, as well) like and will use in the quickest amount of time possible. And they’ll be damned if security gets in their way.

So as security professionals, how can we still maintain the security posture of these cloud assets without slowing down the agility of the business?

The dynamic is different in the cloud, but (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Irfahn Khimji. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/cloud/data-in-the-cloud/

August 27, 2018August 28, 2018 Irfahn Khimji Cloud, data, security, tripwire
  • ← The MITRE ATT&CK Framework: Credential Access
  • Voting Security: Suggestions to Protect Our Elections →

TechStrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy
  • This field is for validation purposes and should be left unchanged.

Most Read on the Boulevard

‘ChinaDan’ Hacks 1 BILLION Police Records from Shanghai: 23TB of PII for Sale
Attackers Work Hard to Engineer Trust; SharePoint, OneDrive Accounts at Risk
How Authentication Strengthens Security and UX
AMD Latest Victim of RansomHouse Gang
Defense Vs. Control: The Optimal Approach to Cloud Security
Five Eyes Cyber Security Predictions
Where Next for Quantum Computing and Cybersecurity?
Security BSides Athens 2022 – Kiriaki Solomidou’s, John Torakis’ And George Tsigourakos’ ‘Talk 3 – Tales From The DevSecOps World. SIEM Completely “As Code”‘
The Top 10 SMB cyber security mistakes. Find out how to fix these security risks.
What Makes Elixir and Phoenix a Better Choice in 2022 for Web App Development

Upcoming Webinars

Mon 18

Kubernetes Security

July 18 @ 1:00 pm - 2:00 pm
Tue 19

Finding the Ransomware Threat INSIDE Your Backups

July 19 @ 3:00 pm - 4:00 pm
Mon 25

Identity and Access Management

July 25 @ 1:00 pm - 2:00 pm
Mon 25

Applying the 2022 Open Source Findings to Software Supply Chain Risk Management

July 25 @ 3:00 pm - 4:00 pm
Wed 27

How to Shift Security Left: Best Practices From a Fortune 500 DevSecOps Leader

July 27 @ 1:00 pm - 2:00 pm
Aug 30

CISO Talk Master Class Episode: Catch Lightning in a Bottle – The Essentials: Bringing It All Together

August 30 @ 1:00 pm - 2:00 pm

More Webinars

Download Free eBook

The Dangers of Open Source Software and Best Practices for Securing Code

Industry Spotlight

HIPAA FAIL: ~33% of Hospital Websites Send PII to Facebook
Analytics & Intelligence Application Security Cloud Security Cyberlaw Cybersecurity Data Security Endpoint Featured Governance, Risk & Compliance Identity & Access Incident Response Industry Spotlight Most Read This Week Network Security News Popular Post Security Boulevard (Original) Spotlight Threats & Breaches Vulnerabilities 

HIPAA FAIL: ~33% of Hospital Websites Send PII to Facebook

June 17, 2022 Richi Jennings | Jun 17 0
Cars in the Crosshairs: Automakers, Regulators Take on Cybersecurity
Cybersecurity Governance, Risk & Compliance Industry Spotlight IoT & ICS Security Security Awareness Security Boulevard (Original) Threat Intelligence 

Cars in the Crosshairs: Automakers, Regulators Take on Cybersecurity

May 23, 2022 Mike Hodge | May 23 Comments Off on Cars in the Crosshairs: Automakers, Regulators Take on Cybersecurity
Establishing a Root of Trust in Embedded Linux and IoT
Cybersecurity Endpoint Industry Spotlight IoT & ICS Security Security Boulevard (Original) Vulnerabilities 

Establishing a Root of Trust in Embedded Linux and IoT

April 18, 2022 Anita Buehrle | Apr 18 Comments Off on Establishing a Root of Trust in Embedded Linux and IoT

Top Stories

EBI Files Patent for Blockchain Drive to Thwart Ransomware Attacks
Blockchain Cybersecurity Data Security Endpoint Featured Incident Response Malware News Security Boulevard (Original) Spotlight Threat Intelligence 

EBI Files Patent for Blockchain Drive to Thwart Ransomware Attacks

July 6, 2022 Michael Vizard | Yesterday 0
Palo Alto Networks Issues BRc4 Attack Simulation Tool Warning
Application Security Cybersecurity Endpoint Featured Identity & Access Incident Response Malware Network Security News Security Boulevard (Original) Spotlight Threat Intelligence Vulnerabilities 

Palo Alto Networks Issues BRc4 Attack Simulation Tool Warning

July 6, 2022 Michael Vizard | Yesterday 0
AMD Latest Victim of RansomHouse Gang
Cybersecurity Data Security Endpoint Featured Incident Response Malware News Security Boulevard (Original) Spotlight Threat Intelligence 

AMD Latest Victim of RansomHouse Gang

July 6, 2022 Teri Robinson | Yesterday 0

Security Humor

XKCD 'Mouse Turbines'

XKCD ‘Mouse Turbines’

Security Boulevard Logo White

DMCA

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • DMCA Compliance Statement
  • Privacy Policy

Related Sites

  • Techstrong Group
  • Container Journal
  • DevOps.com
  • Techstrong Research
  • Techstrong TV
  • DevOps Chat
  • DevOps Dozen
  • DevOps TV
  • Digital Anarchist
Powered by Techstrong Group
Copyright © 2022 Techstrong Group Inc. All rights reserved.

DevSecOps Poll

Step 1 of 6

16%
What is the biggest roadblock implementing DevSecOps practices?
What is the earliest stage you identify and remediate security issues?
Developers in your organization currently play an active role in:
Top benefit of embedding security earlier in the dev lifecycle?
Does your dev team have the needed app security resources?
Where are you on your DevSecOps journey?
This field is for validation purposes and should be left unchanged.