DevOps.com

  • Latest
    • Articles
    • Features
    • Most Read
    • News
    • News Releases
  • Topics
    • AI
    • Continuous Delivery
    • Continuous Testing
    • Cloud
    • Culture
    • DataOps
    • DevSecOps
    • Enterprise DevOps
    • Leadership Suite
    • DevOps Practice
    • ROELBOB
    • DevOps Toolbox
    • IT as Code
  • Videos/Podcasts
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
    • DevOps Unbound
  • Webinars
    • Upcoming
    • Calendar View
    • On-Demand Webinars
  • Library
  • Events
    • Upcoming Events
    • Calendar View
    • On-Demand Events
  • Sponsored Content
  • Related Sites
    • Techstrong Group
    • Cloud Native Now
    • Security Boulevard
    • Techstrong Research
    • DevOps Chat
    • DevOps Dozen
    • DevOps TV
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
  • Media Kit
  • About
  • Sponsor
  • AI
  • Cloud
  • CI/CD
  • Continuous Testing
  • DataOps
  • DevSecOps
  • DevOps Onramp
  • Platform Engineering
  • Sustainability
  • Low-Code/No-Code
  • IT as Code
  • More
    • Application Performance Management/Monitoring
    • Culture
    • Enterprise DevOps
    • ROELBOB
Hot Topics
  • How to Build Successful DevOps Teams
  • Five Great DevOps Job Opportunities
  • Serial Entrepreneur
  • Chronosphere Adds Professional Services to Jumpstart Observability
  • Friend or Foe? ChatGPT's Impact on Open Source Software

Home » Blogs » DevSecOps » Continuous Security Key to Defending Your Data Well

Continuous Security Key to Defending Your Data Well

Avatar photoBy: Tony Bradley on January 4, 2016 1 Comment

Defending data isn’t easy. If it were, we wouldn’t see new data breach headlines on a weekly—or sometimes even daily—basis. That said, defending data also isn’t rocket science. A new report from Nuix highlights some of the major concerns with protecting data, and also illustrates some of the ways in which consistent vigilance is half the battle.

Recent Posts By Tony Bradley
  • The Best Approach to Help Developers Build Security into the Pipeline
  • Better Apps and Better Security When You Shift Left
  • The Road Ahead for Security, DevOps Transformation
Avatar photo More from Tony Bradley
Related Posts
  • Continuous Security Key to Defending Your Data Well
  • Cloud Visibility: The Security Achilles Heel
  • Cybric Launches Industry-First Continuous Security-as-a-Service Platform
    Related Categories
  • Blogs
  • DevSecOps
    Related Topics
  • continuous monitoring
  • continuous security
  • data protection
  • data security
Show more
Show less

The Nuix report, compiled by principal researcher Ari Kaplan, covers a broad spectrum of concerns related to data security. Some of the key findings from the report include:

Cloud Native NowSponsorships Available
  • Increased granularity of security budgets: Respondents report there is a growing trend to specify how the security budget should be broken down and allocated.
  • Regulatory impact on spending has doubled: Government and industry compliance mandates continue to take a sizable bite out of security budgets.
  • Greater focus on insider threats: More than 70 percent of respondents have some sort of insider threat policy or program.
  • BYOD continues to play a role in security: 82 percent of respondents have some sort of BYOD (bring your own device) policy in place. A growing number of companies, however, are prohibiting remote access by employees.
  • Cloud adoption slowing: According to the study, about 70 percent of companies are migrating data to the cloud—a number consistent with the previous year—but fewer companies are moving systems or servers to the cloud. More than four out of five respondents agreed that the cloud creates unique cybersecurity concerns, and only 43 percent indicated plans to move systems or servers to the cloud.

What sorts of unique security concerns does the cloud bring? According to the survey respondents, there are a variety of potential issues, such as:

  • losing visibility into the management of data
  • being at the mercy of the cloud provider’s security skills
  • reduced control over access to data; and
  • confusion about the privacy/legal issues when a government or law enforcement agency wants to access data.

In a nutshell, none of this is really new or different. Compliance, insider threats, BYOD and concerns over security and privacy in the cloud have been prevalent factors in network and computer security for years—and likely will continue to be for years to come. What has changed, though, is the focus on ways to implement better security and the tools to do it.

One of the primary issues with traditional computer and network security is that it’s reactionary. Scans provide moment-in-time confirmation that there are no known threats, but do little or nothing to protect against unknown threats or prevent exploits and compromises between scans. DevOps, and continuous security, change the game by enabling organizations to monitor for and detect security issues on a consistent, proactive basis.

“Security practitioners cannot continue to rely on manual, human controlled processes to defend against attacks,” agreed Andrew Storms, VP of Security Services for New Context. “Automation is a requirement for the next evolutionary phase of security protection.”

Nick Galbreath, founder and CTO of Signal Sciences, also believes that automation and continuous DevOps principles are key components of effective security. “I have argued that continuous deployment (how rapid the ‘continuous’ is up to the organization and risk-dependent on the nature of the code) is actually the most important security tool since without it, I don’t really know how you make things better rapidly.”

There are a lot of names tossed around for various aspects of DevOps automation. The actual name is not as important as the actual practice of proactively automating security processes for more effective security. Take a look at the report from Nuix to learn more about the general state of data security, but make sure you embrace DevOps and continuous security if you really want to do something about it.

Filed Under: Blogs, DevSecOps Tagged With: continuous monitoring, continuous security, data protection, data security

« A Guide to Public Cloud Security Tools
Jenkins Founder Kohsuke Kawaguchi Talks DevOps Leadership, part 1 »

Techstrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Upcoming Webinars

Securing Your Software Supply Chain with JFrog and AWS
Tuesday, June 6, 2023 - 1:00 pm EDT
Maximize IT Operations Observability with IBM i Within Splunk
Wednesday, June 7, 2023 - 1:00 pm EDT
Secure Your Container Workloads in Build-Time with Snyk and AWS
Wednesday, June 7, 2023 - 3:00 pm EDT

GET THE TOP STORIES OF THE WEEK

Sponsored Content

PlatformCon 2023: This Year’s Hottest Platform Engineering Event

May 30, 2023 | Karolina Junčytė

The Google Cloud DevOps Awards: Apply Now!

January 10, 2023 | Brenna Washington

Codenotary Extends Dynamic SBOM Reach to Serverless Computing Platforms

December 9, 2022 | Mike Vizard

Why a Low-Code Platform Should Have Pro-Code Capabilities

March 24, 2021 | Andrew Manby

AWS Well-Architected Framework Elevates Agility

December 17, 2020 | JT Giri

Latest from DevOps.com

How to Build Successful DevOps Teams
June 5, 2023 | Mariusz Tomczyk
Five Great DevOps Job Opportunities
June 5, 2023 | Mike Vizard
Chronosphere Adds Professional Services to Jumpstart Observability
June 2, 2023 | Mike Vizard
Friend or Foe? ChatGPT’s Impact on Open Source Software
June 2, 2023 | Javier Perez
VMware Streamlines IT Management via Cloud Foundation Update
June 2, 2023 | Mike Vizard

TSTV Podcast

On-Demand Webinars

DevOps.com Webinar ReplaysDevOps.com Webinar Replays

Most Read on DevOps.com

No, Dev Jobs Aren’t Dead: AI Means ‘Everyone’s a Programmer’? ¦ Interesting Intel VPUs
June 1, 2023 | Richi Jennings
What Is a Cloud Operations Engineer?
May 30, 2023 | Gilad David Maayan
Forget Change, Embrace Stability
May 31, 2023 | Don Macvittie
Five Great DevOps Job Opportunities
May 30, 2023 | Mike Vizard
Revolutionizing the Nine Pillars of DevOps With AI-Engineered Tools
June 2, 2023 | Marc Hornbeek
  • Home
  • About DevOps.com
  • Meet our Authors
  • Write for DevOps.com
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • Privacy Policy

Powered by Techstrong Group, Inc.

© 2023 ·Techstrong Group, Inc.All rights reserved.