How cloud cover could transform your company’s cybersecurity

1) Reduce the risk of human error

Con­sid­er the typ­i­cal IT infra­struc­ture of a small busi­ness. It’s often based in the same build­ing in which untrained employ­ees work and is acces­si­ble to any­one who works for the com­pa­ny. This makes the job of cyber­crim­i­nals far eas­i­er in terms of hacks or trick­ing staff into open­ing cor­rupt­ing files, and it also increas­es the odds of a data breach due to human error.

“Now con­trast that with a large cloud provider,” says Jamie Akhtar, CEO and co-founder of CyberS­mart, a cyber­se­cu­ri­ty soft­ware com­pa­ny. “Cloud servers are housed in huge, well-guard­ed data cen­tres, often far off the beat­en track and a long way from providers’ cen­tral offices and staff. What’s more, the data in those servers is usu­al­ly pro­tect­ed with com­plex encryp­tion, mak­ing hack­ing extreme­ly dif­fi­cult.”

Sim­ply put, an organisation’s staff need access to all its data; com­pa­nies should allow a gate­keep­er to guard this perime­ter and pro­tect their employ­ees from them­selves.

2) Spot the enemy within

In an era when cyber­se­cu­ri­ty can seem entire­ly focused on exter­nal threats, com­pa­nies can for­get the risks at home. Cap­i­tal One no doubt invest­ed heav­i­ly in pre­ven­ta­tive soft­ware, but a sin­gle employ­ee still down­loaded 30GB of cred­it appli­ca­tion data includ­ing approx­i­mate­ly 140,000 Social Secu­ri­ty num­bers and 80,000 bank account num­bers.

Although it may feel safer to store data on-premis­es, it pro­vides a false sense of secu­ri­ty. Ker­ri Dear­ing is head of inter­na­tion­al busi­ness at Net­Doc­u­ments, a cloud-based doc­u­ment ser­vice. “If data is held at a company’s office, it is far more sus­cep­ti­ble to being breached by hack­ers or a dis­grun­tled employ­ee,” she says. “The legal sec­tor, for instance, is a prime tar­get for data breach­es, as many small­er firms keep huge troves of data onsite.”

Accord­ing to fig­ures from the Infor­ma­tion Commissioner’s Office, 68% of data breach­es at UK law firms were caused by insid­ers, ver­sus 32% caused by out­side threats.

An exter­nal cloud secu­ri­ty sys­tem can ensure organ­i­sa­tions main­tain a strong perime­ter around their data, even guard­ing against inter­nal threats by ensur­ing only trust­ed indi­vid­u­als have access. Steve Gyurindak is CTO for net­work and oper­a­tional tech­nol­o­gy at Armis, which assess­es the threat con­nect­ed devices cre­ate. He says indus­tries like account­ing, HR, sup­ply chain and man­u­fac­tur­ing face a par­tic­u­lar risk. “Any gap in this perime­ter can lead to a neg­a­tive out­come, as Cap­i­tal One learnt the hard way.”

3) A problem shared is a problem halved

Keep­ing a company’s secu­ri­ty up to date requires exter­nal, pro­fes­sion­al input. One of the defin­ing fea­tures of the cloud is the shared respon­si­bil­i­ty mod­el, unlike hav­ing an IT team respon­si­ble for out­ages, user prob­lems and the hefty job of updat­ing and mon­i­tor­ing cyber­se­cu­ri­ty.

“With on-premis­es envi­ron­ments, there is a sig­nif­i­cant respon­si­bil­i­ty on the in-house IT team to keep the lights on, mean­ing atten­tion is often spread thin, with less time to focus on the dif­fi­cult tasks of ensur­ing secu­ri­ty,” says Bryan Pat­ton, prin­ci­pal strate­gic sys­tems con­sul­tant at Quest, which pro­vides soft­ware as a ser­vice (SaaS) and cloud man­age­ment. “While the cloud does not absolve the end user of respon­si­bil­i­ty for secu­ri­ty, it shifts more of the bur­den to the cloud provider, giv­ing greater pro­tec­tion and enabling the organ­i­sa­tion to real­lo­cate resources.”

The cloud’s uni­form approach also improves upon on-premis­es solu­tions, which can often involve prod­ucts that are not nec­es­sar­i­ly com­pat­i­ble or stream­lined. Etay Maor, senior direc­tor of secu­ri­ty strat­e­gy at Cato Net­works, a secure access ser­vice edge (SASE) provider, says that main­tain­ing one secu­ri­ty pol­i­cy across mul­ti­ple box­es and ven­dors is just one of the day-to-day issues. “With remote users util­is­ing mul­ti­ple box­es from mul­ti­ple ven­dors, organ­i­sa­tions are rarely pro­vid­ing the same lev­el of secu­ri­ty for every net­work flow, be it a cloud appli­ca­tion, a user or an inter­net of things-enabled device. This is dat­ed and not on a par with today’s cyber threats. Organ­i­sa­tions are lit­er­al­ly bring­ing on-premis­es solu­tions to a cloud fight.”

4) Build a fully manned security wall

When a com­pa­ny is short of man­pow­er, extra help to man the perime­ters is invalu­able. Cyber­se­cu­ri­ty solu­tions that can detect and respond to attacks give organ­i­sa­tions con­tin­u­ous vis­i­bil­i­ty across their entire IT envi­ron­ment, so they can con­nect the dots and spot signs of a threat in near real time, quick­ly neu­tral­is­ing them before they become breach­es.

“By hav­ing eyes and ears inside the cloud, secu­ri­ty teams ben­e­fit from cru­cial secu­ri­ty con­text to deliv­er time­ly and mean­ing­ful threat assess­ments that allow them to pri­ori­tise events, reduc­ing the pres­sure on secu­ri­ty teams and help­ing to keep the busi­ness safe,” says Oliv­er Tavakoli, CTO at Vec­tra, a leader in AI-dri­ven threat detec­tion.

Cloud AI cov­er­ing a company’s perime­ter can spot threats instan­ta­neous­ly and know the lat­est threats on the hori­zon. Gyurindak says: “If you look at the num­ber of vul­ner­a­bil­i­ties found in 2021, there were more than 20,000. That was up from 18,000 in 2020. This becomes a chal­lenge [for on-premis­es solu­tions] giv­en the glob­al short­age of IT work­ers, and tak­ing into account that the IT indus­try has the high­est turnover rate of employ­ees.”

5) Free up IT teams to advance your company’s priorities

With more cyber­se­cu­ri­ty sup­port, cloud can not only reduce ‘alert fatigue’ with­in an IT team but also free staff up to improve day-to-day process­es or per­for­mance, rather than sim­ply deal­ing with threats.

“Secu­ri­ty teams at on-premis­es sites can spend a large part of their day sift­ing through moun­tains of often mean­ing­less secu­ri­ty alerts, lead­ing to alert fatigue, which means they are more like­ly to over­look or dis­miss a seri­ous threat that could lead to a breach,” Tavakoli says. “Cloud AI means teams are bet­ter equipped to detect and respond to cyber threats quick­ly, pre­vent­ing full-scale attacks. Only then can over­bur­dened ana­lysts focus on the things that mat­ter: halt­ing attacks before they become breach­es and avoid­ing cost­ly rep­u­ta­tion­al dam­age.”