CISO Roundtable Recap: Rethinking Security and Governance in the Public Cloud

Source:-https://securityboulevard.com/ A few days ago, I had the privilege of attending a boardroom discussion of CISOs at the virtual Chicago CISO Summit on the topic of Rethinking Security and Governance in the Public Cloud. The boardroom discussions are great since they serve as an opportunity to benchmark various CISO topics, and to discover cloud security challenges enterprise organizations are facing. It’s clear from our discussion that the ways in which we build technology value have changed drastically. Shifts from monolithic

Read more

Onus for cloud security falls on customers, but AWS could do more, CISO says

Source: ciodive.com Dive Brief: Amazon Web Services CISO Stephen Schmidt said the company is unaware of “any other noteworthy” compromises of AWS customers, in response to Senator Ron Wyden’s, D-Ore., inquiry into AWS’ role in Capital One’s data breach.  Paige “erratic” Thompson exploited a “Server-Side Request Forgery” (SSRF) vulnerability to gain access, which was amplified by abusing permissions escalation, according to Schmidt. Though SSRF was not the “primary factor” in the bank’s breach, “it’s possible that there have been small

Read more