March 09, 2023

Understanding Data Security Posture Management for Protecting Cloud Data

To help organizations protect their data from data loss, a new approach emerged in 2022 in the form of data security posture management (DSPM). Today it is proving to be a critical tool for effective data security because of its laser focus on the data layer. DSPM allows organizations to identify all their sensitive data, monitor and identify risks to business-critical data, and remediate and protect that information. To get a better handle on this new approach and what it does, let’s consider what DSPM is not. ... DSPM’s ability to autonomously discover, monitor, and remediate risk creates an effective tool for an organization’s security posture. Beyond that, your DSPM solution of choice needs to operate in a manner that doesn’t require deployment of agents everywhere. Your DSPM should be easy to get up and running and allow you to quickly realize benefits by mining meaningful amounts of data to deliver visibility into what's going on within your environment from a risk perspective. DSPM solutions are proven to deliver accurate results and offer significant ROI for organizations.

Arctic Wolf CEO on Incident Response, M&A, Cyber Insurance

Many organizations struggle with preparing for a security incident even if they have an internal security team and have procured cyber insurance, Schneider says. Businesses often haven't prepared their systems or documented escalation paths or how their environment is set up, which makes it nearly impossible to quickly get information over to an incident response provider in the event of an attack, Schneider says. "The less time that you're spending on compiling information, the more time you're able to spend on remediating the threat and the less time you've taken between an incident occurring and the beginning of a response," Schneider says. Most companies don't know what they need to have documented or prepared in the event of a security incident and therefore end up reaching out to their insurance provider or incident responder while an attack is taking place to see what questions they have, Schneider says. Although the answers to these questions are relatively static, he says it takes a lot of time to gather the information needed to respond

UK government introduces revised data reform bill to Parliament

“Co-designed with business from the start, this new bill ensures that a vitally important data protection regime is tailored to the UK’s own needs and our customs,” said science, innovation and technology secretary Michelle Donelan. “Our system will be easier to understand, easier to comply with, and take advantage of the many opportunities of post-Brexit Britain. No longer will our businesses and citizens have to tangle themselves around the barrier-based European GDPR [General Data Protection Regulation]. “Our new laws release British businesses from unnecessary red tape to unlock new discoveries, drive forward next-generation technologies, create jobs and boost our economy.” The government added the revised bill will also support increased international trade without creating extra costs for businesses already compliant with existing data protection rules, as well as boost public confidence in the use of artificial intelligence (AI) technologies by clarifying the circumstances in which safeguards apply to automated decision-making.

Municipal CISOs grapple with challenges as cyber threats soar

"The diversity of our business services and the corresponding diversity of systems is unparalleled in that no organization does what our municipal government does," Michael Makstman, CISO for the City and County of San Francisco and co-chair of the Coalition of City CISOs, tells CSO. "We fly planes, we pave roads, we provide public safety services," Makstman says. "We operate one of the largest, if not the largest, trauma centers on the West Coast. We support many legal professionals for some of the largest legal firms in the country. At the same time, we make sure that vulnerable populations have access to food and care. We have an outstanding municipal transportation network. We have buses and subways and our world-famous cable car." ... CISOs of municipal organizations of all sizes are required to deftly handle the politics of the governments they serve and the individual service providers themselves, Hamilton says. CISOs are not always welcomed into agencies that do not directly employ them.

Decoding Digital Twins: Exploring the 6 main applications and their benefits

Although the roots of digital twins go back to NASA’s Apollo program in 1970, the concept of creating digital replicas of physical assets and visualizing/simulating/predicting in a virtual world is extremely suitable for companies that are trying to make Industry 4.0 a reality or are aiming toward future industrial metaverse projects. Make no mistake: While the definition of a digital twin may be straightforward, its applications are numerous. In 2020, we published our first market research on the topic and showcased that there may, in fact, be 200 or more different types of digital twins. The feedback we received from you was that classification helps to ensure apple-to-apple digital twin comparisons, but questions remain about the hotspots of activity. Therefore, as part of our new 233-page Digital Twin Market Report 2023-2027, we classified 100 real digital twin projects along the three dimensions and found six main areas of activity. These six digital twin application hotspots cover two thirds of all digital twin projects we analyzed.

Cloud trends 2023: Cost management surpasses security as top priority

For the first time, since Flexera began its annual survey of cloud decision-makers, security was not the top challenge reported by respondents. As revealed in the Flexera 2023 State of the Cloud Report, released on March 8, 2023, 82% of respondents from across all organizations indicated that their top cloud challenge is managing cloud spend, edging out security at 79%.These shifting challenges may be the result of organizations becoming increasingly comfortable with cloud security, while needing to manage the greater spend associated with their increased reliance on cloud services. Lack of resources or expertise was reported as a top cloud challenge by 78% of respondents, making it the third major cloud challenge for today’s businesses. ... Cloud cost management responsibilities are often spread across teams within an organization. Year over year, vendor management and finance or accounting teams?have less responsibility for cloud expenses. Instead, initiatives are shifting to finops teams. Finops, the practice of cloud cost management, is a growing priority.?

Read more here ...