Netskope is looking to the next generation of cloud security with the acquisition of Sift Security.

The acquisition, which closed in June, will see Sift's infrastructure as a service (IaaS) breach detection and visualisation tool Cloud Hunter move into Netskope's Security Cloud offering.

"By bringing Sift Security into our 'one cloud' architecture, we will take Netskope for IaaS (and as a result, the entire Netskope Security Cloud) to a new level," wrote Sanjay Beri, Netskope CEO, in a blog post confirming the news. "Sift enhances our ability to uniquely gather and visualise the richest set of contextualised data about transactions. This rich contextual data informs nearly all of the services provided by the Netskope Security Cloud.

"Sift Security helped pioneer this for IaaS by ingesting and creating a rich set of data from public cloud infrastructure," added Beri. "This data, which ranges from information around the OS to the networking to the application and user level, enables Sift to correlate, visualise, detect, and remediate threats and incidents in IaaS services."

Neil King, CEO of Sift, will join Netskope's IaaS division to lead product strategy and management. "Four years ago we set out to build a security solution that could detect, correlate, visualise and automatically respond to threats in infrastructure as a service environments like AWS, Azure, and Google Cloud Platform," said King. "We're excited to combine those capabilities into the market-leading Netskope Security Cloud."

The move puts more emphasis on the key trend of automated cloud security tools. While the concept has been around for some time, increasingly complex cloud workloads has made the need for automated 'threat hunting' tools more evident. As a McAfee report put it in April, it's all about visibility and control for admins.

While Netskope is beefing up its cloud and IaaS security credentials with the acquisition of Sift,  the company's ambitions are much wider. As this publication reported last year when Netskope secured a $100 million series E funding round, the next step was to take the cloud platform and bring it to the whole web.

Financial terms of the transaction were not disclosed.

Cryptojacking is on the way to replacing ransomware as the biggest threat for consumers and enterprises – and new research reveals the size of the effect crypto is having on cloud infrastructures.

Cybersecurity firm Check Point Software, in its 'Cyber Attack Trends: 2018 Mid-Year Report', found that in the first half of this year, the number of organisations impacted by cryptomining malware doubled to 42%, compared with 20.5% from the second half of 2017.

What's more, the top three most common malware variants in the first half of this year were all cryptominers. At the most recent RSA Conference, the SANS Institute presented its list of the five newest dangerous attack vectors; cloud storage, and data leakage and monetisation of compromised systems via cryptominers both made the list.

The report asserts that 'a number of sophisticated techniques and tools' have been deployed against cloud storage services. Many of these attacks come about due to organisations' own poor security practices, but others, such as cryptomining, are leveraging cloud infrastructure leading to much greater profits for threat actors.

There have been examples of the latter this year. In February, security monitoring firm RedLock disclosed that hackers had been running cryptomining scripts on unsecured Kubernetes instances owned by Tesla. As the researchers put it at the time, the focus has changed from stealing data to stealing compute power in organisations' public cloud environments.

The top cryptominers are Coinhive, which has affected 12% of organisations worldwide, Cryptoloot, a JavaScript miner, and JSEcoin, a web-based crypto miner. All three are focused around mining the Monero cryptocurrency.

Maya Horowitz, threat intelligence group manager at Check Point, noted that attacks on cloud infrastructure and cryptomining were the latest generation of cyber attacks, which the company calls 'gen V.' "These multi-vector, fast-moving, large scale Gen V attacks are becoming more and more frequent, and organisations need to adopt a multi-layered cybersecurity strategy that prevents these attacks from taking hold of their networks and data," said Horowitz.

Writing for this publication in May, Paolo Passeri, cyber intelligence principal at Netskope, said that while cryptomining campaigns were becoming bigger and more persistent, organisations could mitigate risk by using several methods. Companies could enforce policies such as scanning all uploads from unmanaged and remote devices to sanctioned cloud applications, to blocking unsanctioned instances of sanctioned cloud apps.

You can read the full report here (email required).

This sixteen (16) hour course provides an introduction to DevOps, the cultural and professional movement that stresses communication, collaboration, integration and automation in order to improve the flow of work between software developers and IT operations professionals. Improved workflows will result in an improved ability to design, develop, deploy and operate software and services faster.

read more

• Identities, not systems, are the new security perimeter for any digital business, with 81% of breaches involving weak, default or stolen passwords.
• 53% of enterprises feel they are more susceptible to threats since 2015.
• 51% of enterprises suffered at least one breach in the past 12 months and malicious insider incidents increased 11% year-over-year.

These and many other fascinating insights are from SecurIT: the Zero Trust Summit for CIOs and CISOs held last month in San Francisco, CA. CIO and CSO produced the event that included informative discussions and panels on how enterprises are adopting Next-Gen Access (NGA) and enabling Zero Trust Security (ZTS). What made the event noteworthy were the insights gained from presentations and panels where senior IT executives from Akamai, Centrify, Cisco, Cylance, EdgeWise, Fortinet, Intel, Live Nation Entertainment and YapStone shared their key insights and lessons learned from implementing Zero Trust Security.

Zero Trust is a recognized framework developed by Forrester Research in collaboration with the National Institute of Standards and Technology (NIST) and also promoted by Google as BeyondCorp. Zero Trust Security is predicated on the concept that an organization doesn’t trust anything inside or outside its boundaries and instead verifies anything and everything before granting access. The approach works because today’s leading attack vector is weak or compromised credentials according to Verizon’s 2018 Data Breach Investigations Report.

Key takeaways from the Zero Trust Summit include the following:

Identities, not systems, are the new security perimeter for any digital business, with 81% of breaches involving weak, default or stolen passwords

Tom Kemp, Co-Founder, and CEO, Centrify, provided key insights into the current state of enterprise IT security and how existing methods aren’t scaling completely enough to protect every application, endpoint, and infrastructure of any digital business. He illustrated how $86B was spent on cybersecurity, yet a stunning 66% of companies were still breached. Companies targeted for breaches averaged five or more separate breaches already. The following graphic underscores how identities are the new enterprise perimeter, making NGA and ZTS a must-have for any digital business.

53% of enterprises feel they are more susceptible to threats since 2015

Chase Cunningham’s presentation, Zero Trust and Why Does It Matter, provided insights into the threat landscape and a thorough definition of ZTX, which is the application of a Zero Trust framework to an enterprise. Dr. Cunningham is a Principal Analyst at Forrester Research serving security and risk professionals. Forrester found the percentage of enterprises who feel they are more susceptible to threats nearly doubled in two years, jumping from 28% in 2015 to 53% in 2017. Dr. Cunningham provided examples of how breaches have immediate financial implications on the market value of any business with specific focus on the Equifax breach.

Presented by Dr. Cunningham during SecurIT: the Zero Trust Summit for CIOs and CISOs

51% of enterprises suffered at least one breach in the past 12 months and malicious insider incidents increased 11% year-over-year

43% of confirmed breaches in the last 12 months are from an external attack, 24% from internal attacks, 17% are from third-party incidents and 16% from lost or stolen assets. Consistent with Verizon’s 2018 Data Breach Investigations Report use of privileged credential access is a leading cause of breaches today.

Presented by Dr. Cunningham during SecurIT: the Zero Trust Summit for CIOs and CISOs

One of Zero Trust Security’s innate strengths is the ability to flex and protect the perimeter of any growing digital business at the individual level, encompassing workforce, customers, and distributors

Akamai, Cisco, EdgeWise, Fortinet, Intel, Live Nation Entertainment and YapStone each provided examples of how their organizations are relying on NGA to enable ZTS enterprise-wide. Every speaker provided examples of how ZTS delivers several key benefits including the following: First, ZTS reduces the time to breach detection and improves visibility throughout a network. Second, organizations provided examples of how ZTS is reducing capital and operational expenses for security, in addition to reducing the scope and cost of compliance initiatives. All companies presenting at the conference provided examples of how ZTS is enabling greater data awareness and insight, eliminating inter-silo finger-pointing over security responsibilities and for several, enabling digital business transformation. Every organization is also seeing ZTS thwart the exfiltration and destruction of their data.

Conclusion

The SecurIT: the Zero Trust Summit for CIOs and CISOs event encapsulated the latest advances in how NGA is enabling ZTS by having enterprises who are adopting the framework share their insights and lessons learned. It’s fascinating to see how Akamai, Cisco, Intel, Live Nation Entertainment, YapStone, and others are tailoring ZTS to their specific customer-driven goals. Each also shared their plans for growth and how security in general and NGA and ZTS specifically are protecting customer and company data to ensure growth continues, uninterrupted.

Multi-cloud is here to stay, that much we already know – but the sheer extent of its growth is helping enterprises move mission-critical applications to the cloud.

That is the key finding from a new report by cloud technology provider Virtustream. The study, titled ‘Multi-cloud Arises from Changing Cloud Priorities’ and conducted alongside Forrester, found the vast majority (86%) of respondents see their current cloud strategy as multi-cloud. What’s more, 60% of enterprises polled said they are now moving, or have already moved, mission-critical apps to the public cloud.

According to the research – which polled 727 cloud technology decision makers at businesses with more than 1,000 employees – almost half of enterprises spend at least $50 million annually on cloud initiatives. Yet the study also argues greater alignment between cloud technologies and business objectives are needed. 42% of those polled said operational efficiency was their top priority this year, ahead of innovation.

When it comes to selecting a vendor, IT is most likely to be involved in vendor choice, with only certain sections of the C-suite – chiefly the CIO – also getting involved. According to survey respondents, a multi-cloud approach offers three key benefits; improved IT infrastructure management, cited by 33% of respondents, better IT cost management (33%) and improved security and compliance (30%).

Yet cost and security are two hurdles which organisations need to cross before going full-tilt into multi-cloud, according to Gaurav Yadav, founding engineering and product manager at software-defined storage provider Hedvig.

Writing for this publication earlier this month, Yadav also noted the eventual goal of multi-cloud – rather than negotiating and balancing between several vendors more than willing to sell you more of their ecosystem – is truly cloud-agnostic infrastructure.

“The promise of a cloud-agnostic infrastructure is to make data easier to access and more affordable to store long-term by putting different types of data into different clouds for their various benefits and cost structures,” Yadav wrote. “Multi-cloud deployments strengthen business continuity and resilience, empower DevOps development and cloud-native applications, and optimise regulatory compliance and service delivery for global organisations.”

“Multi-cloud is a clear reality of the next era in cloud computing,” said Deepak Patil, Virtustream senior vice president product and technology. “Whether it is employed to balance risk or to leverage the advantages and use cases of various cloud platforms – enterprises are increasingly moving their workloads to multiple cloud providers.”

Read more: Why you need to work through the growing pains to make the most out of multi-cloud

Roland Moore-Colyer

Clare Hopping

Clare Hopping

Semiconductor giant Broadcom has announced the acquisition of software provider CA Technologies for $18.9 billion (£14.3bn) in cash to ‘build one of the world’s leading infrastructure technology companies.’

The move will aim to give Broadcom a financial boost in a variety of areas. In an investor presentation (PDF), the company cited CA’s ‘significant’ recurring revenue, as well as an improvement on Broadcom’s long-term EBITDA margins as key to the transaction.

From a technological perspective, Broadcom cited CA’s mainframe expertise, as well as the company’s ‘continued focus on acquiring established mission critical technology businesses.’ Regular readers of this publication will note how the mainframe, which still stores a surprisingly large amount of enterprise data – up to 80% if you believe CA and IBM – is still a fundamental part of CA’s strategy.

“This transaction represents an important building block as we create one of the world’s leading infrastructure technology companies,” said Hock Tan, president and chief executive officer of Broadcom in a statement. “With its sizeable installed base of customers, CA is uniquely positioned across the growing and fragmented infrastructure software market, and its mainframe and enterprise software franchise will add to our portfolio of mission critical technology businesses.

“We intend to continue to strengthen these franchises to meet the growing demand for infrastructure software solutions,” Tan added.

Among CA’s most notable acquisitions in recent years include application security provider Veracode, business automation software firm Automic, and API management tool Layer 7 Technologies. From Broadcom’s perspective, the biggest acquisition story in recent years was one which didn’t go through. The protracted negotiations with fellow semiconductor firm Qualcomm – so long-winded were they that reporters tired of the non-stop press releases issued – were finally, and abruptly, blocked by US President Donald Trump in March on security grounds.

It is safe to say that moving in for CA is something of a departure for Broadcom’s current businesses. Among the company’s areas of expertise, again cited by the Broadcom investor presentation, are in API management (Gartner and Forrester), identity (Gartner) and continuous delivery (Forrester).

Bobby Hellard