Contact Us

Security Programs and ISMS

Now and then you come across a truly valuable presentation or piece of collateral.  In this case, USTelecom, the organization that represents telecommunications businesses in the US, has put together a bit of both as a gift to the community at-large.

It was developed to help individuals and organizations better understand cybersecurity challenges and responses.  The 50 slide PowerPoint show includes over 350 links to almost every security guideline imaginable – government, corporate, academic, analyst – and includes definitions, reports, best practices, and strategies.

The Center for Internet Security (CIS) Kubernetes Security Benchmark 1.8

The CIS Benchmark for Kubernetes 1.8 release continues to bring security enhancements to the core orchestration platform. The CIS Kubernetes community has been busy working on refreshing the benchmark to align with the new released features and narrow the gap between the announcement of the GA version of the product and the benchmark release. Download your copy of the benchmark from the CIS website today (NOTE:  Actual benchmark title aligned to the new release is ‘CIS Kubernetes Benchmark v1.2.0).

This version of the benchmark has undergone significant changes. The most awaited and subtle change is that the entire benchmark is re-factored to consider kubeadm based deployments. Kubeadm is increasingly becoming the developer’s choice of deployment rather than individual installation of various Kubernetes components. This standardization also helps any other deployment mechanisms to map and adopt the procedures easily.

One might conclude that if a company achieves compliance, it is fundamentally secure. Unfortunately, this isn’t always the case. Most of us in the security industry talk at length about working to be truly secure while implementing compliance initiatives. Why do some organizations seem to be coming up short?

With all of the recent high-profile data breaches, companies are scrambling to figure out ways to secure their IT infrastructure, including their public clouds. It can be confusing to sort through the morass of cloud-security solutions and vendors and emerge confidently with a selection.

© 2019 Cavirin Systems, Inc. All rights reserved.