Owen Lewis’ Post

A recent study sheds light on the growing number of cyberattacks, citing cloud misconfigurations, evolving ransomware tactics, and supply chain vulnerabilities. Cloud misconfigurations, driven by haste and complexity, expose data, necessitating a rethinking of deployment practices. Meanwhile, evolving ransomware tactics, such as data exfiltration and ransomware-as-a-service, necessitate strong data security measures and proactive defense strategies. And supply chain vulnerabilities amplify the impact of breaches, emphasizing the importance of conducting thorough vendor assessments and data encryption. In this never-ending arms race with cyber adversaries, proactive vigilance and continuous innovation are critical.

The first reason for the increasing theft of personal data is cloud misconfiguration.

Just finished the course “Security in Fintech Essential Training” by Emmanuel Chebukati! Check it out: https://lnkd.in/eGTdz9HU #fintech #cybersecurity. Not quite what I was expecting but a good overview of considerations for security and how to implement this using AWS as the example platform.  Covering high level but hands on demonstraiton of the end to end deployment of network, storage, application and how to manage the service.  Certainly a useful course with various aspects that I found interesting.

Ontario, Canada. What about our health data? Do you remember eHealth Ontario? Now an American company has our health data, and Our tax money goes to: https://lnkd.in/eBKawZXs But where are our health data kept? In private hands!

📌 Q: What is Defense-in-depth? A: Defense-in-depth is an information assurance strategy that provides multiple, redundant defensive measures in case a security control fails or a vulnerability is exploited v/ Imperva Cc: ✭ Thomas Marr | Keith Dobbs | Maureen C. #cloud #cloudsecurity #cloudai #cyberai

Are your security risk keeping you up at night. If so, please read this short blog and let SEEBURGER know if we can help. #datasecurity #cloud #MFT

The number one reason why cyberattacks and data breaches continue to spike? Cloud misconfiguration. This is why building cloud infrastructure with safety and resiliency in mind is key. As we continue to rely more heavily on digital infrastructure, we can't get lax on how we build it. #CloudInfrastructure #DigitalInfrastructure #DataBreach

ISO 27001 provides a systematic framework for establishing and maintaining a robust cloud security posture. By adhering to this standard, FinTech organisations can define and implement appropriate security controls to safeguard their cloud-based systems, applications, and data. ISO 27001 assists in identifying potential risks and vulnerabilities specific to cloud infrastructure, allowing companies to address them proactively and reduce the likelihood of security incidents or data breaches. Read more: https://lnkd.in/e8TAD5au #Fintech #Cloud #ISO27001Certification

For AWS cloud centric companies, a great New Year’s resolution is taking a look at your cloud environment security exposure. If your resolution was to lose weight you would step on a scale to see where you are and where you need to get to….no different with Cyber Security. You need to see what your current security exposure is so you can prioritize steps to address. Stack Identity’s SARA – Shadow Access Risk Assessment is a free service that helps you see where your exposures are: You will receive a daily report of Shadow Access Risks with insights about your environment, for example: ·       The number of identities, data assets and policies you have ·       Top risky identities due to their access and entitlements ·       Application identities being used for third-party access ·       Data assets that are exposed to external networks ·       Cloud identities that have not been used in the last 90 days ·       Daily compliance scorecard for CIS, PCI-DSS, SOC2 and HIPAA We will also set up a session to review your results and offer advice as to how to address the issues found specific to your organization. https://lnkd.in/euc7hBNZ #shadowaccess #iam #iga #identitysecurity #identityaccessmanagement

Gartner didn’t really start addressing DSPM until mid to late 2022. Most security tools have a DLP “switch to flip,” but without a rhyme to the reason, an effective DLP project will be somewhat of a moving target. For instance, managing data with adherence to policies across network DLP, cloud DLP, application DLP, endpoint DLP, etc. DLP tools are designed to prevent data leaks and unauthorized disclosures. DSPM is a broader approach encompassing overall data protection beyond leaks, including access governance, encryption, compliance and security posture management. Join a discussion tomorrow (12/13, 12pm EST) with SoFi, a cloud-native financial services provider, to explore their successful DSPM implementation. Learn how they navigated challenges in extensive data handling, adhered to strict regulations, and managed third-party integrations. https://lnkd.in/gZVAy6mK #cyber #cyberdefense #dlp #dspm #ciso #data #governance #compliance #fintech