Blog

On April 11, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) announced its collaboration with private industry partners to address a significant security breach affecting Sisense, a prominent provider of data analytics services. This compromise, unearthed by independent security researchers, raised alarms within the cybersecurity community, prompting swift action from both government agencies and affected organizations.

It’s official: Gem Security is joining CNAPP decacorn Wiz. Acquisitions in tech do not happen by accident, but rather because giants in the industry recognize the gaps they need to fill as rapidly as possible. In this blog, I will explain what this acquisition means for the future of cloud security so you understand where the industry is headed and what questions you should be thinking about as you selectively choose cloud security vendors.

Google Cloud Platform (GCP) continues to expand its offerings and remains a top-tier cloud infrastructure service provider. It offers a wide range of services, including Compute Engine (VMs), Google Kubernetes Engine (GKE), BigQuery, Cloud Storage, and Cloud AI Platform. However, in recent years, several vulnerabilities have been reported in some of GCP's services, such as privilege escalation in GKE and CloudSQL.

RSA Conference 2024 is upon us... crowds of cybersecurity professionals will be eagerly gathering in San Francisco in May for this conference that has been around for over 30 years.

Enterprise success relies on operational resilience. When you fall, you have to be able to get back up—and quickly. That ability to spring back after a setback requires more than nimbleness.

Generally speaking, when most CISOs think about their cloud security, they’re keyed into their cloud infrastructure held at big providers like AWS, Azure, and GCP. Their typical focus is on securing virtual machines, storage and networks that run on cloud infrastructure. All of this is hugely important.

After several years of working with AWS, IAM remains one of the most frequently used services in my daily routine. Yet, despite my familiarity with it, a recent production incident taught me that there’s always more to learn.

For decades, Security Operations Center (SOC) have been at the foundation of organizational security and risk mitigation. SOCs perform critical operations, helping to keep systems updated and handle the day-to-day monitoring of organizational IT.

In a cybersecurity landscape that seems ever volatile, the Midnight Blizzard attack against Microsoft stands out for its simplicity, strategic execution, and the implications it holds for global cybersecurity.