Keeping up with what’s happening in the technology industry is a lot of work – and time-consuming! There’s an endless stream of newsletters, journals, blog posts, and press releases. How do you know what’s important enough to read? One way is to save time and brush up on what everyone else is reading. At least that way, you can know what they know and keep up with your peers.
Here we’ve compiled a list that generated the most buzz and were the most shared blogs of 2015. Now that we’ve shared this list with you, catch up on posts you missed. Then do some extra-credit reading to dig deeper and get out in front of your competition.
Cloud Security and Encryption
Combine the unending stream of data breach announcements (SecurityWeek reported that 2015 had doubled 2014’s breached record total before the third quarter of the year even ended) with the continuing growth of cloud computing (Forbes says cloud applications accounted for 81% of mobile traffic last year and will rise to 90% in 2019), no wonder that many of our top trending posts dealt with cloud security and encryption.
Maintaining Data Security During Cloud Adoption: 5 Questions CIO’s Need to Ask
Securing cloud adoption is a challenge when it’s so easy to get started with cloud computing, but that doesn’t means CIOs should approve every cloud-computing project that’s proposed.This post takes a look at the questions CIOs need to ask about security, privacy, efficiency, data loss, and compliance before they give the go-ahead. Read blog
Today’s top data protection technology is one that’s been around since before the computer was invented: encryption is still the best way to protect data. One reason is because while you can take precautions to block unauthorized access to data, many experts consider breaches inevitable.
Encryption means that when the inevitable breach occurs, the stolen data is unreadable and unusable. But just because encryption has been around practically since the Stone Age, that doesn’t mean encryption hasn’t changed. Today’s encryption protects data in transit, at rest, and while in use, even allowing search and sort on encrypted values. Read blog
As the previous posts point out, security is one of the key questions CIOs need to ask before approving cloud projects, and encryption is a key security technology. As a result, cloud providers are adding security features including encryption to help address data protection concerns. But while this is a plus, customers need to recognize there are problems relying solely on cloud providers to keep their data secure.
The big issue is that if your firm outsources all security operations to the cloud provider , you still will not be able to outsource responsibility for security and compliance . Your organization must maintain controls and visibility over company and client data even if it resides in the cloud. It’s also important to realize that while the cloud makes data location irrelevant for operations, data location remains must be addressed when complying with data residency and privacy laws. Read blog
What to Look for in a CASB (Cloud Access Security Broker)
If provider level encryption does not meet your organization’s governance and compliance needs, you probably want to deploy a CASB (cloud access security broker). Choosing the right CASB is critical decision since protecting sensitive and regulated data is every company’s highest priority. Read this post to learn about effective approaches for encryption and tokenization plus the monitoring and reporting features that you should consider before selecting a CASB. Read blog
Along with confidence in the technology used by your CASB or cloud encryption provider, you need to have confidence in the encryption provider as a business. This confidence means you trust that key management capabilities ensure sole ownership of sensitive key material, and that they’ll be around long term—because your data will be around long term, and the security issues around data protection are going to become more complex, not simpler. You want to choose a company you can rely on partnering with you to solve data protection issues as your cloud strategy evolves. Read blog
If you don’t have time to keep up with reading blogs, you may not have time to attending industry conferences where you can hear directly from industry thought leaders, either. If you didn’t make it to the 2015 RSA Security Conference, this post catches you up on the main topics: how to get visibility into cloud usage in order to enable protection and encryption.
CipherCloud was a presenter at this conference, sharing insights as to how our Cloud visibility and control solutions helps IT and Business leaders get a handle on Shadow IT and data protection. Read blog
Cybersecurity in General
Data protection concerns aren’t limited to cloud computing. Some of our most-shared posts talked about cybersecurity in general, with an eye to the current state of security and how to improve security in the future.
Think your end users understand how important it is to guard their passwords and watch out for social engineering and phishing attempts? If you still have faith that your end users will guard their passwords, watch this Jimmy Kimmel sketch. Apparently, all it takes to find out someone’s password is to ask users to revel it. Not only did people willingly reveal their passwords, their passwords weren’t exactly strong to start with: a pet’s name, birthday, year of graduation. Let’s hope the host made sure they changed their passwords before the segment was aired. Read blog
Knowing how vulnerable passwords are is one reason CISO’s spend all day, every day, thinking about how to protect their company’s data and what to do in response to an incident. This post captures the thinking of top CISOs from some of the most targeted industries, including financial and healthcare firms, as to what’s needed to effectively respond to an incident. Read blog
Marc Andreessen was one of the creators of the first widely-used web browser, Mosaic. Today, he’s part of a venture capital firm and invests in companies that are shaping the future of technology. Andreessen thinks it’s necessary to encrypt everything all the time and to use two-factor authentication. Learn why, and what else this thought leader thinks about cyber security and the cloud. Read blog
Life after Davos “Does Cyber Security and Data Governance Get Real?”
Cyber Security was one of the hot topics at the World Economic Forum in 2015. One of the speakers there, the CEO of Salesforce, told attendees that cyber security should be priority number one—and that there’s no finish line. Two WEF reports expand upon the topic, adding that transparency and resilience are key to coping with cyber threats. Read blog
Data Sovereignty and Safe Harbor
When a company is headquartered in one country and its data is stored in another, who gets to request access? The question for Microsoft was whether the US could subpoena data housed in a Microsoft data center in Ireland. This case is about data residency, but related concerns about how much access the US government can have to European data are one reason the EU Safe Harbor agreement fell apart late this year. The consequences of that are still being sorted through and will undoubtedly lead to some of our most-shared blog posts next year. Read blog
Catch up on what you’ve missed by checking out the above posts. Then check out our featured resources to explore topics in depth.