Cloud Citi CTO spearheads new pan-industry ‘Common Cloud Controls’ project at FINOS Citi, Goldman, Morgan Stanley, LSEG, Natwest Group, and RBC are all participating amid concerns at the opacity of public cloud security and resilience tests and controls.
Members only News Revisiting *that* Google outage: Fire, flooding, (then running out of water) and a “regional Spanner” failure Fire-fighting was not helped by Global Switch’s fire suppression system “running out of water”. The incident also introduced water and soot contamination. Google Cloud’s affected racks had to be taken apart, thoroughly cleaned and reassembled before they could be restarted.
Microsoft Three years after Slack's complaint, European Commission confirms formal Teams bundling investigation Slack had alleged that Microsoft “created a weak, copycat product and tied it to their dominant Office product, force installing it and blocking its removal"
Members only News Tough new SEC cyber risk disclosure rules have left kicking and screaming in their wake The US Chamber of Commerce had fumed that the SEC’s “unprecedented micromanagement of companies’ cybersecurity programs is misguided"
central government Job of the Week: Chief Data Officer, HMG Role up your sleeves, gird your loins, dust off those "outstanding influencing, negotiating and conflict resolution skills"
News Kaspersky reports third exploited Apple zero day in 5 weeks "Operation Triangulation" continues after the Russian security firm was hacked by a sophisticated adversary using a zero-click iOS chain...
banks HSBC breached this banking rule 12,200 times. Regulators sigh wearily "HSBC’s processes, systems and staff were not capable of detecting and reporting these breaches until December 2022. The inability for HSBC to determine the scale of these breaches due to the inadequacy of its systems and processes is a further concern."
News 6 key takeaways from Microsoft’s annual report $10.7 billion in Q4 CapEx was "both the data centers… plus CPUs and GPUs and networking equipment" with spending to accelerate, said CFO Amy Hood.
deals Thales' $3.6 billion buyout of Imperva is timely... Imperva, generating ~$500 million in revenues, has suffered from executive churn in recent years that has caused some “adverse impact on Imperva’s roadmap execution."
Citrix Citrix zero day used to attack critical infrastructure -- IOCs and detections now available Attackers dropped a webshell, collected and exfiltrated Active Directory data, then ran into some healthy obstacles...
SAP SAP CEO: Generative AI comes with a "30% premium" - could customise your on-prem deployments "We sit on data of over 400,000 customers and their material flows, financial flows, employee customer data. We are taking this data… to benchmark and give business process recommendations"
procurement Software spending plummets as CFOs batten down the hatches; SaaS firms hike prices CFOs are scrutinizing net-new spending more aggressively than ever while "new product purchases emphasize 2023’s mission-critical priorities: growth, sustainability, and security"
Citrix Critical pre-auth RCE Citrix Gateway vulnerability is under active attack and looks bad There are approximately 38,000 Citrix Gateway appliances exposed to the public internet and a whole host of internet traffic flows through Citrix ADC...
encryption RFC 9420 aka Messaging Layer Security (MLS) – An Overview MLS achieves its low complexity through the use of a binary tree. This means that the number of required operations and the payload size do not increase linearly with the group size but rather only logarithmically after a short warm-up period...
public sector Eight years in, £2 billion spent, and nothing to show bar a big fat interoperability hole Astonishingly the Home Office, already under pressure over interoperability challenges “does not know how many vendors provide" control room systems across 108 service stations...
economy UK corporate insolvencies spike to the highest levels since 2008 "Zombie companies are likely to be early casualties of rising interest rates. However, if their demise frees up staff and properties for use by more profitable companies, the long run effect could be a boost to UK productivity..."
Citigroup Citi’s tech spend hits $3 billion in Q2, as CFO highlights in-sourcing efforts Citigroup spent the equivalent to some $50 million on technology every single working day over the past quarter..
cybersecurity Microsoft strengthens key storage after China incident – admits “validation error in Microsoft code” Redmond has since "substantially hardened key issuance systems... this includes increased isolation of the systems, refined monitoring of system activity, and moving to the hardened key store used for our enterprise systems..."
Members only carbon emissions UK gov’t eyes £4 million GHG emissions software upgrade HMG wants a "new software approach which streamlines the system, using standard architecture across all inventory sectors to store, analyze, and report emissions"
sonicwall Critical SonicWall vulnerabilities "extremely attractive" - central firewall hub needs urgent patching Multiple critical unauthenticated SQL injection bugs and hard-coded credentials as well as command injection, and file upload bugs need urgent patching.
Blockchain Google allows NFTs into Play Store Google has updated its app store policy, and now the NFTs can come out to Play...
artificial intelligence Global AI Index: US and China lead investment, as Israel and Singapore punch above weight The scramble for a piece of the AI pie is on, but US and China remain on top when it comes to raking in the profit
Azure Microsoft clams up over critical Azure key breach, security incident as attackers breach US agencies Following a major security breach involving US federal agencies, Microsoft refuses to provide details on the incident