In the early days of cloud computing, many executives became enamored with the idea that they would no longer be responsible for the “headaches” of an on-premises data center. Things like cooling, physical security, hardware upgrades and uninterruptable power supplies all would shift to the cloud providers. But the shifting of certain responsibilities does not also mean the transfer of accountability… So who is responsible for what in the cloud and how can shared accountability be navigated? The shared responsibility model is a nice theory, but here’s how its practical application gets tricky. Read the blog.

Policy is Everywhere Think of every company you have ever worked for. Whether it was a job in a warehouse, or employment in an office, there was always a policy to follow. In fact, when you think back to your earliest days, your family also had policies. Policies are the rules established to keep order within a group. Sometimes, policies are not followed, or are simply ignored.  According to a report issued by the Federal Aviation Administration, one of the primary causes of policy failure is a lack of available, current, or well written documentation. That was followed by the difficulty of the task being performed; and concluded with work environments leading to failures to follow procedures. Sometimes, the failure

Did you ever hear the story about the hyphen that cost 80 Million dollars? In the infancy of the United States’ space program, a programming error resulted in a forced abort of a rocket early in its flight to prevent possible injury along its crash path. Or how about the time a pilot miscalculated the required fuel for a flight from Montreal to Edmonton? These are both fatal examples of how human error can have serious consequences. In our hyper-connected world, our errors can have damaging consequences. Sometimes, the harm can be minor, such as the “Melissa” macro virus of 1999, in the early days of computer viruses. More recently, however, the damages can have a greater impact, as in

Businesses are increasingly dependent on emerging technology and reaping its benefits to provide better quality of services, change the way they collaborate and interact with employees and customers. Corporate data is being moved to multi-cloud environments, while the adoption of containers helps the fast and agile development of applications. IoT devices and sensors provide businesses with an abundance of data useful for timely and accurate decision making. An Expanding Threat Landscape However, businesses are not the only ones taking advantage of this technology. Criminals, as well, are following suit. According to the Verizon DBIR 2020 report, cloud assets were involved in about 24% of breaches. This is not so much an indictment of cloud security as it is an illustration

The (ISC)2 Certified Information Systems Security Professional (CISSP) certification has won top marks from a 90,000-member LinkedIn community of cybersecurity professionals. The group selected the certification as the most valuable from a list of 50 leading cybersecurity industry certifications and courses. The Information Security Careers Network (ISCN) asked the LinkedIn community, which is composed of ISCN members, to rate their top certifications in order to compile a list of the top 10 most desirable certifications for 2021. The list included certifications from other associations and vendors, as well as the (ISC)2 Certified Cloud Security Professional (CCSP). Why is the CISSP the Most Valuable Cybersecurity Certification? Nearly three quarters of respondents (72%) identified the CISSP as the certification with the greatest demand in