News for Admins

Tech News

Article from ADMIN 76/2023
By
In the news: CISA Directive Requires Federal Agencies to Secure Network Devices; SUSE Report Reveals Cloud Security Concerns; Canonical Sunbeam Extends OpenStack to Small Cloud Environments; IT Teams Struggle with Cloud Operations; NVIDIA Announces Large Memory AI Supercomputer; PostgreSQL 16 Beta; Red Hat Announces Ansible Lightspeed AI Service; Global Tech Adoption Trends from the World Economic Forum; and CIQ Announces New Infrastructure Management Platform.

CISA Directive Requires Federal Agencies to Secure Network Devices

A new CISA directive requires agencies to "take steps to reduce the attack surface created by insecure or misconfigured management interfaces across certain classes of devices."

The Binding Operational Directive 23-02 (https://www.cisa.gov/news-events/directives/binding-operational-directive-23-02), which outlines the steps required for compliance, defines a networked management interface as "a dedicated device interface that is accessible over network protocols and is meant exclusively for authorized users to perform administrative activities on a device, a group of devices, or the network itself."

"Recent threat campaigns underscore the grave risk to the federal enterprise posed by improperly configured network devices," the directive states.

SUSE Report Reveals Cloud Security Concerns

The majority of IT teams (88%) experienced at least one cloud security incident in the past year, according to a recent report released by SUSE (https://www.prnewswire.com/news-releases/suse-releases-securing-the-cloud-industry-trend-report-revealing-challenges-that-threaten-cloud-adoption-301854386.html). "Of those affected, 76 percent encountered multiple incidents, with 11 percent experiencing more than 10 issues in the same period."

SUSE's "Securing the Cloud" trend report reflects industry concerns around cloud security, as "88 percent of professionals agreed that if they were certain about the integrity of their data, they would be more inclined to migrate additional workloads to the cloud and edge."

Top concerns cited by respondents include data stores hosted by cloud or third parties, runtime attacks from threat actors, security policy management, federation, and automation. Additionally, the report notes that "US IT decision makers (35%) are significantly more likely than those in Europe (25%) to believe that security policy management, federation, and automation are among their biggest cloud security concerns."

Download the complete report to learn more (https://more.suse.com/securing-the-cloud-report_download-thank-you.html).

Canonical Sunbeam Extends OpenStack to Small Cloud Environments

Canonical has announced Sunbeam, an extension of its commercial OpenStack offering (https://ubuntu.com/openstack) for small-scale cloud environments.

According to the announcement, the Sunbeam (https://governance.openstack.org/tc/reference/projects/sunbeam.html) deployment and operational tooling project comes with "a lucid interface and very simple installation instructions, making it super straightforward for everyone – even those with no previous OpenStack experience."

"What makes Sunbeam unique is its K8s-native architecture," the announcement says (https://ubuntu.com/blog/canonical-extends-commercial-openstack-offering-to-small-scale-cloud-environments-with-project-sunbeam). "By using native Kubernetes principles, such as StatefulSets and operators, OpenStack can finally be modeled, deployed, and managed as any other cloud-native application."

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • IT Teams Struggle with Cloud Operations, Says NetApp Report
  • News for Admins
    In the news: NIST Updates Cybersecurity Framework; Poor Cloud Security Practices Put Organizations at Risk; ORNL and NOAA Launch New Supercomputer for Climate Research; DOE Envisions New High Performance Data Facility; VMware Updates Tanzu with New Security Features; Microsoft Launches AI-Powered Security Copilot; IBM Deploys First Quantum Computer Dedicated to Healthcare Research; LPI Announces IT Security Essentials Certification
  • News for Admins
    In the news: CIQ Offers Long-Term Support for Rocky Linux on AWS; Apple's PQ3 Brings Post-Quantum Security to iMessage; Google Open Sources Magika File-Type Detection System; Microsoft Announces Sudo for Windows; Linux Foundation Launches Post-Quantum Cryptography Alliance; Sys Admins Saw the Biggest Average Salary Increase in 2023, According to Dice; Use of Open Source Software Increased Significantly in 2023; Docker Build Cloud Announced; Wi-Fi CERTIFIED 7 Announced; EU Commissions Nostradamus Project for Quantum Testing; and NIST Identifies Main Types of Adversarial Machine Learning Threats, GitLab Announces Critical Security Releases.
  • News for Admins
    In the news: StarlingX 8.0 Edge Platform; Synopsys Report Shows "Alarming" Increase in High-Risk Vulnerabilities; Akamai Connected Cloud; Red Hat Enterprise Linux Available on Oracle Cloud; Wine 8.0; LibreOffice 7.5; Veracode Report Tracks Security Flaws Over the Application Lifecycle; and Malware Remains Top Cause of Cybersecurity Incidents.
  • News for Admins
    OpenSSL has issued an advisory (https://www.openssl.org/news/secadv/20221101.txt) relating to two vulnerabilities (CVE-2022-3602 and CVE-2022-3786), which affect OpenSSL version 3.0.0.
comments powered by Disqus