News Feed

Accelerate the modernization of Mainframe and VMware workloads with AWS Transform

~ Reporter ~ Leave a comment

Generative AI has brought many new possibilities to organizations. It has equipped them with new abilities to retire technical debt, modernize legacy systems, and build agile infrastructure to help unlock the value that is trapped in their internal data. However, many enterprises still rely heavily on legacy IT infrastructure, particularly mainframes and VMware-based systems. These platforms have been the backbone of critical operations for decades, but they hinder organizations’ ability to innovate, scale effectively, and reduce technical debt in an era where cloud-first strategies dominate. The need to modernize these workloads is clear, but the journey has traditionally been complex and risky.

The complexity spans multiple dimensions. Financially, organizations face mounting licensing costs and expensive migration projects. Technically, they must untangle legacy dependencies while meeting compliance requirements. Organizationally, they must manage the transition of teams who’ve built careers around legacy systems and navigate undocumented institutional knowledge.

AWS Transform directly addresses these challenges with purpose-built agentic AI that accelerates and de-risks your legacy modernization. It automates the assessment, planning, and transformation of both mainframe and VMware workloads into cloud based architectures, streamlining the entire process. Through intelligent insights, automated code transformation, and human-in-the-loop workflows, organizations can now tackle even the most challenging modernization projects with greater confidence and efficiency.

Mainframe workload migration
AWS Transform for mainframe is the first agentic AI service for modernizing mainframe workloads at scale. The specialized mainframe agent accelerates mainframe modernization by automating complex, resource-intensive tasks across every phase of modernization — from initial assessment to final deployment. It streamlines the migration of legacy applications built on IBM z/OS Db2, including COBOL, CICS, DB2, and VSAM, to modern cloud environments–cutting modernization timelines from years to months.

Let’s look at a few examples of how AWS Transform can help you through different aspects of the migration process.

Code analysis – AWS Transform provides comprehensive insights into your codebase, automatically examining mainframe codebases, creating detailed dependency graphs, measuring code complexity, and identifying component relationships

Documentation – AWS Transform for mainframe creates comprehensive technical and functional documentation of mainframe applications, preserving critical knowledge about features, program logic, and data flows. You can interact with the generated documentation through an AI-powered chat interface to discover and retrieve information quickly.

Business rule extraction – AWS Transform extracts and presents complex logic in plain language so you can gain visibility into business processes embedded within legacy applications. This enables both business and technical stakeholders to gain a greater understanding of application functionality.

Code decomposition – AWS Transform offers sophisticated code decomposition tools, including interactive dependency graphs and domain separation capabilities, enabling users to visualize and modify relationships between components while identifying key business functions. The solution also streamlines migration planning through an interactive wave sequence planner that considers user preferences to generate optimized migration strategies.

Modernization Wave Planning – With its specialized agent, AWS Transform for mainframe creates prioritized modernization wave sequences based on code and data dependencies, code volume, and business priorities. It enables modernization teams to make data-driven, customized migration plans that align to their specific organizational needs.

Code refactoring – AWS Transform can refactor millions of lines of mainframe code in minutes, converting COBOL, VSAM, and DB2 systems into modern Java Spring Boot applications while maintaining functional equivalence and transforming CICS transactions into web services and JCL batch processes into Groovy scripts. The solution provides high-quality output through configurable settings and bundled runtime capabilities, producing Java code that emphasizes readability, maintainability, and technical excellence.

Deployments – AWS Transform provides customizable deployment templates that streamline the deployment process through user-defined inputs. For added efficiency, the solution bundles the selected runtime version with the migrated application, enabling seamless deployment as a complete package.

By integrating intelligent documentation analysis, business rules extraction, and human-in-the-loop collaboration capabilities, AWS Transform helps organizations accelerate their mainframe transformation while reducing risk and maintaining business continuity.

VMware modernization
With rapid changes in VMware licensing and support model, organizations are increasingly exploring alternatives despite the difficulties associated with migrating and modernizing VMware workloads. This is aggravated by the fact that the accumulation of technical debt typically creates complex, poorly documented environments managed by multiple teams, leading to vendor lock-in and collaboration challenges that hinder migration efforts further.

AWS Transform is the first agentic AI service for VMware modernization of its kind that helps you to overcome those difficulties. It can offset risk and accelerate the modernization of VMware workloads by automating application discovery, dependency mapping, migration planning, network conversion, and EC2 instance optimization, reducing manual effort and accelerating cloud adoption.

The process is organized into four phases: inventory discovery, wave planning, network conversion, and server migration. It uses agentic AI capabilities to analyze and map complex VMware environments, converting network configurations into AWS built-in constructs and helps you to orchestrate dependency-aware migration waves for seamless cutovers. In addition, it also provides a collaborative web interface that keeps AWS teams, partners, and customers aligned throughout the modernization journey.

Let’s take a quick tour to see how this works.

Setting up
Before you can start using the service, you must first enable it by navigating to the AWS Transform console. AWS Transform requires AWS IAM Identity Center (IdC) to manage users and setup appropriate permissions. If you don’t yet have IdC set up it will ask you to configure it first and return to the AWS Transform console later to continue the process.

With IdC available, you can then proceed to choosing the encryption settings. AWS Transform gives you the option to use a default AWS managed key or you can use your own custom keys through AWS Key Management Service (AWS KMS).

After completing this step, AWS Transform will be enabled. You can manage admin access to the console by navigating to Users and using the search box to find them. You must create users or groups in IdC first if they don’t already exist. The service console will help admins provision users who will get access to the web app. Each provisioned user receives an email with a link to set password and get their personalized URL for the webapp.

You interact with AWS Transform through a dedicated web experience. To get the url, navigate to Settings where you can check your configurations and copy the links to the AWS Transform web experience where you and your teams can start using the service.

Discovery
AWS Transform can discover your VMware environment either automatically through AWS Application Discovery Service collectors or you can provide your own data by importing existing RVTools export files.

To get started, choose the Create or select connectors task and provide the account IDs for one or more AWS accounts that will be used for discovery. This will generate links that you can follow to authorize each account for usage within AWS Transform. You can then move on to the Perform discovery task, where you can choose to install AWS Application Discovery Service collectors or upload your own files such as exports from RVTools.

Provisioning
The steps for the provisioning phase are similar to the ones described earlier for discovery. You connect target AWS accounts by entering their account IDs and validating the authorization requests which will then enable the next steps such as the Generate VPC configuration step. Here, you can import your RVTools files or NSX exports from Import/Export from NSX, if applicable, and enable AWS Transform to understand your networking requirements.

You should then continue working through the job plan until you reach the point where it’s ready to deploy your Amazon Virtual Private Cloud (Amazon VPC). All the infrastructure as code (IaC) code is stored in Amazon Simple Storage Service (Amazon S3) buckets in the target AWS account.

Review the proposed changes and, if you’re happy, start the deployment process of the AWS resources to the target accounts.

Deployment
AWS Transform requires you to set up AWS Application Migration Service (MGN) in the target AWS accounts to automate the migration process. Choose the Initiate VM migration task and use the link to navigate to the service console, then follow the instructions to configure it.

After setting up service permissions, you’ll proceed to the implementation phase of the waves created by AWS Transform and start the migration process. For each wave, you’ll first be asked to make various choices such as setting the sizing preference and tenancy for the Amazon Elastic Compute Cloud (Amazon EC2) instances. Confirm your selections and continue following the instructions given by AWS Transform until you reach the Deploy replication agents stage, where you can start the migration for that wave.

After you start the waves migration process, you can switch to the dashboard at any time to check on progress.

With its agentic AI capabilities, AWS Transform offers a powerful solution for accelerating and de-risking mainframe and VMware modernization workloads. By automating complex assessment and transformation processes, AWS Transform reduces the time associated with legacy system migration while minimizing the potential for errors and business disruption enabling more agile, efficient, and future-ready IT environments within your organization.

Things to know
Availability –  AWS Transform for mainframe is available in US East (N. Virginia) and Europe (Frankfurt) Regions. AWS Transform for VMware offers different availability options for data collection and migrations. Please refer to the AWS Transform for VMware FAQ for more details.

Pricing –  Currently, we offer our core features—including assessment and transformation—at no cost to AWS customers.

Here are a few links for further reading.

Dive deeper into mainframe modernization and learn more about about AWS Transform for mainframe.

Explore more about VMware modernization and how to get started with your VMware migration journey.

Check out this interactive demo of AWS Transform for mainframe and this interactive demo of AWS Transform for VMware.

Matheus Guimaraes | @codingmatheus

How is the News Blog doing? Take this 1 minute survey!

(This survey is hosted by an external company. AWS handles your information as described in the AWS Privacy Notice. AWS will own the data gathered via this survey and will not share the information collected with survey respondents.)

from AWS News Blog https://ift.tt/kptA2Kh
via IFTTT

AWS Transform for .NET, the first agentic AI service for modernizing .NET applications at scale

~ Reporter ~ Leave a comment

I started my career as a .NET developer and have seen .NET evolve over the last couple of decades. Like many of you, I also developed multiple enterprise applications in .NET Framework that ran only on Windows. I fondly remember building my first enterprise application with .NET Framework. Although it served us well, the technology landscape has significantly shifted. Now that there is an open source and cross-platform version of .NET that can run on Linux, these legacy enterprise applications built on .NET Framework need to be ported and modernized.

The benefits of porting to Linux are compelling: applications cost 40 percent less to operate because they save on Windows licensing costs, run 1.5–2 times faster with improved performance, and handle growing workloads with 50 percent better scalability. Having helped port several applications, I can say the effort is worth the rewards.

However, porting .NET Framework applications to cross-platform .NET is a labor-intensive and error-prone process. You have to perform multiple steps, such as analyzing the codebase, detecting incompatibilities, implementing fixes while porting the code, and then validating the changes. For enterprises, the challenge becomes even more complex because they might have hundreds of .NET Framework applications in their portfolio.

At re:Invent 2024, we previewed this capability as Amazon Q Developer transformation capabilities for .NET to help port your .NET applications at scale. The experience is available as a unified web experience for at-scale transformation and within your integrated development environment (IDE) for individual project and solution porting.

Now that we’ve incorporated your valuable feedback and suggestions, we’re excited to announce today the general availability of AWS Transform for .NET. We’ve also added new capabilities to support projects with private NuGet packages, port model-view-controller (MVC) Razor views to ASP .NET Core Razor views, and execute the ported unit tests.

I’ll expand on the key new capabilities in a moment, but let’s first take a quick look at the two porting experiences of AWS Transform for .NET.

Large-scale porting experience for .NET applications
Enterprise digital transformation is typically driven by central teams responsible for modernizing hundreds of applications across multiple business units. Different teams have ownership of different applications and their respective repositories. Success requires close coordination between these teams and the application owners and developers across business units. To accelerate this modernization at scale, AWS Transform for .NET provides a web experience that enables teams to connect directly to source code repositories and efficiently transform multiple applications across the organization. For select applications requiring dedicated developer attention, the same agent capabilities are available to developers as an extension for Visual Studio IDE.

Let’s start by looking at how the web experience of AWS Transform for .NET helps port hundreds of .NET applications at scale.

Web experience of AWS Transform for .NET
To get started with the web experience of AWS Transform, I onboard using the steps outlined in the documentation, sign in using my credentials, and create a job for .NET modernization.

Create a new job for .NET Transformation

AWS Transform for .NET creates a job plan, which is a sequence of steps that the agent will execute to assess, discover, analyze, and transform applications at scale. It then waits for me to set up a connector to connect to my source code repositories.

Setup connector to connect to source code repository

After the connector is in place, AWS Transform begins discovering repositories in my account. It conducts an assessment focused on three key areas: repository dependencies, required private packages and third-party libraries, and supported project types within your repositories.

Based on this assessment, it generates a recommended transformation plan. The plan orders repositories according to their last modification dates, dependency relationships, private package requirements, and the presence of supported project types.

AWS Transform for .NET then prepares for the transformation process by requesting specific inputs, such as the target branch destination, target .NET version, and the repositories to be transformed.

To select the repositories to transform, I have two options: use the recommended plan or customize the transformation plan by selecting repositories manually. For selecting repositories manually, I can use the UI or download the repository mapping and upload the customized list.

select the repositories to transform

AWS Transform for .NET automatically ports the application code, builds the ported code, executes unit tests, and commits the ported code to a new branch in my repository. It provides a comprehensive transformation summary, including modified files, test outcomes, and suggested fixes for any remaining work.

While the web experience helps accelerate large-scale porting, some applications may require developer attention. For these cases, the same agent capabilities are available in the Visual Studio IDE.

Visual Studio IDE experience of AWS Transform for .NET
Now, let’s explore how AWS Transform for .NET works within Visual Studio.

To get started, I install the latest version of AWS Toolkit extension for Visual Studio and set up the prerequisites.

I open a .NET Framework solution, and in the Solution Explorer, I see the context menu item Port project with AWS Transform for an individual project.

Context menu for Port project with AWS Transform in Visual Studio

I provide the required inputs, such as the target .NET version and the approval for the agents to autonomously transform code, execute unit tests, generate a transformation summary, and validate Linux-readiness.

Transformation summary after the project is transformed in Visual Studio

I can review the code changes made by the agents locally and continue updating my codebase.

Let’s now explore some of the key new capabilities added to AWS Transform for .NET.

Support for projects with private NuGet package dependencies 
During preview, only projects with public NuGet package dependencies were supported. With general availability, we now support projects with private NuGet package dependencies. This has been one of the most requested features during the preview.

The feature I really love is that AWS Transform can detect cross-repository dependencies. If it finds the source code of my private NuGet package, it automatically transforms that as well. However, if it can’t locate the source code, in the web experience, it provides me the flexibility to upload the required NuGet packages.

AWS Transform displays the missing package dependencies that need to be resolved. There are two ways to do this: I can either use the provided PowerShell script to create and upload packages, or I can build the application locally and upload the NuGet packages from the packages folder in the solution directory.

Upload packages to resolve missing dependencies

After I upload the missing NuGet packages, AWS Transform is able to resolve the dependencies. It’s best to provide both the .NET Framework and cross platform .NET versions of the NuGet packages. If the cross platform .NET version is not available, then at a minimum the .NET Framework version is required for AWS Transform to add it as an assembly reference and proceed for transformation.

Unit test execution
During preview, we supported porting unit tests from .NET Framework to cross-platform .NET. With general availability, we’ve also added support for executing unit tests after the transformation is complete.

After the transformation is complete and the unit tests are executed, I can see the results in the dashboard and view the status of the tests at each individual test project level.

Dashboard after successful transformation in web showing exectuted unit tests

Transformation visibility and summary
After the transformation is complete, I can download a detailed report in JSON format that gives me a list of transformed repositories, details about each repository, and the status of the transformation actions performed for each project within a repository. I can view the natural language transformation summary at the project level to understand AWS Transform output with project-level granularity. The summary provides me with an overview of updates along with key technical changes to the codebase.

detailed report of transformed project highlighting transformation summary of one of the project

Other new features
Let’s have a quick look at other new features we’ve added with general availability:

  • Support for porting UI layer – During preview, you could only port the business logic layers of MVC applications using AWS Transform, and you had to port the UI layer manually. With general availability, you can now use AWS Transform to port MVC Razor views to ASP.NET Core Razor views.
  • Expanded connector support – During preview, you could connect only to GitHub repositories. Now with general availability, you can connect to GitHub, GitLab, and Bitbucket repositories.
  • Cross repository dependency – When you select a repository for transformation, dependent repositories are automatically selected for transformation.
  • Download assessment report – You can download a detailed assessment report of the identified repositories in your account and private NuGet packages referenced in these repositories.
  • Email notifications with deep links – You’ll receive email notifications when a job’s status changes to completed or stopped. These notifications include deep links to the transformed code branches for review and continued transformation in your IDE.

Things to know
Some additional things to know are:

  • Regions – AWS Transform for .NET is generally available today in the Europe (Frankfurt) and US East (N. Virginia) Regions.
  • Pricing – Currently, there is no additional charge for AWS Transform. Any resources you create or continue to use in your AWS account using the output of AWS Transform will be billed according to their standard pricing. For limits and quotas, refer to the documentation.
  • .NET versions supported – AWS Transform for .NET supports transforming applications written using .NET Framework versions 3.5+, .NET Core 3.1, and .NET 5+, and the cross-platform .NET version, .NET 8.
  • Application types supported – AWS Transform for .NET supports porting C# code projects of the following types: console application, class library, unit tests, WebAPI, Windows Communication Foundation (WCF) service, MVC, and single-page application (SPA).
  • Getting started – To get started, visit AWS Transform for .NET User Guide.
  • Webinar – Join the webinar Accelerate .NET Modernization with Agentic AI to experience AWS Transform for .NET through a live demonstration.

– Prasad

How is the News Blog doing? Take this 1 minute survey!

(This survey is hosted by an external company. AWS handles your information as described in the AWS Privacy Notice. AWS will own the data gathered via this survey and will not share the information collected with survey respondents.)

from AWS News Blog https://ift.tt/JxgWtKc
via IFTTT

Who needs VC funding? How cybercriminals spread their ill-gotten gains to everyday business ventures

~ Reporter ~ Leave a comment

Cybercriminals aren’t so different from the rest of us — they live in the real world, and their spending and investment habits, though funded through crime, can look surprisingly ordinary. Luxury cars and lavish vacations may still grab headlines, but those perks are reserved for the most elite cybercriminals.

In reality, everyday businesses — like pizza delivery, construction supplies, or tattoo parlors — are supported by the fruits of the labor that comes from a life of cybercrime.

An extensive investigation by Sophos X-Ops, pulled from thousands of posts on two Russian-language and three English-language cybercrime forums, uncovered the dark underbelly of illegal schemes cybercriminals use to reinvest their money. Yet, researchers also discovered a vast community of chatty cybercriminals seeking to help each other launder their money with more common business pursuits.

According to John Shier, field chief information security officer of threat intelligence at Sophos, alleged cybercriminals on these forums are pursuing an immense range of businesses, investment proposals and startup ideas.

“A lot of this cybercrime is fueled by crypto, and it’s kind of useless in the real world,” Shier told CyberScoop. “So, they need to be able to move that cryptocurrency into some sort of fiat, some sort of valuable something that they can actually spend in the real world.”

The discussion of legitimate businesses as a vehicle for laundering money is brazen, he said. Some guides and detailed instructions shared on these forums also reveal how extensively cybercriminals collaborate to diversify and develop specialized ways to funnel their money. 

Sticking to what they know

Businesses that cybercriminals prop up with their ill-gotten gains include everything from drive-thru coffee shops to real estate, education, pharmaceuticals, construction, software development and — wait for it — cybersecurity companies and services. 

Users on these forums proposed selling spyware to pentesters and corporations, developing exploits or finding vulnerabilities in local businesses’ networks to then turn that into an opportunity to sell protective services. “I accidentally found myself in this situation, raised a lot of money and got a regular client,” an unnamed user wrote, according to Sophos.

Researchers also observed proposals for security startups specializing in vulnerability research and a hash decryption service using a commercial cloud provider. One user recommended an investment in a prominent cybersecurity vendor.

“Irony aside, this raises the concerning possibility that threat actors could become shareholders of a company that tracks and disrupts threat actors,” Sophos X-Ops researchers said in the report

“It is concerning that you’d have people with motivations that are criminal, that are investing in businesses that are supposed to be helping organizations withstand cybercrime,” Shier said.

While it’s a positive when someone leaves a life of cybercrime behind, Shier said he doubts that’s the case for individuals communicating within the criminal underground. The potential for insider-type activity is real, where “the protectors are actually the ones that are in the ski masks and pointing a gun at you,” he said.

Crime begets more crime

Some of the guides Sophos found covered step-by-step methods for investing in gold or diamonds, establishing shell companies, money laundering, and importing and exporting.

Researchers described some business interests as “gray,” including pornography and gambling. 

Outright illegal activities were abundant on these forums as well. This includes bots, pyramid schemes, sex work, drugs, tax evasion, insider trading and reinvesting in cybercrime. 

“Invest it in the business that brought you this income. It’s obvious,” one user said in a forum, according to Sophos. 

Researchers observed multiple investment opportunities for malware and campaigns already in progress or development, including botnets, infostealers, phishing tools, SIM-swapping and a year-old DDoS-related project.

In one especially striking post, an alleged cybercriminal shared how they bought properties solely for the purpose of burying large sums of cash underground. 

A screenshot of the post Sophos shared with CyberScoop included detailed instructions for preparing the cash and selecting site locations. It was recommended that bank notes should be dry and free of any sign of mildew, arranged in piles, vacuum sealed into plastic bags, and then placed into large airtight bags with silica gel packets, before being sealed into a PVC drum and buried at least five feet deep, away from roots and on higher ground.

“Cover the hole when you’re done and write down the GPS coordinates so you or your descendants can easily find the location in the future,” the post explained. 

“If you’ve got so much money that you just need to start burying it like that, that, to me, is a pretty big red flag,” Shier said. “Are they building generational wealth here? Like, how much money are we talking about?”

Follow the money to what end?

Threat intelligence spans both physical and digital realms to help organizations detect and prevent malicious activity. While most of this research focuses on identifying  new attacks, and post-compromise activities, far less attention is placed on tracking the money once cybercriminals acquire it.

“We know that money enters the system very often through fraud or through things like ransomware, computer crime, but how it exits the system helps us maybe have a better idea of how we can monitor those different avenues,” Shier said.

“If we can just shine lights on absolutely everything, then it becomes a lot more difficult for them to hide,” he said. 

The legitimate businesses and gray-area pursuits that cybercriminals squeeze for additional profit ultimately implicate innocent people, creating more downstream victims, according to Shier.

“Cybercriminals are no different than the mafia, than other organized criminals. They’re going to use every avenue at their disposal,” he said. “We need to be able to shine as many lights on that as possible, so that then law enforcement and the judicial system can do what they need to do to prosecute these people.”

The post Who needs VC funding? How cybercriminals spread their ill-gotten gains to everyday business ventures appeared first on CyberScoop.

from CyberScoop https://ift.tt/2UKJ7qY
via IFTTT

Data Protection Market: Endless Possibilities to Ensure a Secure Future

~ Reporter ~ Leave a comment

Do you know that the average cost of a data breach is expected to reach over USD 4 million by the end of 2025, having already reached around USD 4.86 million globally in 2024. Data leaks and cyberattacks have increased in frequency, affecting more than 342 million people in 2023. Here are a few recent data breach cases in prominent fields.

Thus, in the modern world, data protection becomes crucial to protect individual rights, foster trust in digital interactions, and preserve personal integrity. According to Research Nester’s analysis, the market for data protection is expected to reach USD 1.12 trillion by 2037, up from USD 158.77 billion in 2024. The need for data protection and recovery, the increased organizational awareness of data integrity, and increasing cybersecurity threats are some important factors that will support the growth of the global data protection market. Further, in this blog post, let’s explore evolving trends and identify future opportunities in the data protection market.

1.Growth of Remote Work Culture and Bring Your Own Device (BYOD) Policies

As of March 2025, more than 35 million Americans, or around 21% of all employees, worked remotely to some extent. Due to the growing accessibility of technology and the recognition that working remotely can be more effective and efficient, the workforce is increasingly moving toward remote arrangements. As a result, strong data protection measures are required as remote workers have long been viewed by hackers as weak points in their attempts to access systems and steal data. For instance, in 2023, the average cost of a data breach was around USD 5 million, and breaches related to remote work cost an extra USD 173,073 on average per occurrence. Moreover, fostering a culture of security and compliance in remote work situations is crucial since remote work presents a wide range of cybersecurity challenges.

2.Adoption of Zero Trust Architecture (ZTA)

Zero Trust is an integrated, proactive strategy that offers quick improvements in security controls and risk mitigation. To improve cybersecurity and preserve the integrity of federal agency networks, organizations are increasingly using ZTA in response to the growing prevalence of remote work, cloud computing, and sophisticated cyber threats. Small and medium-sized businesses (SMBs) are exposed to a growing range of security vulnerabilities, making ZTA an essential strategy to protect SMBs. For instance, SMBs were the target of over 60% of cyberattacks in 2023. In fact, in 2023, about 94% of cybersecurity events that affect SMBs cost between USD 825 and USD 653,586. 

3.Shift to Cloud Computing

According to the European Commission, in 2023, 45.2% of EU businesses purchased cloud computing services, primarily for office software, electronic file storage, and email system hosting. Moreover, by the end of 2025, more than 90% of all businesses globally will rely on cloud computing services to support their operations, around 13% in 2020. This shift has necessitated robust data protection strategies as it also introduces the risk of data breaches. For instance, data stored on the cloud was the cause of over 75% of data breaches in 2023, making the cloud a susceptible area. This is further boosting spending on cloud security to protect cloud-based systems from changing cyber threats, illegal access, and data breaches. 

4.Presence of Stringent Data Privacy Laws

Almost all nations have passed some kind of data privacy legislation to safely shield data from breaches, illegal access, and online dangers. Businesses that prioritize data privacy should adhere to legal requirements, protect assets, build trust, and promote sustainability. With rising concerns over data breaches, countries around the world are doubling down on data privacy regulations. Let’s look at how several nations are emphasizing data privacy laws.

  1. The Indian Parliament passed the Digital Personal Data Protection (DPDP) Act, 20236, at the beginning of August 2023, which is the country’s first data protection law. The fines for breaking the DPDP Act can range from around ₹49 crore to over ₹240 crore for each infraction.
  2. Under the California Privacy Rights Act (CPRA), the state government of California established the California Privacy Protection Agency (CPPA) to strengthen consumer data rights while informing customers by encouraging openness, enforcement, and education. For a single CCPA violation, civil penalties can vary from over USD 2400 to USD 7400.
  3. The General Data Protection Regulation (GDPR) went into force throughout the European Union on May 25, 2018, impacting any organization that handles the data of people who reside in EU member states. Those that break the GDPR’s privacy and security rules might face severe fines of around 9 million euros, or over 1% of a company’s global yearly turnover from the prior year, whichever is higher.

In a Nutshell,

Every business should place a high premium on data protection to maintain the confidentiality and integrity of the data. As a result of increased rules, technical improvements, and an increasing emphasis on individual rights and control, data privacy is set to undergo major change in the future. Towards the end, the global data protection market is poised for significant growth in the evolving cybersecurity landscape.

Source: https://ift.tt/cFf9Qd7 

 

The post Data Protection Market: Endless Possibilities to Ensure a Secure Future first appeared on Cybersecurity Insiders.

The post Data Protection Market: Endless Possibilities to Ensure a Secure Future appeared first on Cybersecurity Insiders.

from Cybersecurity Insiders https://ift.tt/3tWwAsO
via IFTTT

The End of VPNs — Part 1: Why Reachability is the New Risk

~ Reporter ~ Leave a comment

[Part 1 of 2 – Based on an interview with Zscaler CSO Deepen Desai]

By Holger Schulze, Cybersecurity Insiders

The 2025 RSA Conference floor was buzzing earlier this month—every booth promising maximum security, every vendor claiming AI. But when I sat down with Deepen Desai in a quieter room to talk about secure access, he cut straight to the point: 

“VPNs are exposed by design,” he said. “And anything exposed is exploitable.”

Desai is the Chief Security Officer at Zscaler. He leads ThreatLabz, one of the most recognized research teams in cloud security. His team had just released the 2025 VPN Risk Report, an unflinching assessment of how legacy remote access infrastructure is failing the modern enterprise.

The numbers alone signal a turning point:

  • 65% of organizations plan to eliminate VPNs within 12 months
  • 81% are moving toward a Zero Trust architecture
  • 92% are concerned that unpatched VPNs will lead to ransomware attacks

But those numbers weren’t the headline. The real story was what Desai said next.

“The problem with VPNs isn’t misconfiguration. It’s that they work exactly as designed—by placing users on the network. That’s the flaw.”

From Access to Attack Surface – The Blast Radius Is the Network

For years, VPNs served as the default answer to remote access. They were familiar, deployable, and “secure enough.” But the world they were built for no longer exists. And in today’s hybrid work and cloud-first environment, that familiarity is dangerous as they create tunnels from users into internal environments: because once authenticated, VPNs grant network-level access.

“VPNs don’t connect you to an application,” Desai explained. “They put you on the network—and once you’re there, the entire routing table is fair game.”

Between 2020 and 2025, Zscaler ThreatLabz tracked over 400 CVEs tied to VPN appliances as reported by the MITRE CVE Program. In 2024 alone, 60% of new VPN vulnerabilities were rated high or critical. These flaws allowed attackers to bypass authentication, execute code remotely, or hijack sessions outright. And the adversaries aren’t waiting around. 

And as Desai pointed out, attackers are often exploiting them faster than vendors can patch.

“We’ve seen ransomware groups reverse-engineer VPN vendor patches within hours of release,” he said. “They don’t need to wait for the next zero-day exploit. They just need to watch the update notes.”

Once inside, VPNs offer no built-in segmentation. No identity-aware access. No containment. 

We’ve seen this play out repeatedly. In the past 24 months, attacks targeting Citrix, Pulse Secure, and Ivanti VPNs forced urgent patch cycles, major outages, and—in at least one case— U.S. federal agencies were ordered to physically disconnect appliances to prevent a breach.

“When a government agency tells you to unplug your VPN device,” Desai said, “that’s not a security advisory. That’s an obituary.”

The Breach Blueprint: Four Stages of Exploitation

What makes VPNs so dangerous today is not just that they’re reachable—it’s what they enable after compromise. Desai broke it down like a blueprint, because that’s exactly how attackers see it:

  1. Find an exposed VPN endpoint—scan the internet or query an LLM trained on CVE metadata.
  2. Compromise the device—via credentials, phishing, or a known exploit.
  3. Move laterally—because VPNs place you on the internal network with broad access.
  4. Exfiltrate or encrypt—steal data or detonate ransomware.

“If your device is compromised,” Desai warned, “the blast radius is everything your VPN can reach on the network. And with most VPNs, that’s a lot.”

AI Is Changing the Rules—and Breaking the Old Model

Desai also emphasized that attackers aren’t just adapting to old defenses. They’re automating past them.

“We’re already seeing threat actors use AI to scale reconnaissance,” he said. “They use GPT models to query CVE databases, plan attacks, and generate working exploits faster than most teams can patch.”

In this new era, attackers no longer need weeks of manual research. They can run 1,000 automated scans, find the exposed systems, and strike—at scale.

“They don’t care about an 80% failure rate,” Desai added. “If 20 out of 100 attacks succeed, they win. But we can’t operate that way. We have to defend everything.”

And while defenders have AI too—risk scoring, anomaly detection, automated policy generation—Desai made it clear that defensive AI only works when the architecture is simplified.

“Use AI to fight AI,” he said. “But don’t rely on AI to clean up after a broken access model. You need Zero Trust first—because if your infrastructure is reachable, you’ve already lost.”

This is where Zero Trust does more than reduce risk. It removes visibility. It denies entry. It breaks the attacker’s playbook before they press ‘Enter.’

The Quiet Cost: Normalized Fragility, Institutional Risk

Desai’s view isn’t just about external threats. He pointed to what he called the “quiet failure” of VPNs: the day-to-day cost they impose on IT, security, and end users.

“We’ve normalized the fragility,” he told me. “Dropped sessions, sluggish performance, endless helpdesk tickets—it’s all seen as just the price of remote work. But it doesn’t have to be that way.”

According to the VPN risk report:

  • 54% of teams say VPNs are a recurring source of outages or support escalations
  • 41% call VPN maintenance a major drain on internal resources
  • 51% of users report degraded application performance
  • 23% say slowdowns directly impact their productivity

The problem isn’t just the VPN tunnel. It’s the architecture around it—one that demands constant patching, exposes public IPs, and assumes any authenticated user is trustworthy enough to be on the network.

“Security teams are stuck patching appliances,” Desai said. “Helpdesk teams are buried in tickets. Meanwhile, attackers are using AI to scale recon. It’s not a fair fight.”

Inheriting Risk: Third-Party and M&A Exposure

There’s another failure mode that Desai considers just as dangerous—and far less visible: VPNs as backdoors for third-party risk.

“If your contractors connect over VPN, you’re not just exposing your apps,” he said. “You’re inheriting whatever vulnerabilities exist in their environments.”

In one 2024 incident cited in the report, a financial services firm suffered a breach after attackers exploited a third-party VPN connection, exposing data from nearly 20,000 clients.

And the risk is amplified during mergers and acquisitions.

“Attackers monitor the news,” Desai said. “When an acquisition is announced, they target the smaller company. It’s lean, underprotected, and usually connected by VPN to the parent. That’s the bridge—and no one’s watching it.”

What Happens When the VPN Is Gone

So what does life after VPN actually look like?

Desai offered a clear example: ManpowerGroup, a global enterprise with over 30,000 users, fully transitioned from traditional VPN to Zscaler Private Access (ZPA)—in just 18 days.

The impact wasn’t just faster logins or simplified administration. It was architectural.

  • No exposed IP addresses
  • No lateral network access
  • 97% reduction in helpdesk tickets related to remote access
  • Application access based on identity and policy—not network level routing

“When you eliminate the idea of being ‘on the network,’” Desai said, “you eliminate the attacker’s playground.”

Coming Next: The End of VPNs —Beyond the Buzz of Zero Trust

In Part 2 of this series, we’ll go deeper into how Zero Trust replaces VPNs—not just in branding, but in architecture. We’ll walk through how Zscaler applies Zero Trust in practice, why identity—not subnet—is the new perimeter, and how organizations are using app-segmentation and deception to stop lateral movement before it starts.

Because the future of secure access isn’t about building safer tunnels. It’s about removing the need for VPN tunnels altogether.

The post The End of VPNs — Part 1: Why Reachability is the New Risk first appeared on Cybersecurity Insiders.

The post The End of VPNs — Part 1: Why Reachability is the New Risk appeared first on Cybersecurity Insiders.

from Cybersecurity Insiders https://ift.tt/dvLqhG9
via IFTTT

Learning How to Hack: Why Offensive Security Training Benefits Your Entire Security Team

~ Reporter ~ Leave a comment

Organizations across industries are experiencing significant escalations in cyberattacks, particularly targeting critical infrastructure providers and cloud-based enterprises. Verizon’s recently released 2025 Data Breach Investigations Report found an 18% YoY increase in confirmed breaches, with the exploitation of vulnerabilities as an initial access step growing by 34%. 
As attacks rise

from The Hacker News https://ift.tt/yYnS14H
via IFTTT

The Power of Immutable Data Storage in Defending Against Ransomware Attacks

~ Reporter ~ Leave a comment

In today’s sophistication driven world, ransomware attacks have become one of the most pervasive and damaging forms of cybercrime. These attacks, which involve hackers encrypting a victim’s data and demanding a ransom for its release, can cripple businesses, institutions, and individuals alike. 

According to recent statistics, ransomware attacks are on the rise, with cybercriminals employing more sophisticated techniques to extort victims. In light of this growing threat, businesses are looking for innovative ways to safeguard their critical data.

One solution that is gaining traction is immutable data storage. This technology provides a robust defense against ransomware by ensuring that data cannot be altered, encrypted, or deleted once it’s written. In the event of a ransomware attack, immutable storage acts as a critical line of defense, offering several unique benefits that can significantly reduce the impact of an attack.

What is Immutable Data Storage?

Immutable data storage refers to a data storage system in which information is made permanent and cannot be changed, deleted, or altered once it has been written. This immutability is typically achieved through features like write-once-read-many (WORM) protection or blockchain-based technologies. The idea is simple: data is locked down to prevent malicious actors from tampering with it, even if they gain access to the system.

In the context of ransomware, immutable storage acts as a safeguard against the encryption of critical files. Since attackers typically rely on being able to alter or delete data, immutable storage renders that attack vector useless, as the data remains untouchable.

Key Benefits of Immutable Data Storage in Ransomware Defense

1. Protection from Data Encryption

Ransomware attacks often involve encrypting the victim’s files, making them inaccessible without a decryption key, which is usually provided only after paying a ransom. With immutable data storage, once data is written to the storage medium, it cannot be encrypted or modified. This ensures that, even if attackers manage to infiltrate the system and deploy ransomware, the critical backup data remains unaffected and accessible.

For instance, if a company’s sensitive data and backup files are stored in an immutable format, they cannot be encrypted by ransomware, even if the main systems are compromised. The organization can then restore its data from the unaltered copies, without having to pay the ransom.

2. Data Integrity and Reliability

Immutable storage offers a high level of data integrity, ensuring that the data cannot be tampered with or corrupted. In the aftermath of a ransomware attack, this guarantees that businesses have access to a clean, unmodified version of their files. This reliability is crucial for maintaining business continuity, as it allows for a quicker and smoother recovery process.

For example, many organizations rely on backup systems to recover from cyberattacks, but if backups themselves are compromised or deleted, recovery becomes almost impossible. Immutable storage prevents this from happening, ensuring that backups remain secure and viable for recovery even in the worst-case scenario.

3. Increased Resilience to Insider Threats

While ransomware attacks are often associated with external cybercriminals, insider threats—such as disgruntled employees or compromised accounts—are also a significant risk. In such cases, malicious insiders may attempt to alter, delete, or encrypt critical data.

Immutable data storage, however, blocks any attempt to modify or delete data, even by trusted internal users. The security model ensures that data is always preserved in its original form, thereby mitigating the risks posed by insider threats.

4. Facilitating Regulatory Compliance

Many industries are subject to strict data protection regulations that require businesses to keep secure, unaltered copies of their data for specific periods. This is especially true for sectors like finance, healthcare, and legal services, where data integrity and availability are paramount. Immutable storage helps businesses meet these compliance requirements by ensuring that data is stored securely and cannot be tampered with, offering a clear audit trail in the event of an investigation.

By implementing immutable data storage solutions, organizations can demonstrate that they are following best practices for data security and regulatory compliance, protecting themselves from both legal and financial repercussions.

5. Cost-Effective and Fast Recovery

One of the biggest challenges of a ransomware attack is the cost of downtime and the expense of restoring data. Businesses may spend days or even weeks trying to recover from the attack, especially if they lack a reliable backup system. Immutable storage mitigates these recovery costs by ensuring that backup data remains intact and readily available.

In addition, since immutable storage prevents data modification or deletion, there is no need for costly and time-consuming efforts to verify the integrity of the backup. The data is already safe, reducing both recovery time and financial losses. This enables businesses to return to normal operations faster, minimizing the operational disruption that comes with ransomware attacks.

How Immutable Storage Works

To fully understand the effectiveness of immutable storage, it’s important to know how it operates in practice. There are two main approaches to implementing immutability:

1.Write Once, Read Many (WORM): WORM is a feature that locks down data once it’s written to a storage medium, making it read-only. Any subsequent attempts to modify, delete, or encrypt the data are blocked. Many modern cloud providers offer WORM-enabled storage as a feature in their backup and archival systems.

2.Blockchain Technology: Some organizations are exploring the use of blockchain technology to create immutable records of data. Blockchain provides a decentralized ledger where each block contains a cryptographic record of data that cannot be altered once it is added to the chain. This offers a tamper-proof system for storing important records, which could play a critical role in preventing ransomware attacks.

Conclusion: A Crucial Layer of Defense

As ransomware attacks continue to evolve in sophistication and frequency, businesses must explore every available defense to protect their critical data. Immutable data storage offers a powerful and proactive solution, helping organizations secure their data against modification, encryption, and deletion.

By implementing immutable storage, businesses can ensure that, in the event of a ransomware attack, they still have access to clean, unaltered backups for recovery. In a time when the cost of a successful ransomware attack can be devastating, adopting immutable storage is an investment in both security and peace of mind.

In the fight against cyber threats, immutability provides one of the most effective weapons available.

The post The Power of Immutable Data Storage in Defending Against Ransomware Attacks first appeared on Cybersecurity Insiders.

The post The Power of Immutable Data Storage in Defending Against Ransomware Attacks appeared first on Cybersecurity Insiders.

from Cybersecurity Insiders https://ift.tt/vsEg4Qp
via IFTTT