Robert Alexander, ISC2-CC’s Post

🔒 Do you have a Snowflake deployment? ❄️ Are you using Snowflake as part of your critical business and data processes? 👩💻 Check out our blog below for guidance on how to secure and audit your snowflake deployment after the recent customer data breaches 📰 #CyberSecurity #DataProtection #Snowflake

Recent events underscore the critical need to focus on security in SaaS environments like #snowflake and #databricks, especially following the unauthorized access incidents affecting some Snowflake customers. Identity lies at the heart of these challenges. Explore our latest blog to discover how to assess and protect your Snowflake environments: https://lnkd.in/eJVfUk-T #saassecurity #cybersecurity #cloudsecurity

In the past year, there has been a series of breaches affecting prominent SaaS vendors like Microsoft and Okta, with Snowflake also making headlines recently due to attacks on customer-owned systems. With the increasing risks, organizations must act promptly and efficiently to address and minimize potential threats. This guide outlines essential steps for assessing and responding to possible breaches in Snowflake. "A Practical Guide for Handling Unauthorized Access to Snowflake": https://lnkd.in/e7v8xTHN #CyberSecurity #infosec #informationsecurity #cyber #cloud #cloudsecurity #RiskManagement #dfir #incidentresponse

Hospitals are increasing the size of their #cybersecurity teams by 30% this year in response to increased threats and recent high-profile attacks in #healthcare. #Snowflake as a security data lake gives those experts easy and affordable access to track threats and correlate information from across logs and business data rather than being limited to "the last 90-days" or a "subset of critical log entries." Make sure you're looking at the people, the tools, and the data you're giving them to protect your patients - https://lnkd.in/gk433FNi https://lnkd.in/ea4uqbzr

“Varonis has extended its industry-leading Data Security Platform to Databricks. Now, Databricks customers can secure their sensitive data at scale with deep visibility, proactive remediation, and active threat detection…” https://lnkd.in/gNS67Mmv

***#Snowflake #DataBreach Remediation Actions Below**** Everyone is still grappling with how to handle the recent Snowflake breach. On June 5th, Black Kite was able to detect which of your vendors in your ecosystem were impacted. Taking it a step further, we provide recommended questions to ask your vendors combined with prescriptive remediation actions. Read the full blog from Black Kite’s Chief Risk and Intelligence Officer: https://lnkd.in/gAvef3SK QUICK BLOG RECAP: (TLDR) WHY SHOULD #TPRM PROFESSIONALS CARE ABOUT THE #SNOWFLAKE INCIDENT? Snowflake is a cornerstone for approximately 10,000 companies and organizations, providing essential cloud computing and analytical services. TPRM professionals need to pay close attention to this incident, even if they do not directly interact with Snowflake. The interconnected nature of modern supply chains means that a breach in one critical provider can cascade through numerous organizations. What questions should TPRM professionals ask vendors about the incident mentioned in the FocusTagTM? TPRM professionals should ask their vendors the following specific questions: ·        Do you use Snowflake’s cloud storage services? If so, have you implemented multi-factor authentication (MFA) for all user accounts? ·        Have you recently updated your security protocols to address credential-based attacks? ·        Are you actively monitoring for indicators of compromise (IoCs) related to the Snowflake breach? ·        What measures are you taking to protect data stored on cloud platforms like Snowflake? ·        Have you communicated with Snowflake regarding the incident and followed their security recommendations? ·        How are you ensuring the security of data accessed via Snowflake credentials? Remediation Recommendations for Vendors to This Risk To mitigate risks associated with the Snowflake incident, vendors should: ·        Implement MFA on all Snowflake accounts. ·        Monitor account activities for unusual behavior. ·        Follow Snowflake’s guidance on detecting unauthorized access. ·        Update cybersecurity strategies and ensure all staff are aware of the incident. ·        Maintain communication with Snowflake for updates and further recommendations. We believe in sharing intelligence to improve everyone's cyber posture together! #snowflake #DataBreach #TPRM #CyberRisk

By now, most people are aware of the #snowflake #DataBreach and the widespread impact it's had on the technology industry, but are you aware exectly which of your vendors have been impacted? By using the Black Kite Platform you can immediately see where this compromise affects your company's digital #supplychain and what your remediation actions should entail. If you would like to see how we could assist you in getting the visabilty across your #thirdpartyrisk get in touch with us on the link below: https://lnkd.in/gy9_Gxcp

Today, we’re excited to announce that Varonis has extended its industry-leading Data Security Platform to Databricks. Now, Databricks customers can secure their sensitive data at scale with deep visibility, proactive remediation, and active threat detection.

Great news — Varonis is expanding data security coverage to Snowflake! ❄️ Now, Snowflake users can get enhanced visibility and security for their critical data warehouses and databases in Snowflake with this expansion of Varonis' DSPM capabilities. Get all the details on this new coverage *and* get insights from our team on improving your data security posture in Snowflake on our blog: https://lnkd.in/gP8FRYkY Have any questions? Feel free to send me a message! #Cybersecurity #CloudSecurity

We're excited to announce that Varonis has extended its industry-leading Data Security Platform to Databricks! Databricks customers can now secure their sensitive data at scale with deep visibility, proactive remediation, and active threat detection. https://lnkd.in/g8C-wiat