A Gartner study from October 2019 forecasted that the public cloud technologies services market would reach $266.4 billion in 2020. 17% growth seems excessive, but it pales against the 50% overall increase in cloud utilization across the enterprise that McAfee reported in 2020, partially motivated by COVID-19 related mandates.
Great time to market, apparent simplicity as well as lower technology, business and financial barriers, made the cloud the preferred real-estate among individuals and enterprise alike. Cloud technology is a game changer and a life saver, but it can also be a cybersecurity nightmare.
As organizations extended their technology landscape across multiple physical and trust boundaries, what used to be a solid perimeter to protect is now a series of highly dynamic “micro-borders” or just no clearly delimited border at all. This change in the technology landscape also unveils a problem with current cybersecurity approaches and paradigms that were originally designed to protect organizations, starting at their borders.
When organizations extend their networks to the cloud, they are trading security for time to market, productivity, efficiency, usability, and accessibility. A price that businesses will pay gladly. Many times, these implementations are a product of firms’ strategies or planned processes, but often cloud technology adoption responds to emergencies. When the latter happens, the outcome is an implementation plagued with vulnerabilities.
We know now that architecting and designing solutions in or for cloud technologies require a different set of skills. The selection, deployment, configuration and integration of cloud artifacts, the leverage of trusted domains, the management of certificates, the whitelisting of addresses, the practice of allowing apps to bypass inline defenses, the need for data movement across boundaries and the vulnerabilities intrinsic to browsers open opportunities for vulnerabilities that could be used by malicious actors to gain access to our data.
The attack vectors that corporate cloud users should be aware of include:
- Data breaches and loss
- Insider attacks
- DoS and DDoS attacks
- Cloud phishing
- Cloud malware injection
- Cross-cloud attacks
- Side channel attacks
- Credential stuffing attacks.
So how do companies adapt their cybersecurity postures and develop the policies, controls, processes, and technologies to protect their data and achieve regulatory compliance requirements?
Our recommendations to protect your data and your users in the cloud include the following:
- Implementation of a Zero Trust security approach to control access to your workloads and limit network lateral movement.
- Use of strong passwords, multi-factor authentication (MFA) and access controls.
- Adaptive access based on user, app, instance, device, location, data, and destination to selectively grant access.
- Protect endpoints using endpoint threat management and response solutions.
- Implement continuous risk security assessments.
- Secure and manage network traffic.
- Restrict cloud utilization and manage adoption in a centralized manner.
- Implement granular data protection controls.
- Implement cloud data loss prevention.
- Implement threat hunting.
- Continuous training and awareness programs.
The adoption of these technologies is quick and simple. Cloud services enable organizations’ processes, improve quality, increase productivity and speed to market, but it also creates vulnerabilities that must be addressed before it is too late. As organizations extend their technology landscape across boundaries, traditional cybersecurity postures may not be able to provide the level of protection needed. Cystel specializes in detecting and remediating cybersecurity vulnerabilities in these enterprise deployments, reducing your risk so you can focus on your core business.