Security Market Segment LS
Monday, 27 July 2020 19:11

SPIKE IN CLOUD ATTACKS SHOWS BUSINESSES WERE NOT PREPARED TO WORK FROM HOME

By Ryan Trost, ThreatQuotient
Ryan Trost, Co-Founder & CTO, ThreatQuotient Ryan Trost, Co-Founder & CTO, ThreatQuotient

VENDOR CONTRIBUTION by Ryan Trost - Co-Founder & CTO, ThreatQuotient:  Businesses continue to place more and more data in the cloud, from personal details to intellectual property. The growing adoption of cloud-based solutions by businesses, whether for greater agility, data analytics or to support employees in accessing the data, for example when they were remotely or from home, also increases the risk of cloud attacks.

In December, I released a series of predictions for 2020, one being the likelihood for a significant rise in cloud attacks in 2020. Little did we know back then that the outbreak of COVID-19 would occur, creating the perfect storm for cyber attackers to take advantage of an incredibly disruptive period, with businesses being forced to adopt solutions at a rapid pace, potentially skipping usual protocols, and likely employee use of ‘shadow IT’ solutions.

The spike in cloud cyberattacks this year, with the term "cloud" appearing 29 times in the Verizon’s 2020 Data Breach Investigation Report, shows that businesses did not implement best-practice cybersecurity measures before we all set up our home offices and started working completely from home.

As more and more remote employees place vital data into the cloud, this creates more entry points that are vulnerable and open for cyber attackers to exploit. Recent research from Palo Alto Networks found over 1,700 malicious coronavirus-themed domains are created every day, despite a minority residing in public clouds, they are more likely to be missed by less-complex firewalls. Between the anonymity cloud technology provides cybercriminals and how easy it is for cloud administrators to misconfigure cloud settings; it is no surprise adversaries seek it out.

One of the greatest threats to cloud providers is nation-state actors. When they discover a particular enclave where confidential data is hosted, such as an enterprises’ intellectual property, they could use a zero-day attack to escape containment and deploy a persistent threat to continue their lateral movements throughout the cloud provider. Or perhaps more simply, a determined engineer of your organisation could dump sensitive data into an external drive - either way, there are too many variables and unknowns for security engineers to respond to effectively and expediently.

If your business is considering moving its data into the cloud, it isn’t a decision that should be made too quickly. Due diligence must be performed by IT professionals, CIOs and CISOs of enterprises and governments, and even general cloud users before selecting a cloud provider.

Risk Evaluation

Placing your data into the hands of a cloud provider means you trust that vendor with your business’ data and reputation. Before you make a decision, evaluate all the risks associated with handing over your data to a third-party for hosting. Do they have the required security protocols? Are they willing to answer questions about their security practices? If the provider has been breached previously, this could be a red flag, but don’t be quick to discredit them. Look into how they responded to the breach, not only internally but how they supported their customers.

Preparedness

Find out about the cloud provider’s stacks, specifically if they can service your needs and what level of control and visibility you may retain. Does the cloud provider maintain all hosting responsibilities or is it a joint effort? Is their technology immediately updated or does it ‘slow roll updates’ in order to let the community find unintended vulnerabilities? Does the provider perform annual due diligence checks to ensure their existing technology stack has not become stale with lagging technology?

The biggest players in the cloud space like Google, Amazon and Microsoft have the best security teams and tools available, but this doesn’t mean your organisation doesn’t still play a major role in the security of your data. Learn about the provider’s shared responsibility model to understand what responsibilities are shared between vendors and users to avoid basic security malpractices that can leave your business exposed.

Governance Policies

It is important to be aware of the governance protocols or policies the cloud provider has put in place. Look for vendors that are transparent about their data centre locations, especially if you have specific data requirements and regulatory obligations. Your data will be subject to the subsequent laws of the location it is stored in. That being said, the host provider must also be knowledgeable about other governing regulations especially as it pertains to your data. For example, if you have data that must conform to GDPR policies but the data centre is located across the globe, the cloud provider must be able to abide by GDPR laws. Review the provisions in the company's Service Level Agreement (SLA) that addresses the protocols for handling potential data losses, compensation, or data migration.

Data Migration and Education

Migrating data is a slow process that requires time and bandwidth, affecting your business’ ability to operate at its optimal level. Find out how long this process will take to minimise downtime and reduce this time by only migrating data sources that are required.

Invest time and money to get employees up to speed on how to transition to the new cloud environment. This will not only ensure they are clear on security protocols but it can minimise the chance of breaches as a result of human error. According to the Office of the Australian Information Commissioner (OAIC), 32% of breaches between July and December 2019 were a result of human error.


Subscribe to ITWIRE UPDATE Newsletter here

Active Vs. Passive DWDM Solutions

An active approach to your growing optical transport network & connectivity needs.

Building dark fibre network infrastructure using WDM technology used to be considered a complex challenge that only carriers have the means to implement.

This has led many enterprises to build passive networks, which are inferior in quality and ultimately limit their future growth.

Why are passive solutions considered inferior? And what makes active solutions great?

Read more about these two solutions, and how PacketLight fits into all this.

CLICK HERE!

WEBINAR INVITE 8th & 10th September: 5G Performing At The Edge

Don't miss the only 5G and edge performance-focused event in the industry!

Edge computing will play a critical part within digital transformation initiatives across every industry sector. It promises operational speed and efficiency, improved customer service, and reduced operational costs.

This coupled with the new capabilities 5G brings opens up huge opportunities for both network operators and enterprise organisations.

But these technologies will only reach their full potential with assured delivery and performance – with a trust model in place.

With this in mind, we are pleased to announce a two-part digital event, sponsored by Accedian, on the 8th & 10th of September titled 5G: Performing at the Edge.

REGISTER HERE!

BACK TO HOME PAGE
Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News