20 Sep Cybersecurity future for a cloud-native environment
The future of cybersecurity for a cloud-native future.
Cloud computing brings around a vast number of benefits ranging from reduced costs, to scalability and better performance. Increasingly, organisations are taking a cloud native approach to develop and run applications that take advantage of the cloud computing delivery model power. Techno-functional professionals believe that operating applications using cloud native architectures help in rapid deployment of ideas and faster response to client demands.
Cyber security professionals expect financial damages from cybercrime to reach $6 trillion by year end.
Cyber threats and attacks are drastically on the rise with staggering figures indicating a cyber attack incident every (approximately) 11 seconds.
The advent of the Covid-19 pandemic sped up the rampant migrations to the cloud, leading to misconfigured cloud infrastructures. These misconfigurations are one of the most common ways for attackers to get their hands on sensitive organisation data. In return, data exposure is considered as a major risk which can incur the organisation, fines and financial losses.
The vast majority of cyber attacks depend on social engineering to place malware or ransomware inside companies’ systems. The ongoing shift of ICT practices needs to be managed by strict security policies and cloud environments require more vigilance in their day-to-day management (and the initial setting up!).
Covid-19 has accelerated digital transformation, and certain key security aspects were ignored or not given their due importance, because of high workloads in a short timespan, lack of in-depth knowledge about security threats (of the cloud) and shortage in cyber security professionals. A common misconception directly related to the cloud, is that the cloud provider will offer an end-to-end security solution. This is not the case with the shared responsibility model, whereby the cloud provider draws a boundary line as to where its responsibility lies and stops.
When shifting onto the cloud, the mindset needs to evolve and cyber security and information security need to be dealt with differently. Cloud-native identity and access management are two key areas that need to be well-managed to avoid vulnerabilities and weaknesses. Data security on the cloud is another major theme that needs a strong security strategy to manage it.
Key resources need to be trained, to be able to understand the risks pertaining to the cloud-native environment and subsequently mitigate these risks and protect against cyber intrusions. 24×7 monitoring tools, mainly powered or assisted by Artificial Intelligence, need to complement the overarching cloud security policy. Needless to say anti-malware software needs to reside on the cloud and be kept up-to-date with the latest security definitions.
In addition to investing in security solutions that help reduce the risks associated with cyber attacks, organisations need to also plan and test an incident response plan to ensure business continuity. Resilience is crucial!
Engaging an experienced advisory CISO help strategise and plan the cyber security function of the organisation. Cyber security is a concern of all business units within a company as it can lead to a do or die situation. Adequate budgets need to be allocated to cover the cyber security aspect, on an on-going basis. High-risk attacks can lead to financial crisis in the form of fines, licence revocation, lawsuits and ransom money. Ransomware continues to constantly evolve. It is no longer a one-off incident.
Cyber criminals are are now staggering the approach, where they first seek data breaches, then the stolen data is encrypted on the cloud and then they keep organisations on the line by asking ransom fees (usually in crypto currencies) and threatening to share the sensitive data publicly (which can lead to adverse media and fines related to data protection breaches).
Be proactive and always prepared to combat cyber threats. The adversaries (hackers) are always on the lookout for weaknesses and vulnerabilities to exploit and get unauthorised access to critical data, which is the lifeblood of any organisation. Stakeholder trust is an important factor that has to be safeguarded, with the correct mix of cyber protection. A suggested best practice approach is to focus on two core areas, that is, the preventative-based security architecture and the resilience-based security architecture, vis-a-vis your cloud infrastructure.
Cloud security needs to be structured in a manner in which events are analysed so as to be in a position to identify abnormal activities across all user bases. A continuous monitor of threats needs to be on, to safeguard the applications, data and infrastructure. Generally cloud infrastructures would have a wide pool of users – users need to collaborate to have a safe cloud environment. Defense cannot be static and passive, as attackers are using disruptive methodologies to infiltrate organisations’ clouds. Prediction and neutralising of attacks needs to be realtime.
Cloud environments are accessible via various touchpoints (and devices) such as mobile devices and tablets, so security needs to be a three-hundred-sixty-degree approach. In addition, legal aspects need to be taken into account to always be in adherence with data protection frameworks. If in breach heavy penalties, say compounded for GDPR, can be incurred.