Cloud security challenges in 2020 and beyond
The first of January ushered in an era of hyper digitization. The more data that’s generated, the more your business will be exposed to risk. So no matter how you look at it, security will be critical to business relevance.
The cloud makes big data, automation, and enhanced agility possible. Keeping all this data secure, including highly sensitive information, is everyone’s responsibility (from the board down to new recruits).
According to the 2019 Cloud Security Report, data loss and leakage was the primary concern of 64% of cybersecurity professionals. The key to keeping your business secure comes down to understanding the current threat landscape, staying prepared, and learning from the past.
So what cloud security challenges can we expect this year? Let’s take a look.
Challenge one: ransomware attacks
Over the last three years, ransomware cemented its place as a critical threat to enterprises and citizens alike. Throughout this time, ransomware has gone through a period of accelerated evolution.
If we take BlueKeep, for example, this remote code execution vulnerability in the Windows Remote Desktop Services (RDPS), can have devastating consequences for organizations that fail to prepare (so be sure to download all the updated patches!).
In this scenario, a hacker can take complete control of vulnerable systems by merely sending out requests over an RDP protocol. But as companies continue to fail to complete their disaster recovery protocols, it’ll leave the door wide open for threat actors to enter.
Iran's state-sponsored hackers have also been reported to have deployed a new strain of malicious malware known as Wiper that can potentially "wipe out" enterprise technological infrastructure by deleting everything stored on the hardware.
According to David Williams, CEO at FortiTech, Cyber Security Adviser, vCISO and Technology Speaker, “looking [at it] from a client point of view, if they were on say Azure or AWS cloud infrastructure I would be looking at the backend of that to ensure unique credentials and Multi-factor Authentication (MFA) were in place. You would want to make sure any external servers were firewalled so that only ports needed are presented to the world and that any internal servers were not presented at all and instead secured away on their own LAN. End Point Detection Response (EDR – the replacement for Antivirus) and other general hardening measures should also be in place.”
Challenge two: insecure access points
One of the primary reasons why businesses adopt the cloud is to enable enhanced agility and accessibility. For example, remote working is now common because enterprise clouds can be accessed from anywhere.
However, if user interfaces don’t boast robust security, hackers will be able to find a way to exploit it. So it’ll be critical to deploy behavioral web application firewalls that analyze inbound traffic. While this approach doesn’t guarantee 100% security, it’ll go a long way to help protect your applications.
Challenge three: making security and compliance an afterthought
Sometimes, companies in a rush to digitally transform their legacy infrastructure, fail to consider security and compliance implications right from the beginning. This scenario continues to be a problem across industries for the foreseeable future.
According to Damien Mason, Expert Reviewer at ProPrivacy, “one way that companies can improve is to conduct regular third-party audits by trusted security firms. This helps to preserve trade secrets, which are unlikely to disappear any time soon while minimizing the chances of poor implementation and misconfiguration – core reasons for many of the breaches we’ve seen. They should also make use of rewarding bounty systems that encourage freelance security experts to report weaknesses, allowing the company to swiftly patch it… Security and privacy measures are not optional additions to a service; they are compulsory in 2020. Companies should be held responsible when appropriate measures have not been taken to mitigate security issues, both before and after they happen.”
While security is critical for businesses, it’s also important to consider regulatory compliance implications. General Data Protection Regulation (GDPR) violations, for example, can easily cripple small and medium-sized enterprises.
Challenge four: human error
Throughout the technological revolution, human errors have led to data breaches. Even though almost all of us are now familiar with social engineering techniques like “credential phishing,” it remains a successful tool leveraged by bad actors.
According to Mateo Meier, Founder and CEO of the cloud security company Artmotion, “in recent years, potential clients approach us to outsource their data security protocols so they would be free to focus on their business. However, while robust tools like our military-grade encryption will keep sensitive information secure in our data centers, it’s still important to always follow best practices in the current threat landscape.”
While it might come as a surprise to anyone who has worked in production environments, mistakes do happen. The larger the organization (with a wide array of different accounts), the more significant the company’s exposure to risk.
Challenge five: artificial intelligence attacks
Artificial Intelligence (AI) has come a long way. These days, speech recognition, task automation, and chatbots are everywhere, and companies are reaping the benefits.
These smart algorithms can also be leveraged to detect malicious software on networks, accelerate incident response times, or even block access completely to improve the security of an organization. Furthermore, AI helps enhance security tools and analyze streaming data much faster than humans to detect a threat.
However, at the same time, AI can increase your exposure to risk as hackers, and state-sponsored attackers are always innovating to breach enterprise systems.
That’s why experts fear that it will be only a matter of time before bad actors leverage AI to develop mutating malware that’s designed to avoid detection. This approach has the potential to create a situation where smart algorithms fight each other within your technological infrastructure.
Williams added, “cybersecurity is now an arms race with the good guys using AI to spot and combat threats and the bad guys using it to attack. The best defense is to keep up to date with the latest technologies such as AI based EDR, Firewalls and Security Event Intelligence Management (SEIM) and limit exposure to your information assets.”
So it’ll be critical in 2020 and beyond to actively mitigate risks, learn from human errors, and adapt rapidly in the fast-evolving threat landscape. It’s also essential to complete your disaster recovery plan and reexamine it (regularly).
This post was originally featured on TheNextTech.