New year, new threats: Are we ready for what’s next in the cloud?

Welcome to the first 2024 edition of the Code to Cloud Monthly Digest! From the traits that define modern CISOs to lessons learned from tech's most transformative eras, this issue is packed with tips from the best cyber leaders in the business.?

What distinguishes cybersecurity leaders in 2024?

Adaptability, creativity, commitment to progress, and a nuanced understanding of AI and emerging technologies are setting apart true leaders in cybersecurity this year. In our second annual list of 50 CISOs to Watch, Lacework celebrates the CISOs who exemplify those traits. These leaders are excelling in technology, mastering the art of AI, embracing change, and guiding companies through new challenges like the SEC regulations. Meet the 50 CISOs to Watch in 2024.

3 things to know about the malware AndroxGh0st

The recent spotlight on AndroxGh0st, a Python malware, is the center of attention because of recent warnings from the FBI and CISA. Here are a few things you need to know about the threat:?

• It targets specific files known as Laravel.env files, which are crucial because they contain access keys and credentials for major services like AWS and Microsoft Office 365.?
• The theft of these files poses a serious risk because it enables hackers to gain unauthorized access and potentially disrupt services.?
• It’s been used by hackers to build a botnet (a network of compromised computers) to then be used for additional credential theft and launching further cyberattacks.?

Get the full scoop here.

What can we learn from the tech industry’s most transformative times??

Lacework CEO Jay Parikh recently joined CNBC 's Jon Fortt on Fort Knoxx and shared some lessons learned during pivotal moments in the tech industry. Jon and Jay discussed:?

?? Today’s toughest cybersecurity problem (0:36)

??? The shift in security philosophy over the past decade (8:09)?

?? What Jay learned from scaling security at Facebook (9:51)?

?? Life and career as a series of S-curves (38:50)?

?? Navigating the dot-com bubble crash (41:20)

Catch their full conversation below.?

The pillars of effective cloud workload security

Cloud workload security (CWS) solutions are key in spotting vulnerabilities and reacting to threats promptly. But what makes these solutions so effective? The latest GigaOm Radar report sheds light on the top CWS solutions out there, and the best ones have a few distinct features. They’re adaptable, integrate AI, and map to popular compliance frameworks to simplify compliance for organizations. Check out five insights every security leader should know from the GigaOm report here.?

Why is DSPM important for visibility in the cloud??

Ever heard of "DSPM"? Data security posture management helps companies understand what sensitive data they have, where it’s located, who has access to it, which permissions each user has, and what the lineage of the data is. This is critical for companies that want to avoid exposing their sensitive data in the cloud. That’s why Lacework recently partnered with Securiti to combine DSPM with cloud security posture management (CSPM) to offer a new level of risk analysis between applications, data, and networks.

?Bonus content?: How does security empower cloud-based creativity?

Can security help creative industries thrive in the cloud? The new partnership between Lacework and Untold Studios. , an entirely cloud-based Emmy and Grammy-nominated studio, highlights how security solutions can support creative freedom in the cloud. Learn more about our collaboration.?

The Code to Cloud Monthly Digest is your go-to cloud security newsletter. What topics would you like us to cover in the next issue? Share your thoughts below ??