Cloud Security This Week – February 9, 2018

New from
WEBINAR: The Evolution of DevSecOps Revisited
Register for our webinar on Thursday, February 22nd, 2018 where our panel of experts will discuss relationship between DevOps and SecOps and explore whether or not it has evolved to be as harmonious as we hoped.

The Growth Mindset Applied to Cloud Security in Five Steps
Cloud security never stops, so it behooves IT teams to approach their security efforts with a growth mindset and focus on continuous improvement in managing their organization’s security posture.

Measure Your Cloud Security in 5 Steps
Because of constant change, you’re never dealing with the same cloud environment for very long, so it makes measurement difficult. Here are five steps to follow to determine if your team is actually making progress towards your cloud security and compliance goals.

The Stoic’s Guide to Cloud Security
Stoics practiced negative visualization; think about what you DON’T want to happen so you can experience its pain without having to actually go through its consequences. Turns out, it’s also a pretty good strategy for those responsible for the security of their organization’s cloud environment.

16 Ways to Protect Your Cloud from Ransomware
Cloud environments with poor configuration, lack of policies, and permissive behaviors lead to too many openings that are exploitable by ransomware. In this ebook, we look at the different pieces of the cloud stack and address their unique security needs with precautions that enterprises should take to make their environment far more resistant to ransomware threats.

News and Perspectives on Cloud Security
New Zero-Day Ransomware Evades Microsoft, Google Cloud Malware Detection
Google Drive and Microsoft Office 365, both of which have built-in malware protection, failed to identify a new form of Gojdue ransomware dubbed Shurl0ckr. The zero-day ransomware evaded most major antivirus platforms: only seven percent of 67 tested tools detected it.

Test Your Knowledge of the AWS Shared Responsibility Model
In a traditional data center, an enterprise exercises total control over its facility and assumes full responsibility for infrastructure security and operation. But with the public cloud, that all changes, and now, many users need to grow accustomed to the AWS shared responsibility model.

Mind the Gap: This Researcher Steals Data With Noise, Light, and Magnets
Cybersecurity experts spend a lot of time on preventing hackers from getting in to cloud environments, but new research emphasizes the importance of exfiltration prevention.

What is Cryptojacking? How to Prevent, Detect, and Recover From It
Criminals are using ransomware-like tactics and poisoned websites to get your employees’ computers to mine cryptocurrencies. Here’s what you can do to stop it.

Intel Releases New Spectre Patch Update for Skylake Processors
After leaving million of devices at risk of hacking and then rolling out broken patches, Intel has now released a new batch of security patches only for its Skylake processors to address one of the Spectre vulnerabilities (Variant 2).