Ascend Cloud Solutions’ Post

What cloud technology trends can we expect to see in 2023? Click through to learn about everything from cybersecurity to video games.

What cloud technology trends can we expect to see in 2023? Click through to learn about everything from cybersecurity to video games.

$MSFT conference call summary: Azure is kicking everyone’s butt, and it really is as simple as that. This has helped us have a record quarter. While everyone else is talking about what to do with AI, we are implementing it, and Copilot adoption is growing. This forces us to scale infrastructure to meet the growing demand, but we are doing it at the pace of customer adoption and maintaining margins. Yet, we aren’t just a Cloud company, and it seems everything else is doing well, too. Xbox hit a new record, and now we have Activision, which is going to be accretive to fiscal year earnings. Heck, you’ve probably noticed all the people trying to connect with you on LinkedIn lately because even it is doing well. Oh, and by the way, if you aren’t doing something about Cybersecurity, you are screwed. 🤷🏼♂️

Exciting News for CMMC Compliance! On Monday, Microsoft announced that it has achieved FedRAMP HIGH approval for using OpenAI GPT products in its Azure Government Cloud. This includes ChatGPT-4o. The approval means tools like ChatGPT can now be used securely to streamline CMMC documentation and tracking. For those of us dealing with CMMC (Cybersecurity Maturity Model Certification) compliance, this is big news. I have been cautious about using OpenAI for CMMC because of data privacy concerns. This approval is a huge reassurance. It will likely speed up the process of achieving and maintaining CMMC compliance. It could also help lower compliance costs. Companies like SMPL-C are already using LLMs to assist with compliance documentation. With this new development, I expect more organizations will feel confident using tools like SMPL-C. For those in the DIB, where CMMC timelines are tight, this could not have come at a better time. It's a major step in making our documentation processes more secure and efficient. This is just the beginning of what AI can do for compliance. I’m excited to see how it will continue to evolve and support our industry. https://lnkd.in/gPXZc6Qh #CMMC #Compliance #OpenAI #Cybersecurity #Microsoft #FedRAMP #Defense #Innovation #AI

We are not surprised Nvidia is recognizing customer concerns over data privacy and cloud security. The requirements for “Chat with RTX” may be out of reach for some while the workflow may feel tedious. Here is a comparison between our product and “Chat with RTX.” #generativeai #legaltech #llm

CVE-2024-0132 is a critical vulnerability in Nvidia Container Toolkit that already impacted 100k+ cloud infrastructures. Is this a wake-up call for cloud security? What's your thought? Read here: https://lnkd.in/d86fxiim #BYCS #CloudSecurity #CVE20240132 #AI #Kubernetes #Vulnerability

Why do cybercriminals love phishing-as-a-service platforms? Low barriers to entry, easy scaling, subscription-based models, easy evasion, and cheap prices are among the few main reasons. Stop sophisticated - and unsophisticated - cybercriminals from gaining entry into your organization with simple but effective PaaS techniques:

**Secure Future Initiative September 2024 progress report** Microsoft have released their first progress report, ten months into the Secure Futures Initiative (SFI), and four months after Satya Nadella named security as Microsoft's number one priority. The full report is here: Secure Future Initiative (microsoft.com)   I hadn't expected this to orientate so much on their own internal operating processes and practices. That is some indicator of how much security fundamentals often get overlooked. I think it would be unfair to rake them through the coals after publishing something so transparent, but I will share some details to help you appreciate the staggering scale of this initiative (I expect most people won't read the whole 25 pages). Some quotes here. My bold.   "Dedicating the equivalent of 34,000 full-time engineers, SFI is the largest cybersecurity engineering project in history." "We completed a full iteration of app lifecycle management for all of our production and productivity tenants, eliminating 730,000 unused apps. We eliminated 5.75 million inactive tenants, drastically reducing the potential attack surface." "integrating cybersecurity performance into the senior leadership team's compensation plans.." "Microsoft currently has Deputy CISOs aligned to: Artificial Intelligence Azure Consumer Core Systems and Mergers and Acquisitions Customer Security Management Office Experiences and Devices Gaming Government Identity Microsoft 365 Microsoft Security Regulated Industries Threat Landscape"   "We have completed the hardware security module (HSM) based storage implementations for Microsoft Entra ID and Microsoft Account (MSA) access token signing keys" "We have completed the work to deliver automated rotation for Microsoft Entra ID and Microsoft Account (MSA) application access token signing keys without any human interaction" "We have removed over 440,000 resources which were being managed by the legacy Azure Service Management (ASM) API system." "We have begun to enrich [CVE] data with root cause information and impacted products using industry standards. This helps the entire industry focus on eliminating whole classes of vulnerabilities."   There are some things in here that are pretty surprising to learn were missing, like signing keys outside of HSMs and lack of automatic rotation, but good that those things are being fixed now. The last point on enriched CVE information is a common gripe in the security world. Microsoft's own vulnerability notifications have been totally unclear for way too long. If that alone gets better now, we will be in a far safer place.

Apple Unveils Secure AI Processing with Private Cloud Compute Apple has launched Private Cloud Compute (PCC), a secure system for AI tasks that ensures user privacy. PCC integrates with new AI features in iOS 18, iPadOS 18, and macOS Sequoia, using "stateless computation" to prevent data retention. It combines Apple silicon with strong security measures and routes requests through an Oblivious HTTP relay to protect users' IP addresses. Security Tip for SecureNexa's Followers: When using cloud AI services, ensure they employ robust privacy measures like stateless computation and OHTTP relays to safeguard your data.