Evolving your security operations strategy to fit the cloud

By Oliver Pinson-Roxburgh, Alert Logic

The decision to move to the cloud may seem an obvious one. It’s faster, more scalable, and more agile. However, security remains a concern, and rightly so. The foundational infrastructure delivered by cloud providers is secure, but guaranteeing the protection of the applications, workloads, and data you run on top of it is your responsibility—and it isn’t one to be taken lightly.

A traditional on-premises security operations strategy simply won’t cut it anymore. In its place, you need a cloud-specific security strategy to protect your critical data from an ever-growing variety of advanced threats. Outlined in this article are four elements for any security official to consider when making the jump to a cloud system. Continue reading

Advertisements

Why are public WiFi networks insecure?

Public WiFi network

If you follow tech and cybersecurity news, this is something that you see a lot: Public WiFi networks, the free wireless networks found at hotels, airports and cafes, are unsafe and can cut you some major cyberslack.

As is the case with most threats, when something is publicized a lot, people tend to become less sensible and ignore it. It becomes common belief that the danger will mostly apply to other people and not me. (This is one of the weirdest aspects of human nature, finding one’s security in the insecurity of others.) Continue reading

This is how you encrypt your entire life

encryption

Man in the middle attacks. Social engineering. Large scale data breaches. Government surveillance. Device theft. Those are just some of the threats standing in your way as you try to carry on a safe digital life.

APTs. Three letter agencies. Script kiddies. State-sponsored hackers. Cybercrime rings. Data-hungry corporations. Jealous coworkers. Disgruntled employees.

And those are just some of the sources that those threats might come from.

The point is, as more of our lives become digitized and stored on computers and online servers, our data becomes more valuable and makes us more vulnerable to cyberattacks. Continue reading

How to protect yourself against WhatsApp’s non-present backdoor

Secure messaging app

In a controversial Friday 13th scoop, The Guardian unveiled a backdoor in WhatsApp, the popular messaging app owned by Facebook that has over 1 billion users and touts having unbreakable security.

Within a few hours of the Guardian report, the claim was debunked by other outlets, including this detailed piece in Gizmodo. While it is now clear that the backdoor is actually not a backdoor but a natural functionality of the messaging app, here’s what you need to know and what you can do to protect yourself from potential security mishaps. Continue reading

How to secure your smarthome gadgets

smarthome nest thermostat

The holiday season is a big time for consumer electronics and smarthome gadget sales. With so many advances and innovations that we saw in the Internet of Things in 2016, there’s a likely chance that one of those connected devices has found its way into your home, or that of one of your loved ones, this Christmas.

But while IoT devices make our homes more efficient, drive energy saving and reduce costs, you should also take note that IoT devices are a source of security headaches. A huge number of smarthome gadgets are developed without sound development practices and end up being used for evil purposes. Continue reading

How PGP can protect you against email surveillance

5383764072_ab6784e586_o

News broke last week that Yahoo has allowed intelligence agencies to scan user emails. This comes at a very bad time for Yahoo, right on the heels of its 500 million user account data breach—made public earlier this month—and while the company is trying to be acquired Verizon for the meager price of $4.8 billion.

Other tech giants immediately denied having had similar cooperation with government agencies in the wake of the Yahoo leak, though they all have a track record of wholesaling their data to government agencies under the NSA’s PRISM program. Continue reading