Understanding the Benefits of Cloud Business Continuity

Understanding the
Business continuity is all about having a complete plan to deal with a problematic situation, which would help your organization continue to function with little or no disruption. Disruptions can occur at any point and sometimes can be completely unexpected; a flood, a cyber-attack, or even system failure can cause significant disruption.

What Does Cloud Business Continuity Mean?

Thinking about a business without technology can be next to impossible, but with major dependencies on technology, it increases the chances of disruption in business continuity. Ideally, business continuity cloud is a process that helps in the development of resilience rather than solving immediate issues.

Moving to the cloud helps organizations solve this issue with ease and can also aid in making your organization more efficient, more adaptive, and eventually more profitable. To do this, it is essential that you do careful planning, especially when it’s about building business continuity on the cloud.

Primary Considerations for Maintaining Business Continuity

Traditionally, business continuity planning was meant to focus on planning for failover and high availability of critical business systems. However, organizations should take a more comprehensive approach that encompasses both organizational measures and technologies to reduce disruption, maintain security, and support uninterrupted productivity to keep a business running. An ideal business continuity strategy should address team structure, a formal plan, crisis communication, and awareness programs.

Key considerations are

• Ensure that your cloud service provider offers the level of access that your business would require.
• Make sure you have a clear understanding of how to get your data when there is a break in the flow of information.
• Have a well-thought-through plan of what to do if the cloud provider experiences a disaster.


The Key Challenges with Business Continuity on Cloud

Even cloud business continuity providers also face similar issues when the conversation is about business continuity. Some of the cloud-specific problems are:

• Integrating onto a cloud platform brings significant dependency due to all the communication that takes place.
• It is vital to understand the critical functions that are involved.
• Organizations must undertake due diligence to understand how cloud service providers (AWS, Azure Google Cloud etc.,) operate and cover disruption.
• Shadow IT is a primary concern. Some freeware platforms also own your data and don’t delete it even when the account is closed.
• Cloud misconfiguration is another major concern. Around 68% of organizations stated that cloud misconfiguration is their top concern.

In my role, I was constantly thinking about the continuity of operations, so I spent a lot of time developing options a, b, c, etc., for response to different scenarios. This approach has helped me a lot in my planning for business impact, business continuity, disaster recovery, and incident response. Another area was controlling access. This aspect helps when addressing access control and least privilege access,” 

Brad Fugitt, Chief Information Security Officer at Pax8


Perks of Cloud Business Continuity

The cloud is the best option that offers timely and error-free data recovery, which aids business continuity. In addition, the cloud is the best alternative when you cannot physically access your main offices. Having an on-premise model could bring the functioning of a business to a complete standstill.

The benefits of a business continuity plan on the cloud are:
• Ensures regular backups and easy failover
• Reduces downtime drastically
• Offers better network and information security management
• Efficiently scales to suit your business requirements
• Minimizes the impact of denial of service (DoS) attacks
• It completely eliminates the need to sync software on two sites
• Drastically reduces the recovery time – to only a few minutes

Conclusion

Cloud gives organizations the option to become responsive and resilient to business continuity. With the pandemic being a huge disruption, organizations without a cloud option would have struggled to keep up. Keeping in mind the highly dynamic environment we’re in, cloud-based business is the way forward.

The Atlanta ransomware attack is an important lesson in inadequate business continuity planning. The event revealed that the city’s IT was woefully unprepared for the attack. Just two months’ prior, an audit found 1,500 to 2,000 vulnerabilities in the city’s IT systems, which were compounded by “obsolete software and an IT culture driven by ‘ad hoc or undocumented’ processes,” according to StateScoop.

FAQ


How Do Cloud-based Systems Aid in Business Continuity?

Cloud-based business continuity eliminates all the expenses that are tied to on-premise solutions. This means you’d not need to worry about on-site hardware and building costs, physical security, and other similar costs.

How Are Business Continuity and Disaster Recovery Different?

Business continuity emphasizes keeping your business operations during a disaster, while disaster recovery focuses on restoring data access and IT infrastructure after a disaster. Functioning as a cloud-based business helps ensure optimum business continuity.

What Are the Three Critical Components of a Business Continuity Plan?

An effective business continuity plan would have three major components. These three fundamental elements are resilience, recovery, and contingency.

Spotlight

Profitbase AS

Our solutions provide businesses with a consolidated view of key information resulting in increased visibility to all aspects of business performance. This helps accelerate planning cycles enabling users to plan, track and act on performance based on their roles in the organizations. Dashboards and reports deliver a rich set of pre-defined metrics and Key Performance Indicators that empower decision makers with the information they need to easily monitor and optimize their operations.

OTHER ARTICLES
Cloud App Development, Cloud Security, Cloud App Management

What Is Cloud-Native and Why Does it Matter for CI

Article | July 31, 2023

Continuous intelligence (CI) relies on the real-time analysis of streaming data to produce actionable insights in milliseconds to seconds. Such capabilities have applications throughout a business. In today’s dynamic marketplace, new CI applications that use data from various sources at any given time might be needed on very short notice.The challenge is how to have the flexibility to rapidly develop and deploy new CI applications to meet fast-changing business requirements. A common approach employed today is to use a dynamic architecture that delivers access to data, processing power, and analytics capabilities on demand. In the future, solutions also will likely incorporate artificial intelligence applications to complement the benefits of traditional analytics. Increasingly, cloud-native is the architecture of choice to build and deploy AI-embedded CI applications. A cloud-native approach offers benefits to both the business and developers. Cloud-native applications or services are loosely coupled with explicitly described dependencies.

Read More
Cloud App Development, Cloud Security, Cloud App Management

Why Microsoft Should Spinoff Its Cloud Business

Article | June 21, 2023

Microsoft currently features old-school solutions that are growing relatively slowly (Office and Windows) and new cloud solutions that are growing tremendously (Dynamics 365 and Azure). If the company stays in its current form, Microsoft stock will keep steadily advancing. But because the company’s total top and bottom lines are never going to increase much more than 30% or 35% per year, the shares are never going to deliver truly huge returns. But that would change if the company was to spin off its rapidly growing cloud businesses. In such a scenario, the current owners of Microsoft stock would receive shares in a cutting edge cloud services company (let’s call it Azure), and shares in a company focused on providing old, mostly PC-based software to businesses and consumers.

Read More
Cloud App Development

Intelligence Giant Upgrading its Cloud Technology

Article | July 18, 2022

With the huge amounts of data in all fields, a future in the cloud is imperative to help deal with this explosion of data, especially in the field of intelligence technology. This is the reason why the US Central Intelligence Agency is updating its cloud technology. The agency has recently released a draft request for proposal for its Commercial Cloud Enterprise contract.The C2E tens of billions contract will be a multi-award commercial cloud computing contract with a five-year base period and two five-year options for a period of performance of up to 15 years, according to nextgov.com.In a March 2019 presentation by the Directorate of Digital Innovation, a division of the CIA, the department outlined its vision for C2E. It would be broad and include infrastructure, platform and software cloud services supporting a broad range of users, with a variety of security clearances and a worldwide presence, as reported by techcrunch.com. The principal C2E Program objective is to acquire cloud computing services directly from commercial cloud service providers with established records for innovation and operational excellence in cloud service delivery for a large customer base,the department stated in the presentation.Apparently, the agency prefers to avoid all the attention that the Pentagon’s JEDI cloud procurement process got, and quietly go about its business.

Read More

AWS tags US$235 million to expand its cloud infrastructure in Latin America

Article | February 10, 2020

Amazon Web Services (AWS) is raising its stake on cloud computing infrastructure in Latin America. Proof of this is that the IT company will use R$1 billion (around US$235 million) to expand its data center in Sao Paulo. These millions will be used for its Data Processing Center located in that part of Brazil. In addition, a portion of these US$235 million will also be used to increase the services it offers to both public and private parties.The move gives reason to suggest that AWS is upping the ante in the future of startups and tech in the region that rely on cloud services to develop their own products.It launched its cloud center in Brazil in 2011 but it’ll be getting some beefing up thanks to these funds. Moreover, AWS has two Edge networks in São Paulo and two in Rio de Janeiro. As well as one in each of the following cities: Bogotá (Colombia), Buenos Aires (Argentina), and Santiago (Chile).The objective of all of this is to be the region’s prime provider of cloud infrastructure and beat out its competition AKA, Google Cloud Platform and Microsoft’s Azure.

Read More

Spotlight

Profitbase AS

Our solutions provide businesses with a consolidated view of key information resulting in increased visibility to all aspects of business performance. This helps accelerate planning cycles enabling users to plan, track and act on performance based on their roles in the organizations. Dashboards and reports deliver a rich set of pre-defined metrics and Key Performance Indicators that empower decision makers with the information they need to easily monitor and optimize their operations.

Related News

Cloud App Development

Box and Google Cloud Expand Strategic Partnership Across Generative AI and Go-to-Market

Business Wire | November 02, 2023

Box, Inc. (NYSE: BOX), the leading Content Cloud, and Google Cloud today announced an expanded partnership to transform work in the enterprise with generative AI. Box will integrate with Vertex AI to build new gen AI features that help customers more efficiently process and analyze data stored in the Box Content Cloud, which is also now available to customers directly through Google Cloud Marketplace. Enterprises today want to work with strategic technology platforms that can help them work smarter and more productively, said Aaron Levie, co-founder and CEO of Box. Google Cloud is an incredibly important partner that helps us serve our customers globally. This deepened partnership underscores our joint commitment to delivering solutions that leverage cutting edge technology to power entirely new ways for users to intelligently interact with their content and revolutionize the way businesses operate in the AI-first era. “Generative AI can streamline some of the most time-consuming processes facing enterprises today, such as manual data entry and analysis,” said Thomas Kurian, CEO of Google Cloud. “Our expanded partnership with Box will provide customers with new tools that help them quickly process and create insights from documents stored within Box Content Cloud, saving time that users can reallocate towards more impactful work.” New Box AI Capabilities, Powered by Vertex AI Box has chosen to integrate with Vertex AI, Google Cloud’s unified AI platform, to help customers process and analyze data faster, create more personalized user experiences, intelligent search, and more. Building on the earlier announcement that Box will integrate Google Cloud’s advanced large-language models (LLMs) into Box AI, Box will now use Vertex AI to help power its new metadata extraction feature. The new feature, coming first as an API, will save customers’ time inputting and maintaining data by automatically identifying and tagging key context from their documents, including matching metadata fields to attributes within a file. Soon, customers will be able to: Automatically classify and label documents at scale to surface key insights, such as contracts nearing their expiration and invoices requiring payment within the current month. Define metadata templates to extract information for custom use cases, such as automatically recognizing and tagging products in images or categorizing PII in specific types. Populate defined metadata templates and integrate with ERP and CRM systems to automate workflows such as invoicing, executing contracts, client and employee onboarding, and more. Identify and preserve critical information, such as timestamps, authorship, and document versions history, to maintain compliance protocols. Recognize and extract metadata in different languages to ensure consistent term recognition while operating in different countries and regions. Box is Now Available on Google Cloud Marketplace As part of the expanded partnership, Box is now also available on Google Cloud Marketplace, making it even easier for customers using Google Cloud infrastructure to purchase Box’s content management platform. With the Box app available on Google Cloud Marketplace, eligible customers can realize key benefits including: Reduced procurement cycles allowing for faster, smoother, and simpler buying process. Consolidated Google Cloud billing. Cost savings against existing Google Cloud commitments when purchased through Google Cloud Marketplace. Box Expands Its Use of Google Cloud Box already leverages Google Cloud as a key infrastructure provider for data storage and compute globally. Now, Box will expand its usage of Google Cloud by adopting several new services across networking, data analytics, and machine learning to deliver faster performance and higher-reliability to its customers. For example, Box is now applying: Google Cloud as a storage option for Box KeySafe, which enables Box customers to use their own encryption key within Box. This provides customers with more choice over where they maintain their encryption keys. Google Cloud’s global networking infrastructure to power Box network communication with customers, resulting in faster content transfers and increased productivity for customers around the world. Cloud Bigtable for improved performance and uptime for the core data systems that power Box. This enables Box to deliver its customers with a more reliable service to secure and manage all of their content needs. Google Cloud BigQuery to power Box's data application, analytics, and insights. With BigQuery, Box can now deliver more comprehensive data-driven insights to customers faster. Google Workspace Integrations The expanded partnership builds on existing integrations with Google Workspace, which lets Box customers create, collaborate, and save content in Google Docs, Sheets, or Slides from the secure Box Content Cloud platform. Additionally, the Box for Google Workspace add-on enables smooth and secure productivity and collaboration across Google Workspace, including Gmail, Google Drive, and Google Calendar. With these integrations, customers can: Create, open, and edit content using Google Workspace’s collaboration tools directly within Box. Add Box files directly to emails and save email attachments to Box without leaving Gmail. Include Box files and link Box Notes directly to your Google Calendar events. Save files in Google Drive to Box. Apply Box’s enterprise-grade security, compliance, and governance capabilities to Google Docs, Sheets, and Slides. About Box Box (NYSE:BOX) is the leading Content Cloud, a single platform that empowers organizations to manage the entire content lifecycle, work securely from anywhere, and integrate across best-of-breed apps. Founded in 2005, Box simplifies work for leading global organizations, including AstraZeneca, JLL, Morgan Stanley, and Nationwide. Box is headquartered in Redwood City, CA, with offices across the United States, Europe, and Asia. Visit box.com to learn more. And visit box.org to learn more about how Box empowers nonprofits to fulfill their missions. About Google Cloud Google Cloud accelerates every organization’s ability to digitally transform its business and industry. We deliver enterprise-grade solutions that leverage Google’s cutting-edge technology, and tools that help developers build more sustainably. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.

Read More

Cloud Security

Sysdig Debuts New Benchmark for Cloud Detection and Response

Business Wire | November 03, 2023

Sysdig, the leader in cloud security powered by runtime insights, today released at SANS CyberFest 2023 the 5/5/5 Benchmark for Cloud Detection and Response, a new framework that outlines how quickly organizations should detect, triage, and respond to attacks in the cloud. Operating securely in the cloud requires a mindset shift in regard to time, and with that, cloud security programs need to hold themselves to a modernized benchmark: five seconds to detect, five minutes to correlate insights and understand what’s happening, and five additional minutes to respond. Recent findings by the Sysdig Threat Research Team published in the 2023 Global Cloud Threat Report note that, after discovering an exploitable target, malicious actors require less than 10 minutes to execute an attack. Cloud attacks are swift and sophisticated, requiring robust threat detection and response programs that move at the speed of the cloud. On-premises attacks take 16 days on average and antiquated frameworks challenge security teams to respond to a breach within 60 minutes, which is simply insufficient for the cloud. Bad actors are exploiting the automation and scale of the cloud, along with new techniques, to accelerate all stages of an attack and inflict damage within minutes. The 5/5/5 Benchmark guides organizations to detect and respond to cloud attacks faster than adversaries can complete them. The Challenge Detect threats within five seconds.Organizations should be able to gather detection signals from their cloud security tools in real time to ensure visibility into ephemeral assets. Correlate and triage within five minutes.Teams should be able to gather full context for all correlated signals within five minutes of receiving the first relevant alert. Initiate a response within five minutes.Organizations should be able to initiate a tactical response within five minutes of confirming that an attack is in progress. What people are saying People are always looking for security metrics, especially when the industry evolves into new operating models. We have plenty of 'best practices,' but no real way to quantify cloud security agility — until now, said Anna Belak, Director, Office of Cybersecurity Strategy at Sysdig. The 5/5/5 Benchmark, built in partnership with our customers, industry analysts, and the Sysdig Threat Research Team, sets a new standard for operating securely in the cloud. “As organizations move to the cloud, traditional on-premises security standards become outdated and too slow. In the cloud, both innovation and attacks happen quickly – companies need security tools, processes, and standards designed to operate at the speed of cloud-native environments,” said Phil Bues, Research Manager for IDC Cloud Security. “I don’t want to know 15 minutes after someone breached my system. I need to know instantly so that we can shut it down before the blast radius expands,” said Kuldeep Tomar, Head of Information Security at India’s leading digital skill games company and 5/5/5 Benchmark Advisor. “To move at the necessary speed, you need to not only be alerted to the right things, but also respond appropriately. Having a benchmark gives us a goal to hold ourselves to.” About Sysdig In the cloud, every second counts. Attacks move at warp speed, and security teams must protect the business without slowing it down. Sysdig stops cloud attacks in real time, instantly detecting changes in risk with runtime insights and open source Falco. Sysdig correlates signals across cloud workloads, identities, and services to uncover hidden attack paths and prioritize real risk. From prevention to defense, Sysdig helps enterprises focus on what matters: innovation. Sysdig. Secure Every Second.

Read More

Cloud App Development

LogRhythm Unveils Major Advancements to Cloud-Native SIEM Platform, LogRhythm Axon

Business Wire | October 04, 2023

LogRhythm, the company helping security teams stop breaches by turning disconnected data and signals into trustworthy insights, today announced its 6th consecutive quarterly release and the one-year anniversary of its groundbreaking cloud-native SaaS SIEM platform, LogRhythm Axon. This quarterly release introduces significant enhancements and expansion to Axon and the full suite of LogRhythm solutions, underscoring the company's commitment to continuous innovation in the global cybersecurity landscape. "In a dynamic and ever-evolving cybersecurity landscape, LogRhythm is obsessed with delivering value our customers care about,” said Chris O’Malley, CEO of LogRhythm. “As we celebrate the one-year anniversary of Axon's launch, customer satisfaction is our first priority, guiding every decision we make. We believe that by driving continuous improvements in innovation delivery rooted in well understood customer needs, we can empower our product users to navigate the complex world of cybersecurity with confidence and efficiency." SOC Efficiency and Streamlined Analyst Workflows LogRhythm’s latest Axon release rounds out the ability to seamlessly detect, investigate, and respond to potential threats within a security operations center. With the foundation of incident response, security teams can now leverage Axon to automate team workflows through case management. Case management enables analysts to automatically create cases that enable investigative workflows to track responses to threats, thus mitigating duplication of efforts and optimizing threat mitigation strategies. In addition, Axon’s new Signal Replay feature enables SOC teams to test analytics rules to ensure detections are optimized for their environment. Continuing the effort to advance SOC efficiency, LogRhythm SIEM now provides seamless integration of log source onboarding through centralized management. This enhanced SIEM capability eliminates the need for administrators to navigate several servers and UIs to complete onboarding, thereby streamlining workflows through a single interface, increasing productivity, and reducing the administrative process in half. Bridging the Skills Gap LogRhythm continues to address the industry-wide skills gap by providing features that enhance the productivity and onboarding processes for security analysts. The new in-product resource centers for both LogRhythm SIEM and LogRhythm Axon equip security teams with tools they need to quickly understand how to best utilize the platforms and realize a faster time to value. This comprehensive resource hub provides quick access to tutorials, documentation, release information, and the LogRhythm Community for support from the security community. LogRhythm Expands Cloud-Native SIEM Platform to APAC LogRhythm is also pleased to announce the successful expansion of their LogRhythm Axon SIEM platform to the APAC region. With a new instance in Australia, LogRhythm Axon’s cloud-native SIEM will be available to provide customers with a flexible solution to strengthen security operations and ensure comprehensive protection. In partnership with Seamless Intelligence, LogRhythm’s partner of the year in Australia, a managed services layer will also be available for LogRhythm Axon customers. “LogRhythm Axon significantly advances what customers can and should expect from a cloud-native SaaS SIEM platform. We’ve been impressed with its platform design and architecture, as well as the continuous pace of innovation,” said Chris Bolan, Managing Director of Seamless Intelligence. “Our Axon managed services are being developed to take advantage of the platform’s capabilities and to provide our clients with the world-class cybersecurity solution and services needed to keep their organizations safe.” Additional enhancements with LogRhythm SIEM, LogRhythm NDR and LogRhythm Axon solutions released in this quarterly rollout include: LogRhythm Axon: User anomaly detection for improbable travel allows protection against abnormal access attempts into an organization's environment. New case management feature automates incident response and investigative workflows, helping SOC teams delegate resources, prioritize their work and improve efficiency. Cases and email notifications can be automatically created or sent when an analytic rule is triggered, indicating an event requires immediate attention. Ability to search common events allows analysts to find relevant security events across different vendors’ log sources without having prior knowledge of the underlying log structure. New signal replay enhances threat detection development process by allowing testing for analytics rules to ensure they are fine-tuned and optimized for their environment. LogRhythm SIEM: Streamlined onboarding of Beats and Open Collectors, a collection of LogRhythm services that gather and normalize data from various cloud providers, in a single location to cut the workflow in half. Enhanced API log source onboarding for easier management of Open Collectors and Beats. Expanded library of supported log sources and parsing for improved correlation and analysis. In-product Resource Center for access to tutorials, announcements, docs, and support. LogRhythm NDR: IP Behind Load Balancer Tracking for faster triage capabilities when responding to incidents. Enhanced model output contextualization to empower quicker action to threats as relevant information is readily available. In addition to LogRhythm's commitment to innovation and seamless cybersecurity solutions, Novacoast has also emerged as the first Axon services provider for LogRhythm's customer base. Novacoast's expertise in delivering innovative cybersecurity services adds a new layer of value to the already impressive suite of LogRhythm Axon capabilities. “This strategic partnership reflects the platform's efficacy and flexibility in enhancing security programs across diverse environments,” said Jonathan Poon, CISO at Novacoast. “As LogRhythm continues to adapt its Axon offerings to address customer requirements, we are proud to be part of this evolution, propelling the cybersecurity landscape forward. Together, we are addressing industry needs and setting the standard for security services.” About LogRhythm LogRhythm helps security teams stop breaches by turning disconnected data and signals into trustworthy insights. From connecting the dots across diverse log and threat intelligence sources to using sophisticated machine learning that spots suspicious anomalies in network traffic and user behavior, LogRhythm accurately pinpoints cyberthreats and empowers professionals to respond with speed and efficiency. With cloud-native and self-hosted deployment flexibility, out-of-the-box integrations, and advisory services, LogRhythm makes it easy to realize value quickly and adapt to an ever-evolving threat landscape. Together, LogRhythm and our customers confidently monitor, detect, investigate, and respond to cyberattacks. Learn more at logrhythm.com.

Read More

Cloud App Development

Box and Google Cloud Expand Strategic Partnership Across Generative AI and Go-to-Market

Business Wire | November 02, 2023

Box, Inc. (NYSE: BOX), the leading Content Cloud, and Google Cloud today announced an expanded partnership to transform work in the enterprise with generative AI. Box will integrate with Vertex AI to build new gen AI features that help customers more efficiently process and analyze data stored in the Box Content Cloud, which is also now available to customers directly through Google Cloud Marketplace. Enterprises today want to work with strategic technology platforms that can help them work smarter and more productively, said Aaron Levie, co-founder and CEO of Box. Google Cloud is an incredibly important partner that helps us serve our customers globally. This deepened partnership underscores our joint commitment to delivering solutions that leverage cutting edge technology to power entirely new ways for users to intelligently interact with their content and revolutionize the way businesses operate in the AI-first era. “Generative AI can streamline some of the most time-consuming processes facing enterprises today, such as manual data entry and analysis,” said Thomas Kurian, CEO of Google Cloud. “Our expanded partnership with Box will provide customers with new tools that help them quickly process and create insights from documents stored within Box Content Cloud, saving time that users can reallocate towards more impactful work.” New Box AI Capabilities, Powered by Vertex AI Box has chosen to integrate with Vertex AI, Google Cloud’s unified AI platform, to help customers process and analyze data faster, create more personalized user experiences, intelligent search, and more. Building on the earlier announcement that Box will integrate Google Cloud’s advanced large-language models (LLMs) into Box AI, Box will now use Vertex AI to help power its new metadata extraction feature. The new feature, coming first as an API, will save customers’ time inputting and maintaining data by automatically identifying and tagging key context from their documents, including matching metadata fields to attributes within a file. Soon, customers will be able to: Automatically classify and label documents at scale to surface key insights, such as contracts nearing their expiration and invoices requiring payment within the current month. Define metadata templates to extract information for custom use cases, such as automatically recognizing and tagging products in images or categorizing PII in specific types. Populate defined metadata templates and integrate with ERP and CRM systems to automate workflows such as invoicing, executing contracts, client and employee onboarding, and more. Identify and preserve critical information, such as timestamps, authorship, and document versions history, to maintain compliance protocols. Recognize and extract metadata in different languages to ensure consistent term recognition while operating in different countries and regions. Box is Now Available on Google Cloud Marketplace As part of the expanded partnership, Box is now also available on Google Cloud Marketplace, making it even easier for customers using Google Cloud infrastructure to purchase Box’s content management platform. With the Box app available on Google Cloud Marketplace, eligible customers can realize key benefits including: Reduced procurement cycles allowing for faster, smoother, and simpler buying process. Consolidated Google Cloud billing. Cost savings against existing Google Cloud commitments when purchased through Google Cloud Marketplace. Box Expands Its Use of Google Cloud Box already leverages Google Cloud as a key infrastructure provider for data storage and compute globally. Now, Box will expand its usage of Google Cloud by adopting several new services across networking, data analytics, and machine learning to deliver faster performance and higher-reliability to its customers. For example, Box is now applying: Google Cloud as a storage option for Box KeySafe, which enables Box customers to use their own encryption key within Box. This provides customers with more choice over where they maintain their encryption keys. Google Cloud’s global networking infrastructure to power Box network communication with customers, resulting in faster content transfers and increased productivity for customers around the world. Cloud Bigtable for improved performance and uptime for the core data systems that power Box. This enables Box to deliver its customers with a more reliable service to secure and manage all of their content needs. Google Cloud BigQuery to power Box's data application, analytics, and insights. With BigQuery, Box can now deliver more comprehensive data-driven insights to customers faster. Google Workspace Integrations The expanded partnership builds on existing integrations with Google Workspace, which lets Box customers create, collaborate, and save content in Google Docs, Sheets, or Slides from the secure Box Content Cloud platform. Additionally, the Box for Google Workspace add-on enables smooth and secure productivity and collaboration across Google Workspace, including Gmail, Google Drive, and Google Calendar. With these integrations, customers can: Create, open, and edit content using Google Workspace’s collaboration tools directly within Box. Add Box files directly to emails and save email attachments to Box without leaving Gmail. Include Box files and link Box Notes directly to your Google Calendar events. Save files in Google Drive to Box. Apply Box’s enterprise-grade security, compliance, and governance capabilities to Google Docs, Sheets, and Slides. About Box Box (NYSE:BOX) is the leading Content Cloud, a single platform that empowers organizations to manage the entire content lifecycle, work securely from anywhere, and integrate across best-of-breed apps. Founded in 2005, Box simplifies work for leading global organizations, including AstraZeneca, JLL, Morgan Stanley, and Nationwide. Box is headquartered in Redwood City, CA, with offices across the United States, Europe, and Asia. Visit box.com to learn more. And visit box.org to learn more about how Box empowers nonprofits to fulfill their missions. About Google Cloud Google Cloud accelerates every organization’s ability to digitally transform its business and industry. We deliver enterprise-grade solutions that leverage Google’s cutting-edge technology, and tools that help developers build more sustainably. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.

Read More

Cloud Security

Sysdig Debuts New Benchmark for Cloud Detection and Response

Business Wire | November 03, 2023

Sysdig, the leader in cloud security powered by runtime insights, today released at SANS CyberFest 2023 the 5/5/5 Benchmark for Cloud Detection and Response, a new framework that outlines how quickly organizations should detect, triage, and respond to attacks in the cloud. Operating securely in the cloud requires a mindset shift in regard to time, and with that, cloud security programs need to hold themselves to a modernized benchmark: five seconds to detect, five minutes to correlate insights and understand what’s happening, and five additional minutes to respond. Recent findings by the Sysdig Threat Research Team published in the 2023 Global Cloud Threat Report note that, after discovering an exploitable target, malicious actors require less than 10 minutes to execute an attack. Cloud attacks are swift and sophisticated, requiring robust threat detection and response programs that move at the speed of the cloud. On-premises attacks take 16 days on average and antiquated frameworks challenge security teams to respond to a breach within 60 minutes, which is simply insufficient for the cloud. Bad actors are exploiting the automation and scale of the cloud, along with new techniques, to accelerate all stages of an attack and inflict damage within minutes. The 5/5/5 Benchmark guides organizations to detect and respond to cloud attacks faster than adversaries can complete them. The Challenge Detect threats within five seconds.Organizations should be able to gather detection signals from their cloud security tools in real time to ensure visibility into ephemeral assets. Correlate and triage within five minutes.Teams should be able to gather full context for all correlated signals within five minutes of receiving the first relevant alert. Initiate a response within five minutes.Organizations should be able to initiate a tactical response within five minutes of confirming that an attack is in progress. What people are saying People are always looking for security metrics, especially when the industry evolves into new operating models. We have plenty of 'best practices,' but no real way to quantify cloud security agility — until now, said Anna Belak, Director, Office of Cybersecurity Strategy at Sysdig. The 5/5/5 Benchmark, built in partnership with our customers, industry analysts, and the Sysdig Threat Research Team, sets a new standard for operating securely in the cloud. “As organizations move to the cloud, traditional on-premises security standards become outdated and too slow. In the cloud, both innovation and attacks happen quickly – companies need security tools, processes, and standards designed to operate at the speed of cloud-native environments,” said Phil Bues, Research Manager for IDC Cloud Security. “I don’t want to know 15 minutes after someone breached my system. I need to know instantly so that we can shut it down before the blast radius expands,” said Kuldeep Tomar, Head of Information Security at India’s leading digital skill games company and 5/5/5 Benchmark Advisor. “To move at the necessary speed, you need to not only be alerted to the right things, but also respond appropriately. Having a benchmark gives us a goal to hold ourselves to.” About Sysdig In the cloud, every second counts. Attacks move at warp speed, and security teams must protect the business without slowing it down. Sysdig stops cloud attacks in real time, instantly detecting changes in risk with runtime insights and open source Falco. Sysdig correlates signals across cloud workloads, identities, and services to uncover hidden attack paths and prioritize real risk. From prevention to defense, Sysdig helps enterprises focus on what matters: innovation. Sysdig. Secure Every Second.

Read More

Cloud App Development

LogRhythm Unveils Major Advancements to Cloud-Native SIEM Platform, LogRhythm Axon

Business Wire | October 04, 2023

LogRhythm, the company helping security teams stop breaches by turning disconnected data and signals into trustworthy insights, today announced its 6th consecutive quarterly release and the one-year anniversary of its groundbreaking cloud-native SaaS SIEM platform, LogRhythm Axon. This quarterly release introduces significant enhancements and expansion to Axon and the full suite of LogRhythm solutions, underscoring the company's commitment to continuous innovation in the global cybersecurity landscape. "In a dynamic and ever-evolving cybersecurity landscape, LogRhythm is obsessed with delivering value our customers care about,” said Chris O’Malley, CEO of LogRhythm. “As we celebrate the one-year anniversary of Axon's launch, customer satisfaction is our first priority, guiding every decision we make. We believe that by driving continuous improvements in innovation delivery rooted in well understood customer needs, we can empower our product users to navigate the complex world of cybersecurity with confidence and efficiency." SOC Efficiency and Streamlined Analyst Workflows LogRhythm’s latest Axon release rounds out the ability to seamlessly detect, investigate, and respond to potential threats within a security operations center. With the foundation of incident response, security teams can now leverage Axon to automate team workflows through case management. Case management enables analysts to automatically create cases that enable investigative workflows to track responses to threats, thus mitigating duplication of efforts and optimizing threat mitigation strategies. In addition, Axon’s new Signal Replay feature enables SOC teams to test analytics rules to ensure detections are optimized for their environment. Continuing the effort to advance SOC efficiency, LogRhythm SIEM now provides seamless integration of log source onboarding through centralized management. This enhanced SIEM capability eliminates the need for administrators to navigate several servers and UIs to complete onboarding, thereby streamlining workflows through a single interface, increasing productivity, and reducing the administrative process in half. Bridging the Skills Gap LogRhythm continues to address the industry-wide skills gap by providing features that enhance the productivity and onboarding processes for security analysts. The new in-product resource centers for both LogRhythm SIEM and LogRhythm Axon equip security teams with tools they need to quickly understand how to best utilize the platforms and realize a faster time to value. This comprehensive resource hub provides quick access to tutorials, documentation, release information, and the LogRhythm Community for support from the security community. LogRhythm Expands Cloud-Native SIEM Platform to APAC LogRhythm is also pleased to announce the successful expansion of their LogRhythm Axon SIEM platform to the APAC region. With a new instance in Australia, LogRhythm Axon’s cloud-native SIEM will be available to provide customers with a flexible solution to strengthen security operations and ensure comprehensive protection. In partnership with Seamless Intelligence, LogRhythm’s partner of the year in Australia, a managed services layer will also be available for LogRhythm Axon customers. “LogRhythm Axon significantly advances what customers can and should expect from a cloud-native SaaS SIEM platform. We’ve been impressed with its platform design and architecture, as well as the continuous pace of innovation,” said Chris Bolan, Managing Director of Seamless Intelligence. “Our Axon managed services are being developed to take advantage of the platform’s capabilities and to provide our clients with the world-class cybersecurity solution and services needed to keep their organizations safe.” Additional enhancements with LogRhythm SIEM, LogRhythm NDR and LogRhythm Axon solutions released in this quarterly rollout include: LogRhythm Axon: User anomaly detection for improbable travel allows protection against abnormal access attempts into an organization's environment. New case management feature automates incident response and investigative workflows, helping SOC teams delegate resources, prioritize their work and improve efficiency. Cases and email notifications can be automatically created or sent when an analytic rule is triggered, indicating an event requires immediate attention. Ability to search common events allows analysts to find relevant security events across different vendors’ log sources without having prior knowledge of the underlying log structure. New signal replay enhances threat detection development process by allowing testing for analytics rules to ensure they are fine-tuned and optimized for their environment. LogRhythm SIEM: Streamlined onboarding of Beats and Open Collectors, a collection of LogRhythm services that gather and normalize data from various cloud providers, in a single location to cut the workflow in half. Enhanced API log source onboarding for easier management of Open Collectors and Beats. Expanded library of supported log sources and parsing for improved correlation and analysis. In-product Resource Center for access to tutorials, announcements, docs, and support. LogRhythm NDR: IP Behind Load Balancer Tracking for faster triage capabilities when responding to incidents. Enhanced model output contextualization to empower quicker action to threats as relevant information is readily available. In addition to LogRhythm's commitment to innovation and seamless cybersecurity solutions, Novacoast has also emerged as the first Axon services provider for LogRhythm's customer base. Novacoast's expertise in delivering innovative cybersecurity services adds a new layer of value to the already impressive suite of LogRhythm Axon capabilities. “This strategic partnership reflects the platform's efficacy and flexibility in enhancing security programs across diverse environments,” said Jonathan Poon, CISO at Novacoast. “As LogRhythm continues to adapt its Axon offerings to address customer requirements, we are proud to be part of this evolution, propelling the cybersecurity landscape forward. Together, we are addressing industry needs and setting the standard for security services.” About LogRhythm LogRhythm helps security teams stop breaches by turning disconnected data and signals into trustworthy insights. From connecting the dots across diverse log and threat intelligence sources to using sophisticated machine learning that spots suspicious anomalies in network traffic and user behavior, LogRhythm accurately pinpoints cyberthreats and empowers professionals to respond with speed and efficiency. With cloud-native and self-hosted deployment flexibility, out-of-the-box integrations, and advisory services, LogRhythm makes it easy to realize value quickly and adapt to an ever-evolving threat landscape. Together, LogRhythm and our customers confidently monitor, detect, investigate, and respond to cyberattacks. Learn more at logrhythm.com.

Read More

Events