Data exfiltration and ransomware attacks in cloud-native applications are evolving cyber threats that pose significant risks to organizations, leading to substantial financial losses, reputational damage, and operational disruptions. As Kubernetes adoption grows for running containerized applications, it becomes imperative to address the unique security challenges it presents.

Data protection is critical for IT professionals, but choosing between incremental vs. differential backup strategies can be complex. While full backups are key, their limitations in speed, storage, and flexibility become apparent as your data grows. Incremental backups offer a more efficient solution, backing up only the data that has changed since the last backup. This strategy significantly reduces backup time, minimizes storage requirements, and scales well for growing datasets.

CrowdStrike’s mission is to stop breaches. We continuously research and develop technologies to outpace new and sophisticated threats and stop adversaries from pursuing attacks. We also recognize that security is best when it’s a team sport. In today’s threat landscape, technology collaboration is essential to deploy novel methods of analysis and defense.

A week ago, on March 29th, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that two versions of xz Utils, were found to have been compromised. The xz Utils code had been tampered with to include a malicious “backdoor” that would ultimately give attackers the same level of control over affected systems as authorized administrators.

I thought it would be a good idea to revisit GDPR, just as a reminder to all of us to take stock and see how ready we are. For the uninitiated, the EU Commission, Parliament, and Commission negotiated and finalized the text of what is called the “General Data Protection Regulation” (GDPR) in December of 2015. This was officially approved as Law in April 2016 and goes into effect on May 25, 2018.

For those only just tuning into this conversation, the EU Commission negotiated and finalized the text of what is called the “General Data Protection Regulation” (GDPR) in December of 2015. This was officially approved as law in April 2016 and comes into effect on May 25, 2018. And, if you’re an organization that does business in the EU or even has customers from those geographies, this could significantly change the way you do business.

Security and privacy often get conflated even though they are quite different things. When it comes to digital assets, security is often associated with organizations, while privacy is associated with individuals. The truth though is that both are important elements in any digital strategy and can impact both individuals and organizations.

Securing custom applications in a sea of vulnerabilities is daunting. To make the task even more challenging, the threat to applications continues to grow: 8 out of the top 10 data breaches last year were related to application attack surfaces.1 This blog details two effective strategies for identifying vulnerabilities in custom software applications so they can be quickly addressed.

As we reach the end of our five-part series on “Secure Cloud Adoption in the Enterprise”, we thought it would be useful to summarize the discussion and also leave with you a few important things to consider when you make the decision to use the public cloud. Clichéd as it may sound, Security and Privacy are probably two of your most important security concerns in cloud computing as an IT executive.