Not long ago, amid the Microsoft Exchange Server attacks, Lookout Chief Strategy Officer Aaron Cockerill wrote about why cloud apps are more secure than their on-premise counterparts. That’s a really important lesson and an initial step towards securing your organization. Here’s part two of that narrative: you also need dedicated security to ensure that your cloud infrastructure and apps are secure.

In 2019, the hospitality industry suffered 13 percent of all data breaches, ranking third highest among targeted industries. It was two years later when NIST released SP 1800-27: Securing Property Management Systems to help hoteliers secure their Property Management Systems (PMS) and associated patron data.

The cyber security skills gap was a problem prior to the pandemic. In a survey of 342 security professionals released in early 2020, Tripwire found that 83% of security experts felt more overworked going into the new year compared to how they felt at the start of 2019. Tripwire asked respondents to elaborate on that sentiment.

There are several advantages to consuming software as a service (SaaS). For starters, it allows companies of any size to leverage enterprise-grade software (CRM, service desk, security, etc.) in a pay-as-you-go model to avoid spending large sums of money on shelfware that may never get put to use. SaaS also offers customers the ability to scale or change the usage of their software with little to no advance notice, and makes them more agile in delivering products to market.

For years now, modern organizations have enjoyed a seamless procurement experience when purchasing software products through AWS Marketplace. AWS has made it possible for customers to purchase third-party software using their allocated AWS budget while still being able to negotiate custom pricing and legal terms directly with their favorite vendors.

We all know the security industry mantra: it’s not a matter of if, but when and how we’ll be attacked. Recent reports of intrusion activity increasing fourfold in the last two years and a raft of alerts warning of a rise in attacks on schools, hospitals and healthcare providers, and critical infrastructure companies during the global pandemic have only reinforced this.

Fargate offers a great value proposition to AWS users: forget about virtual machines and just provision containers. Amazon will take care of the underlying hosts, so you will be able to focus on writing software instead of maintaining and upgrading a fleet of Linux instances. Fargate brings many benefits to the table, including small maintenance overhead, lower attack surface, and granular pricing. However, as any cloud asset, leaving your AWS Fargate tasks unattended can lead to nasty surprises.

DarkSide is a ransomware-as-a-service platform that made headlines on May 8, 2021, for targeting Colonial Pipeline, resulting in a shutdown of their pipeline operations. The DarkSide ransomware platform first appeared in August 2020, advertising that they would not target organizations in the education, government, medical, or non-profit sectors.

This year we launched Teleport Cloud, a new service for providing a hosted version of Teleport Access Plane. One of the first problems the team had to tackle was how to secure the new infrastructure properly, and the team wanted to ensure the best possible results by engaging in an independent audit. As with the Teleport core product, we engaged with Doyensec to provide an independent security audit of our production environment.

Over the weekend, the Alpharetta-based Colonial Pipeline was hit by an extensive ransomware attack that shut down its information technology (IT) and industrial operational technology (OT) systems. Simply put, an all-too-common ransomware event targeting IT systems encouraged a voluntary shutdown on the production side (OT) of the business to prevent further exposure. Colonial Pipeline is responsible for 45% of the gasoline, diesel fuel and natural gas transported from Texas to New Jersey.