Blog
Security for Operational Technology Environments
by John Tolbert
Operational Technology (OT) systems encompass Industrial Control Systems (ICS), Critical Infrastructure Systems (CIS), and Industrial Internet of Things (IIoT). OT environments face threats similar to those that traditional enterprise IT systems do, as well as threats unique to each type and implementation.  ICS environments are those found in manufacturing facilities and warehouses, and may involve dedicated Human-to-Machine Interfaces (HMIs), Programmable Logic Controllers (PLCs), sensors, valves, actuators, etc. Critical Infrastructure includes regional and municipal power...
Navigator
DREAM: A New Entitlement Management Model for Modern IT 
by Warwick Ashford
There is no denying that modern IT environments are complex and are becoming even more so every day. Most organizations have a mix of on-prem and cloud-based applications in multiple clouds, as well as Edge computing systems. The challenge of managing infrastructure to keep pace with proliferation of entitlements across these complex and dynamic infrastructure is exacerbated by the increasing use of agile development and DevOps tools. Traditional access management platforms such as IGA, IAM and PAM are not able to meet the demands of modern enterprises because of the dynamic, agile,...
Blog
You Cannot Buy Zero Trust, But That’s Actually OK
by Alexei Balaganski
Zero Trust is undoubtedly one of the hottest buzzwords in the IT industry. The idea that just by following a set of simple principles an organization can dramatically reduce the complexity of its IT infrastructure and significantly improve its security posture and resilience to cyberattacks is, of course, extremely appealing to everyone. Unfortunately, even the companies highly motivated to adopt Zero Trust as their new strategy are often struggling even with the initial steps. If KuppingerCole analysts got a dollar every time we had to tell someone: “sorry, but you cannot buy...
Navigator
NIS2 Directive: Who, What, and How?
by Warwick Ashford
In the wake of increased cyber-attacks on national critical infrastructure, authorities around the world are imposing stricter requirements on organizations that their populations rely on for a wide range of essential services, which includes a wide and growing number of private companies that should be preparing now to meet their new obligations. Notably the EU issued the Network and Information Systems (NIS) Directive in 2016 and the US saw the introduction of Executive Order 14028  on Improving the Nation's Cybersecurity in 2021. But European authorities are now seeking to go...
Blog
How Does Using Cloud Services Alter Risk
by Mike Small
I am often asked “does using a cloud service alter risk?” I always reply to this question with “well it depends”. Every organization has its own set of circumstances, and the answer needs to take these into account. It is also important to think about how the responsibility for security is shared between the service provider and the customer. This blog outlines the core business risks and what organizations need to consider. Business Risks While much discussion focusses on the technical risks, at the business level there are three distinct cyber risks, and...
Blog
Layoffs at Technology Firms: An Indicator of a Busting Bubble?
by Marina Iantorno
Undoubtedly, many technology companies enjoyed an outstanding success during and after the COVID-19 outbreak. Businesses changed in several fields and we saw situations that we would have rarely expected before: switching to online shopping, online education, remote working, minimizing trips and avoiding human contact, just to mention a few. Lockdown forced humanity to look for a shelter against the confinement, and people found it in technology, which became the main protagonist in our everyday life. This scenario made companies like Zoom, Google, Apple, Meta, and others grow explosively....
Navigator
Customer Data Platforms Key to Seamless Omni-Channel Experiences
by Roland Bühler
The digital era has ushered in an exciting new chapter in consumer experiences, but it can be challenging for organizations to deliver the seamless customer journey across various analog and digital touchpoint that consumers now expect. To remain competitive, organizations are seeking to engage customers with highly personalized marketing messages and recommendations, and to provide the right information at the right time. However, many organizations struggle to do this because customer information is often distributed across several different departments in databases that are often...
Blog
Human Factor in Cybersecurity: The Weakest Link?
by Alejandro Leal
The Human Factor Cybercriminals often exploit our human vulnerabilities and psychological elements to steal credentials and gain unauthorized access. Since phishing and social engineering attacks are primarily targeted at people, the human factor continues to be an important element CISOs need to consider in order to protect their organizations from cyber-attacks. Most data breaches are caused by human error, negligence, or lack of awareness, for example, by simply clicking the wrong link. So, it is common for employees to increase their digital footprint without being aware of the...
Blog
Finally, the Multi-cloud We’ve Been Waiting For
by Alexei Balaganski
“Multi-cloud” is a tricky term. At its face value, it simply means that your organization is using cloud services from more than one provider, right? But if it’s that trivial, why are so many people talking about “multi-cloud strategies” and why do entire market segments exist only to make managing your multi-cloud deployments slightly less unbearable? According to Flexera , over 90% of organizations have a multi-cloud strategy, and on average, a business is using the services of 2.6 public cloud providers. But of course, the number alone is not what...
Navigator
Getting to Grips with Zero Trust Network Access Solutions
by Warwick Ashford
A Zero Trust approach to cyber security is a concept that has been around for decades, but thanks to advances in technology and the need to adapt cyber security capabilities to support secure hybrid working models and ways of doing business in the digital era, it has never been more relevant. As businesses embrace Digital Transformation and become increasingly cloud-native, mobile, and interconnected, the corporate network perimeter is gradually disappearing, exposing users to malware, ransomware, and other cyber threats. Traditional perimeter security tools no longer provide adequate...
Previous
3 4 5 6 7 8 9 Next