Regulator unconvinced large fines are effective deterrent

Read More

Identity and access issues topped the list of concerns of IT pros in the Cloud Security Alliance’s annual Top Threats to Cloud Computing: The Pandemic 11 report released earlier this month. “Data breaches and data loss were the top concerns last year,” says CSA Global Vice President of Research John Yeoh. “This year, they weren’t even in the top 11.”

“What that tells me is the cloud customer is getting a lot smarter,” Yeoh continues. “They’re getting away from worrying about end results—a data breach or loss is an end result—and looking at the causes of those results (data access, misconfigurations, insecure applications) and taking control of them.”

To read this article in full, please click here

Read More

Software firm Atlassian released emergency patches for its popular Confluence Server and Data Center products after reports came to light late last week that attackers were exploiting an unpatched vulnerability in the wild. According to data from Cloudflare’s web application firewall (WAF) service, the attacks started in late May.

The vulnerability, now tracked as CVE-2022-26134, is rated critical and allows unauthenticated attackers to gain remote code execution (RCE) on servers hosting the affected Confluence versions. The company urges customers to upgrade to the newly released versions 7.4.17, 7.13.7, 7.14.3, 7.15.2, 7.16.4, 7.17.4 and 7.18.1, depending on which release they use.

To read this article in full, please click here

Read More

Former employee re-submitted vulnerability data for personal gain

Read More

Vijay Bharati, CISO and senior vice president of cybersecurity practice at Happiest Minds Technologies, ranks among the few enterprise cybersecurity practitioners who handle both the overall cybersecurity business and internal security for the company.

Bharati has more than 22 years of experience across multiple domains such as identity and access management, data security, cloud security, and infrastructure security under his belt. Over the years, he has established trust and credibility with both external and internal stakeholders. In conversation with CSO India, Bharati talks about his experience working both internally and externally, how organisations can build cybersecurity ground up to minimize risks, and how India can bridge the security skills gap.

To read this article in full, please click here

Read More