IBM service uses DNS to deliver multicloud connectivity

IBM is rolling out a new DNS-based service that will let customers securely control connectivity between distributed multicloud environments.NS1 Connect is one of the first fruits from IBM’s acquisition of DNS specialist NS1 earlier this year. The service is aimed at helping organizations set up the best connection between clouds and end users to deliver applications optimized for performance, cost, security and availability.Core to the NS1 Connect package, which will be available Oct. 17, is traffic-steering technology that intelligently distributes DNS traffic across the network. DNS is often described as the Internet’s phone book, working in the background to match the names of web sites that users type into a search box with the corresponding IP address.To read this article in full, please click here READ MORE HERE…

Read more

DNS security poses problems for enterprise IT

Attacks related to Domain Name System infrastructure – such as DNS hijacking, DNS tunneling and DNS amplification attacks – are on the rise, and many IT organizations are questioning the security of their DNS infrastructure.Most IT organizations maintain a variety of DNS infrastructure for public services (websites and internet-accessible services) and private services (Active Directory, file sharing, email). Securing both internal and external DNS infrastructure is critical due to a growing number of threats and vulnerabilities that malicious actors use to target them. Unfortunately, very few organizations are confident in their DNS security.Enterprise Management Associates (EMA) recently examined the issue of DNS security in its newly published research report, “DDI Directions: DNS, DHCP and IP Address Management Strategies for the Multi-Cloud Era.” Based on a survey of 333 IT professionals responsible for DNS, DHCP and IP address management (DDI), the research found that only 31% of DDI managers are fully confident in the security of their DNS infrastructure.To read this article in full, please click here READ MORE HERE…

Read more

Cisco significantly bolsters security portfolio with $28B Splunk buy

Looking to significantly reinforce its security software portfolio, Cisco has struck a $28 billion cash deal to acquire enterprise and cloud protection company Splunk.Founded in 2003, Splunk’s software platform is known for its wide-reaching ability to search, monitor and analyze data from a variety of systems. Network security teams can use this information to gain better visibility into and gather insights about network traffic, firewalls, intrusion detection systems (IDSes), intrusion prevention systems (IPSes), and security information and event management (SIEM) systems, from on premise and or its cloud-based package, according to Splunk.To read this article in full, please click here READ MORE HERE…

Read more

How network security can save security dollars

For the last twelve years, 100% of CIOs have said that they expect to spend more on IT security, making security the only category that just keeps on absorbing investment. Every year in the last three years, over 80% of enterprises have said that their IT security still needed improvement. So, like death and taxes, is security spending growth inevitable? If we keep on the way we have, it sure seems like it. But what might change?Let’s start with what’s important to users. External threats, meaning hacking, are a problem for every CIO. Internal threats, from badly behaving employees, are a problem for three out of four. Data theft is a universal fear, and malware that interferes with applications and operations is an important problem for over 90% of CIOs. As far as approaches or targets are concerned, 100% say access security on applications and data is essential and so is regular malware scanning. If you ask CIOs to pick a single thing they think is essential for IT security, it’s access security.To read this article in full, please click here READ MORE HERE…

Read more

IoT startups fill security gaps

As the volume of IoT devices connecting to enterprise networks continues to climb, the number of security threats has been increasing in lockstep. Cybersecurity threats, alongside supply chain issues, chip shortages and geopolitical instability, are a major reason that IoT growth has been slower than many analysts had predicted.Even so, the scale of the IoT security problem is great enough that 52 IoT startups raised a total of $840 million in the latest quarter, and even cautious analysts believe the IoT market will grow steadily in the coming years. In fact, research firm IDC predicts that the IoT market will expand to 55.7 billion connected IoT devices by 2025, with those devices generating 80B zettabytes (ZB) of data.To read this article in full, please click here READ MORE HERE…

Read more

IBM X-Force: Use of compromised credentials darkens cloud security picture

As connectivity to cloud-based resources grows, cybercriminals are using valid, compromised credentials to access enterprise resources at an alarming rate.That’s one of the chief findings of the IBM X-Force Cloud Threat Landscape Report, which also found a 200% increase (about 3,900 vulnerabilities) in cloud-oriented Common Vulnerabilities and Exposures (CVE) in the last year.“Over 35% of cloud security incidents occurred from attackers’ use of valid, compromised credentials,” wrote Chris Caridi, strategic cyber threat analyst with IBM X-Force, in a blog about the report. “Making up nearly 90% of assets for sale on dark web marketplaces, credentials’ popularity among cybercriminals is apparent, averaging $10 per listing – or the equivalent of a dozen doughnuts.”To read this article in full, please click here READ MORE HERE…

Read more

Cisco software targets enterprise cloud security, risk assessment

Cisco is adding a security module to its observability platform that promises to help enterprises assess threat risks and protect cloud-based resources.The Cisco Secure Application module, available now, is part of the vendor’s Full Stack Observability (FSO) platform, which is designed to correlate data from application, networking, infrastructure, security, and cloud domains to make it easier for customers to spot anomalies, preempt and address performance problems, and improve threat mitigation.FSO is designed to make intelligent use of metrics, events, logs and traces. With it, organizations can consolidate to fewer tools, collect data from any source, correlate information, and enable AI-driven analysis to predict and prevent problems, Cisco said at the FSO launch event in June.  To read this article in full, please click here READ MORE HERE…

Read more

10 questions to ask about secure service edge (SSE)

In 2019, Gartner created the term secure access service edge (SASE) to describe a cloud-based service that combines networking and security in order to give remote workers safe access to internet-based resources.Gartner had put its finger on a new set of challenges that enterprise IT faced as employees shifted to remote work during Covid and applications migrated to the cloud. But Gartner overshot the runway a bit; vendors were caught flatfooted and scrambled to cobble together full suites of SASE features.On the customer side, a recent Gartner survey of CISOs revealed that “a majority of buyers are planning for a two-vendor strategy for SASE,” with security and networking teams making separate buying decisions rather than opting for single-vendor SASE.To read this article in full, please click here READ MORE HERE…

Read more

VMware warns customers to immediately patch “critical” Aria network software holes

VMware is advising customers to upgrade or patch its Aria for Network Operations software because of potential security problems.VMware Aria is the vendor’s overarching multi-cloud management platform that integrates previously separate VMware services such as vRealize Automation, vRealize Operations, vRealize Network Insight, and CloudHealth onto a single Aria Hub console, which provides centralized views and controls and lets customers see and manage the entire multi-cloud environment.The vulnerabilities are in the Aria Operations for Networks component which includes the ability help run applications more smoothly by finding the cause of delay based on TCP traffic latency and retransmissions by triggering alerts on the applications dashboard.To read this article in full, please click here READ MORE HERE…

Read more

Google’s Cross-Cloud Network service aims to simplify multicloud networking

Google Cloud has added a new service that promises to make it easier for enterprise customers to securely network multiple cloud-based resources.The Cross-Cloud Network service consists of new and existing Google Cloud technology and includes a partner ecosystem to help organizations develop, build and support distributed enterprise applications across clouds.“We know that 70-plus percent of our enterprises are going to adopt multicloud. [The] idea behind Cross-Cloud Network is that today many organizations operate bespoke networks with turnkey security to connect to those clouds that are operationally complex to manage and build, thereby resulting in a much higher total cost of ownership and soaring costs,” said Muninder Sambi, vice president and general manager of networking for Google Cloud. “They set up private data centers to connect and secure the hybrid workforce to access cloud and on-prem resources and manage multiple CDN clouds to accelerate web apps. All of this can also lead to an inconsistent security posture and drives up total costs,” Sambi said.To read this article in full, please click here READ MORE HERE…

Read more