Cloud providers are becoming a core part of IT infrastructure. Amazon Web Services (AWS), the world's biggest cloud provider, is used by millions of organizations worldwide and is commonly used to run sensitive and mission-critical workloads. This makes it critical for IT and security professionals to understand the basics of AWS security and take measures to protect their data and workloads.

Back in 1992, when I was more concerned about my acne breakouts and being selected for the Junior cricket team, a freshman at Purdue University was studying the impact of the 1988 Morris Worm event and how it brought about unwarranted changes on Unix systems as it propagated across the network, resulting in the first Denial of Service (DoS) attack. He quickly realised that it was hard to know when a system was infected and what had changed, and by the time the change was picked up, it was often too late.

The shifting sands of IT make the adage "you never know it all" ever more true as time goes by. I recall days when it felt like you could click through every major directory of Yahoo and know a little something about everything. I was a young man with a voracious reading appetite and an active imagination – both of which were thoroughly outpaced by the growth of the internet and my own developing maturity.

In the digital world, where countless users communicate, share data, and engage in diverse activities, determining the origin and actions behind these interactions can be quite challenging. This is where non-repudiation steps in. Coupling other security factors, such as delivery proof, identity verification, and a digital signature, creates non-repudiation. This guarantees that the parties involved in the transmission are unable to renounce the execution of an action.

The payment industry is bracing for the transition to Payment Card Industry Data Security Standard (PCI DSS) 4.0, heralding significant changes in cybersecurity practices. As we approach the implementation of this revised standard, a critical focal point emerges: the role and new mandate of web application firewalls (WAFs) in ensuring compliance.

An attack surface is the total number of channels, pathways, or areas that threat actors can utilize to gain unauthorized access to networks. The result is that they can obtain private information or carry out a cyber-attack. An attack surface comprises the organizational assets a threat actor can exploit to gain unauthorized access. Attack surfaces include systems that are directly involved in mission-critical operations, as well as those that provide peripheral services or access to important data.

Anyone can get scammed. If you think you're somehow immune to being scammed, then, in my opinion, you're a prime target for being scammed. No one is too big, too clever, too security-savvy to avoid being duped because it's only human to make a mistake and screw up. And that certainly seems to be the case with Bill Lou.

Continuous Integration and Continuous Delivery (CI/CD) security has become crucial to modern software development practices. As the speed of software development increases with DevOps and Agile methodologies, there is a growing need to ensure the integrity of software across the entire development pipeline.

At the turn of the millennium, few people were worried about cybercrime. The Good Friday Agreement had just come into effect, the US expelled a Russian diplomat for spying, and the threat of the Y2K bug loomed. ILOVEYOU, the computer worm that catapulted cybercrime into the public consciousness, was still five months away. Today, things couldn't be more different.

In the dynamic realm of cybersecurity, the future of Zero Trust unfolds with promises and challenges. In the second part of the Zero Trust series, we explore the insights from industry experts, contemplate the intersection of trust and security, and chart a course for the evolving landscape of digital defense.