Home > News > Latest > Cloud Use Improves Risk Management and Mitigation states CSA and Google

Cloud App Development

Cloud Use Improves Risk Management and Mitigation states CSA and Google

Cloud Security Alliance
Measuring Risk and Risk Governance was just made available by the Cloud Security Alliance (CSA), the foremost global organization for establishing standards, certifications, and best practices to assist assure a safe cloud computing environment. The survey, developed by CSA in partnership with Google Cloud to evaluate the maturity of public cloud adoption and risk management processes within the company, provided a deeper knowledge of these practices.

Adopting technology that improves operational and customer experiences is a part of the digital transformation process. The cloud is increasingly being considered as a way to boost an enterprise's risk posture with a view to enhancing overall business risk management; this action is frequently supported by an improved strategy for application, data, and infrastructure security. Because both the cloud service provider and the customer have ownership in the provision of services, business risk assessment methodologies must be adjusted to the cloud model and take these consequences into account. A greater understanding of IT's impact on an enterprise's entire risk maturity, including the adoption of a shared fate partnership between CSP and customers, is provided by evaluating cloud and business risk together.

"With enterprises continuing to add production in the cloud and the growing use of cloud services, managing cloud and digital assets will be critical in risk management and measurement. While there is still work to be done as organizations mature their ability to manage cloud and multi-cloud security and risk mitigations, these issues are improved in the cloud when compared to current on-premise and legacy IT environments. This study confirms that an organization's best path to viable risk management involves IT modernization into the cloud or cloud-like on-premise infrastructure," 

Jim Reavis, co-founder and CEO, Cloud Security Alliance

The survey, which was conducted in two phases, was designed to advance industry understanding of business risk. More than 600 IT and security experts from a range of company sizes and locations responded to the second component of the study, an online survey, using the information acquired in the first round of interviews, which were conducted by CSA.

"Increasingly, cloud is becoming less of a risk to manage and more of a means to manage these risks. Continuously evaluating your risk status allows enterprises to properly configure and maximize the effectiveness of their security solutions, which in turn, protects their assets and improves business productivity. This study has shone a light on the opportunities enterprises can take to manage and measure their risk, and will hopefully lead to improved risk management practices. And, whereas these practices impact many areas in the enterprise, modernizing the approach helps both businesses and providers improve their cloud adoption," said Phil Venables, Chief Information Security Officer and Vice President of Google Cloud.

Spotlight


Other News
Cloud Infrastructure Management

The Manufacturing Sector Experiences More Attacks in the Cloud than Any Other Industry

PR Newswire: | January 19, 2024

Netwrix, a cybersecurity vendor that makes data security easy, today revealed additional findings for the manufacturing sector from its survey of 1,610 IT and security professionals across more than 100 countries. According to the survey, 64% of companies in the manufacturing sector suffered a cyberattack during the preceding 12 months, which is similar to the finding among organizations overall (68%). However, it turned out that the manufacturing sector experiences more cloud infrastructure attacks than any other industry surveyed. Among manufacturing companies that detected an attack, 85% spotted phishing in the cloud compared to only 58% across all verticals; 43% faced user account compromise in the cloud as opposed to 27% among all industries; and 25% dealt with data theft by hackers in the cloud compared to 15% for organizations overall. "The manufacturing sector relies heavily on the cloud to work with their supply chain in real time. This makes their cloud infrastructure a lucrative target for attackers — infiltrating it enables them to move laterally and potentially compromise other linked organizations, as happened to one the world's top meat processing companies. Credential compromise or malware deployed via a phishing email is just the beginning of the attack," says Dirk Schrader, VP of Security Research at Netwrix. "The attack surface in the cloud is always expanding, so it's critical for manufacturing companies to adopt a defense-in-depth approach," adds Ilia Sotnikov, Security Strategist at Netwrix. "First, they must rigorously enforce the principle of least privilege to limit access to sensitive data, which ideally includes just-in-time access to eliminate unnecessary entry points for adversaries. They also need to gain deep visibility into when and how critical data in the cloud is being used so that IT teams can promptly spot potential threats. Finally, they need to be prepared to minimize the damage from incidents by having a comprehensive response strategy that is regularly exercised and updated." To learn more about security trends, check out the complete 2023 Hybrid Security Trends Report. About Netwrix Netwrix makes data security easy. Since 2006, Netwrix solutions have been simplifying the lives of security professionals by enabling them to identify and protect sensitive data to reduce the risk of a breach, and to detect, respond to and recover from attacks, limiting their impact. More than 13,500 organizations worldwide rely on Netwrix solutions to strengthen their security and compliance posture across all three primary attack vectors: data, identity and infrastructure.

Read More

Cloud Storage

TRG Screen Announces Acquisition of Xpansion for Reference Data Usage Management

PR Newswire: | January 25, 2024

TRG Screen, the leading provider of enterprise subscription spend and usage management software, today announced it has acquired Xpansion, the leading provider of cloud-based solutions for reference data usage monitoring in the financial services industry. The acquisition of Xpansion will further solidify TRG Screen's position as a global market leader in market data management solutions. Xpansion – established in 2013 – is focused on empowering data operations teams to proactively manage their usage, control costs and optimize data workflows. Xpansion's offerings include Xmon, Xprocess and Xplore, and provide real-time analytics, giving clients unprecedented transparency, visibility and control into their reference data usage. This deal consolidates TRG Screen's unique position as the only provider of enterprise subscription management capabilities spanning the whole spectrum of market data optimization, from spend and inventory tracking, through to usage and enquiry management, exchange reporting and compliance. "Xpansion and TRG Screen have been partners for many years. Bringing Xpansion into the TRG Screen family is a very logical next step for both companies, given our strong relationship and shared view that the industry demand for integrated usage management solutions is going to continue to grow," said TRG Screen CEO Leigh Walters. "Xpansion is an established firm with excellent customer satisfaction and retention, and highly experienced and industry respected leadership. We are very excited at the opportunities this acquisition brings." "We are thrilled to be joining TRG Screen," said Xpansion co-founder and CEO Amjad Zoghbi. "Reference data usage is one of the most complex aspects of market data management, and managing it correctly is essential to maintaining contractual compliance and ensuring clients are right-sizing their usage based on actual consumption and business need. I'm very pleased that Xpansion's customers, and team, will now be part of the best-of-breed solution with the industry's leading provider of market data management solutions." The acquisition demonstrates TRG Screen's ongoing commitment to servicing the needs of market data consumers, vendors and exchanges. Financial terms of the transaction were not disclosed. About TRG Screen TRG Screen is the leading provider of enterprise subscription management solutions. Founded in 1998, TRG Screen is uniquely differentiated by its ability to monitor both spend and usage of data and information services including market data, research, software licenses, consulting and other corporate expenses. TRG Screen's solutions provide its customers with full transparency into their vendor relationships and their subscription spend and usage, enabling them to optimize their enterprise subscriptions. TRG acquired Priory Solutions in 2016, Screen Group in 2018, Axon Financial Systems in 2019, Market Data Insights in 2020, and Jordan & Jordan's Market Data Reporting (MDR) business in 2021 and with these acquisitions is now positioned as the global market leader in the financial, legal, and professional services markets. TRG Screen's product portfolio includes subscription spend, usage, enquiry and compliance solutions. For more information visit trgscreen.com. Follow TRG Screen on LinkedIn, @TRG Screen, and on Twitter, @trgscreen. About Xpansion Xpansion delivers next-generation reference data solutions that empower financial institutions to streamline their reference data operations, reduce costs, enhance data quality, and improve data discovery. With a focus on customer satisfaction, continuous innovation and quick time to value, Xpansion is a trusted partner for financial institutions in the buy- and sell-side as well as solution providers in the industry.

Read More

Cloud Infrastructure Management

The Manufacturing Sector Experiences More Attacks in the Cloud than Any Other Industry

PR Newswire: | January 19, 2024

Netwrix, a cybersecurity vendor that makes data security easy, today revealed additional findings for the manufacturing sector from its survey of 1,610 IT and security professionals across more than 100 countries. According to the survey, 64% of companies in the manufacturing sector suffered a cyberattack during the preceding 12 months, which is similar to the finding among organizations overall (68%). However, it turned out that the manufacturing sector experiences more cloud infrastructure attacks than any other industry surveyed. Among manufacturing companies that detected an attack, 85% spotted phishing in the cloud compared to only 58% across all verticals; 43% faced user account compromise in the cloud as opposed to 27% among all industries; and 25% dealt with data theft by hackers in the cloud compared to 15% for organizations overall. "The manufacturing sector relies heavily on the cloud to work with their supply chain in real time. This makes their cloud infrastructure a lucrative target for attackers — infiltrating it enables them to move laterally and potentially compromise other linked organizations, as happened to one the world's top meat processing companies. Credential compromise or malware deployed via a phishing email is just the beginning of the attack," says Dirk Schrader, VP of Security Research at Netwrix. "The attack surface in the cloud is always expanding, so it's critical for manufacturing companies to adopt a defense-in-depth approach," adds Ilia Sotnikov, Security Strategist at Netwrix. "First, they must rigorously enforce the principle of least privilege to limit access to sensitive data, which ideally includes just-in-time access to eliminate unnecessary entry points for adversaries. They also need to gain deep visibility into when and how critical data in the cloud is being used so that IT teams can promptly spot potential threats. Finally, they need to be prepared to minimize the damage from incidents by having a comprehensive response strategy that is regularly exercised and updated." To learn more about security trends, check out the complete 2023 Hybrid Security Trends Report. About Netwrix Netwrix makes data security easy. Since 2006, Netwrix solutions have been simplifying the lives of security professionals by enabling them to identify and protect sensitive data to reduce the risk of a breach, and to detect, respond to and recover from attacks, limiting their impact. More than 13,500 organizations worldwide rely on Netwrix solutions to strengthen their security and compliance posture across all three primary attack vectors: data, identity and infrastructure.

Read More

Cloud Storage

TRG Screen Announces Acquisition of Xpansion for Reference Data Usage Management

PR Newswire: | January 25, 2024

TRG Screen, the leading provider of enterprise subscription spend and usage management software, today announced it has acquired Xpansion, the leading provider of cloud-based solutions for reference data usage monitoring in the financial services industry. The acquisition of Xpansion will further solidify TRG Screen's position as a global market leader in market data management solutions. Xpansion – established in 2013 – is focused on empowering data operations teams to proactively manage their usage, control costs and optimize data workflows. Xpansion's offerings include Xmon, Xprocess and Xplore, and provide real-time analytics, giving clients unprecedented transparency, visibility and control into their reference data usage. This deal consolidates TRG Screen's unique position as the only provider of enterprise subscription management capabilities spanning the whole spectrum of market data optimization, from spend and inventory tracking, through to usage and enquiry management, exchange reporting and compliance. "Xpansion and TRG Screen have been partners for many years. Bringing Xpansion into the TRG Screen family is a very logical next step for both companies, given our strong relationship and shared view that the industry demand for integrated usage management solutions is going to continue to grow," said TRG Screen CEO Leigh Walters. "Xpansion is an established firm with excellent customer satisfaction and retention, and highly experienced and industry respected leadership. We are very excited at the opportunities this acquisition brings." "We are thrilled to be joining TRG Screen," said Xpansion co-founder and CEO Amjad Zoghbi. "Reference data usage is one of the most complex aspects of market data management, and managing it correctly is essential to maintaining contractual compliance and ensuring clients are right-sizing their usage based on actual consumption and business need. I'm very pleased that Xpansion's customers, and team, will now be part of the best-of-breed solution with the industry's leading provider of market data management solutions." The acquisition demonstrates TRG Screen's ongoing commitment to servicing the needs of market data consumers, vendors and exchanges. Financial terms of the transaction were not disclosed. About TRG Screen TRG Screen is the leading provider of enterprise subscription management solutions. Founded in 1998, TRG Screen is uniquely differentiated by its ability to monitor both spend and usage of data and information services including market data, research, software licenses, consulting and other corporate expenses. TRG Screen's solutions provide its customers with full transparency into their vendor relationships and their subscription spend and usage, enabling them to optimize their enterprise subscriptions. TRG acquired Priory Solutions in 2016, Screen Group in 2018, Axon Financial Systems in 2019, Market Data Insights in 2020, and Jordan & Jordan's Market Data Reporting (MDR) business in 2021 and with these acquisitions is now positioned as the global market leader in the financial, legal, and professional services markets. TRG Screen's product portfolio includes subscription spend, usage, enquiry and compliance solutions. For more information visit trgscreen.com. Follow TRG Screen on LinkedIn, @TRG Screen, and on Twitter, @trgscreen. About Xpansion Xpansion delivers next-generation reference data solutions that empower financial institutions to streamline their reference data operations, reduce costs, enhance data quality, and improve data discovery. With a focus on customer satisfaction, continuous innovation and quick time to value, Xpansion is a trusted partner for financial institutions in the buy- and sell-side as well as solution providers in the industry.

Read More

More Trending news

Spotlight

Resources

10 Greatest Cloud Database Challenges Tackled for More Profit

Article

A Data Warehouse Buyer’s Guide to Selecting the Best Software

Article

10 Data Warehouse Best Practices to Save Colossal Extra Costs

Article

10 Greatest Cloud Database Challenges Tackled for More Profit

Article

A Data Warehouse Buyer’s Guide to Selecting the Best Software

Article

10 Data Warehouse Best Practices to Save Colossal Extra Costs

Article