The more connected enterprises become, the bigger the risks they may encounter. This threat landscape is increasingly challenging because of its dynamic nature and the growing sophistication of cybercriminals. Traditional security solutions can’t keep up with continuously changing multi-cloud environments that link your business, partners, suppliers, and customers.
By 2023, 70% of all enterprise workloads will be deployed in cloud infrastructure and platform services, up from 40% in 2020 – the greater the cloud complexity, however, the greater the cybersecurity risk.
Despite this figure, however, the ClubCISO Information Security Maturity Report 2022 found that many enterprises are still running to try and keep up with the pace of cloud. The research found that 75% of enterprises are in the lowest levels of cloud maturity today, compared to 79% in 2021.
Much still needs to be done. However, cyber-attacks continue to gain momentum, with four in ten businesses reporting a cybersecurity breach or attack in the past 12 months. This is higher among medium-size businesses (65%) and large businesses (64%). According to an official UK government survey, of those that have identified breaches or attacks, around a quarter experience them at least once a week.
A comprehensive risk management framework is essential for detecting security gaps and threats across the entire cloud estate and evaluating risk appetite. This helps an enterprise better understand risk exposure, manage resources, and make informed risk-based decisions.
Businesses are playing catch up with risk mitigation
The pandemic has stretched enterprises’ cybersecurity measures to the limit. Enterprises have scrambled to rapidly instigate work-from-home measures, set up and expand virtual private networks (VPNs) and accelerate their move to the cloud.
Cybercriminals have taken advantage of this crisis and the turbulence that has ensued. Thus, it is little surprise that the number of attacks and the number of successful compromises has risen dramatically.
“
Most companies have yet to reach the advanced level of risk management demanded by today’s business environment.McKinsey Companies have to play catch up on cybersecurity 2021
Multi-clouds are a hunting ground for cybercriminals
Cybercriminals are increasingly targeting cloud infrastructures to exploit vulnerabilities in cloud applications, virtual machine software, and virtual machine orchestration.
According to the Joint Cybersecurity Advisory, made up of cybersecurity authorities from the UK, US, and Australia, cybercriminals have ramped up their ransomware attacks on the cloud. This includes exploiting known vulnerabilities in cloud applications, virtual machine software, and virtual machine orchestration software.
In addition, the Advisory’s recent report maintains ransomware gangs are also targeting cloud accounts, cloud application programming interfaces (APIs), and data backup and storage systems to deny access to cloud resources and encrypt data.
Some cybercriminals are even compromising local on-premises devices to reach cloud storage systems and move laterally around the cloud.
Shadow IT risks in the cloud
Shadow IT – the use of solutions or applications without explicit IT department approval – is not a new issue. But it is important to note that it poses a significant risk to cloud estates.
Cloud services, especially SaaS, have become one of the fastest-growing areas of Shadow IT. Lack of visibility into them is a gaping security gap.
Cloud makes it easy for employees to access anytime, anywhere applications such as cloud collaboration and cloud-to-cloud file transfer applications.
Shadow IT in the cloud can cause uncontrolled data flows, which can result in far-reaching and severe compliance problems. For example, misconfigured and unauthorised buckets in the cloud can violate GDPR regulations.
It is paramount that enterprises gain deep visibility and identify shadow IT to assess security and compliance risks across the organisation. This should include getting recommendations to close the security gaps through an actionable roadmap based on business objectives and needs.
“
97% of the cloud apps in use in the enterprise are shadowed IT.Netskope Cloud and threat report 2021
Managing risk in the cloud: a continuous journey
There is no traditional network or infrastructure in the cloud to secure. The only way to adequately secure this active cloud environment is via continuous, real-time solutions such as automatic monitoring and alerts.
Working remotely has led to an increase in software-as-a-service (SaaS). These services are usually configured so they can be used 24/7 on the internet from anywhere that has a connection. Poor security hygiene in terms of infected personal devices, phishing, and insufficient authentication have made companies easy prey for cybercriminals.
Protecting a multi-cloud environment requires a dedicated strategy in terms of policies, processes, and technologies. As multi-cloud computing in the enterprise delivers increased business agility, flexibility, and scalability, organisations are faced with major challenges regarding privacy, security, data protection, and the availability of critical business information.
Here are our top ten tips to help you bolster your defences against growing cloud security threats.
- Run an audit: You can’t protect what you can’t see. You need to audit your data and cloud applications to see what you have and identify what information is sensitive and requires maximum protection. Classifying data is also an efficient way of allocating resources.
- Cloud standards: It is important to remember that cloud architectures are not standardised, and each cloud service provider implements services differently. Understanding how the cloud is implemented is pivotal to risk management.
- Critical data availability: Understand exactly how business-critical data is secured and accessed in the cloud. Examine access permissions for assets in your cloud environment along with access controls such as users’ locations and device types.
- Adopt MFA: Use multi-factor-authentication on user accounts to create strong controls on how employees log on to cloud services. This approach prompts users for an additional form of identification on sign-in. This can be a code to a smartphone, for example, or a fingerprint scan.
- Close backdoors: Many enterprises have moved to the cloud quickly, leaving backdoors open. These are ways for cybercriminals to bypass security methods to access and seize control of systems. Enterprises must evaluate, plan and defend against backdoors. This depends on cloud usage and the choice of tools. Cloud Access Security Broker (CASB) tools can find and block backdoors.
- Effective penetration testing: It is paramount to carry out regular cloud penetration testing to assess the strengths and weaknesses of your cloud estate and enhance the overall security posture. Penetration testing helps to identify risks, deliver clear and actionable remediation, and provide a foundation for best practices.
- Cloud native tools: Enterprises might find they are implementing non- cloud-native tools when they should be using cloud-native tools. Cloud-native is an approach to designing, constructing, and operating workloads directly in the cloud. Cloud-native orchestration tools, for example, can enhance security by excluding vulnerable packages in a container.
- Stop lateral movements: Cloud environments should be designed, so they do not allow lateral movements. This is the technique cybercriminals use to enter an environment and move around it undetected for weeks or even months on a reconnaissance mission before launching a major attack.
- Cloud patch management: Ensure that your cloud provider has a robust strategy for patching known vulnerabilities. Also, ensure your enterprise is proactive in scanning for and patching new vulnerabilities across its own cloud estate.
- Know where your data is: Knowing where your data is gives you day-to-day visibility into your cloud estate, an important component for cloud security compliance and overall cloud posture. It also ensures you adhere to country-specific data sovereignty regulations.
Knowing where the cloud risks are
Cloud computing opens up new business opportunities for your enterprise. But, as you continue to migrate legacy applications and infrastructure to the cloud alongside building a cloud-native estate, you will face new risks.
Identify and stop cloud exposure before it does your business harm
At Telstra Purple, our team of experts deliver comprehensive cloud risk and shadow IT assessments to highlight and prioritise previously unknown security gaps, misconfigurations, and threats across organisations cloud estate.
Our risk assessment will quickly build a complete picture of your enterprise cloud posture and shadow IT usage, providing timely, actionable insights.
We work with industry-leading partners to bring you the best technologies. Our vendor-agnostic, holistic approach will ensure you adopt the best multi-cloud technologies to enhance your cloud posture, aligned with your business goals. Put simply, our end-to-end approach will ensure your cloud estate remains agile and secure.