Cloud cyber security required by 70% of firms
4th January 2019
Cloud computing has transformed the way small to medium sized (SME) companies purchase and use IT services in the last five years. It is estimated that 70% of all firms in the US and Europe use at least one business-critical cloud application. The cloud delivers simplified IT management, remote access, mobility, and huge cost-efficiency. However, as more and more applications migrate to the cloud, the need to ensure effective cloud cyber security and data privacy has become essential for every organisation.
What is cloud computing?
Cloud computing is a generic term for a group of services which includes Software as a service (SaaS), Infrastructure as a service (IaaS) and Platform as a service (PaaS). SaaS offers low-cost access to a large number of business applications which include accountancy, email, ERP and CRM systems.
Cloud cyber threats
Although published in 2016, the Cloud Security Alliance (CSA), The Treacherous 12 report provides an accurate guide to the top cloud security threats. Based on a survey of 271 global CISO executives, the report identified the three top concerns as Data Breaches, Weak Identity & Access Management and Insecure API’s.
The management of the identity and authentication of cloud users remains the number one priority for all cyber security managers. Many SaaS users only rely on their username and password to access confidential business data stored in the cloud. The unauthorised use of stolen or ‘cracked’ credentials provides the hacker with an easy win.
For the larger enterprises, attacks occur because of a lack of scalable identity access management systems and the lack of ongoing management of cryptographic keys, passwords and security certificates. All cloud users can improve their security by using multi-factor authentication (MFA), stronger passwords and encryption services.
Dedicated cloud security software solutions are increasingly employing UEBA (user and entity behaviour analytics) to prevent account compromise. This technology detects unusual patterns in the frequency, location and activity of a user. For example, if a login is detected from another country or another device, an alert will prompt the real user to confirm that this is a legitimate request.
A new breed of malware has been developed to exploit cloud-based applications. These include sophisticated applications that are granted access through OAuth (Open Authorization) tokens to programmatic interfaces in cloud systems. For example, a user grants access to an application with their Google credentials that allows the application to access their corporate Google account. Application firewalls and threat intelligence services are regularly employed to detect and prevent these types of attack.
A data breach is an incident in which sensitive, confidential information is viewed, stolen or used by an individual who is not authorised to do so. It may be the primary objective of a cyber attack or merely the result of human error, application vulnerabilities or poor security practices.
In many parts of the world, laws and regulations require organisations to comply with certain standards of care to ensure that sensitive information is protected against unauthorised use. When a data breach occurs, companies may incur significant fines and be subject to civil or criminal litigation. This applies to personally identifiable information (PII) as defined by the EU General Data Protection Regulation (GDPR). It also applies to personal credit card details as protected by compliance with the global PCI DSS standard.
The Forrester Market Overview: Cloud Data Protection Solutions report provides a good guide to the requirements and the key suppliers of an effective cloud data loss prevention system.
Shared cyber security responsibility
Cloud-based service providers rarely provide a complete cyber security service. Most suppliers operate on a ‘shared responsibility’ basis. Providers take responsibility for the security of the physical and virtual server infrastructure, and the users are responsible for the access to and the use of the data. This relationship is usually defined in a business service level agreement which should always be reviewed before engaging with the cloud service.
Not just technology
Among the most significant security risks associated with cloud computing is the tendency for users to bypass IT departments and cyber security officers. Although moving to the cloud may provide cost and efficiency gains, doing so requires that all security policies, processes, and best practices are reviewed and updated to meet the requirements of cloud security.
The Wizard Cyber CYBERSHIELD MDR-COMPLETE service package mitigates the risk of cloud-based cyber attack by continually monitoring critical IT infrastructure, endpoint and user activity. Suspicious cloud threats are detected using advanced behavioural analytics and immediate remediation action is delivered by our 24/7 cyber security operations centre.