Editor’s Question: How can organizations improve on their cloud security?

Editor’s Question: How can organizations improve on their cloud security?

The 2022 Thales Cloud Security Report reveals that 45% of businesses have experienced a cloud-based data breach or failed audit in the past 12 months, up 5% from the previous year, raising greater concerns regarding protecting sensitive data from cybercriminals.

We asked three industry experts how organizations can ensure they improve their cloud security.

Surya Varanasi, CTO, StorCentric

Surya Varanasi, CTO, StorCentric

Around the world, businesses, non-profits and government agencies are turning to the cloud, whether private, public or in a hybrid fashion, in order to reap such benefits as virtually unlimited scalability, increased efficiency, enhanced capabilities and reduced costs.

In fact, according to a recent report from Fior Markets: “The global cloud computing market is expected to grow from US$270.15 billion in 2017 to US$712.83 billion by 2025 at a CAGR of 18.46% during the forecast period from 2018-2025.”

With so much data – the virtual lifeblood of organizations – flowing into the cloud, it isn’t surprising that cloud security has risen to the top of most business and IT professionals’ priority lists, alike. And, with increasingly aggressive ransomware and other cybercrime consistently making headlines, it is clear that cloud security won’t be knocked from its top priority position anytime soon.

The Verizon Business 2022 Data Breach Investigations Report voiced its concern regarding “the alarming rise in ransomware breaches, which increased by 13% in a single year – representing a jump greater than the past five years combined.”

So how can organizations improve their cloud security? The ideal answer can be found in a layered defense that includes protection and detection solutions, as well as Unbreakable Backup to ensure the ability to recover.

Today, it is common for backups to be a cybercriminals’ first target via ransomware and other malware.

However, an Unbreakable Backup solution provides organizations with two of the most difficult hurdles for cybercriminals to overcome – immutable snapshots and object locking.

Immutable snapshots are by default, write-once read-many (WORM) but now some vendors have added features like encryption where the encryption keys are located in an entirely different location than the data backup copy(ies).

And then to further fortify the backup and thwart would-be internal and external criminals, with object locking layered on top of that, data cannot be deleted or overwritten for a fixed time period, or even indefinitely.

Brian Dunagan, Vice President of Engineering, Retrospect, a StorCentric Company

Brian Dunagan, Vice President of Engineering, Retrospect, a StorCentric Company

Ransomware continues to hamper businesses around the world, locking them out of their business workflows and demanding exorbitant payments. With the availability of Ransomware-as-a-Service (RaaS), those attacks have become even more frequent, targeting ever-wider segments of businesses.

Organizations need tools to defend themselves, both to protect their data and to detect early signs of intrusion. And, they need to be able to recover quickly and affordably, should they experience a successful attack. And the truth is that today, it is not really a question of if an organization will be successfully breached, but more realistically simply a question of when.

ThoughtLab recently announced the findings of it 2022 cybersecurity benchmarking study, which revealed: “The number of material breaches respondents suffered rose 20.5% from 2020 to 2021, and cybersecurity budgets as a percentage of firms’ total revenue jumped 51%, from 0.53% to 0.80%.”

Yet: “29% of CEOs and CISOs and 40% of chief security officers admit their organizations are unprepared for a rapidly changing threat landscape.”

Organizations can best improve their cloud security with a backup solution that offers anomaly detection and backup comparison. Businesses need to understand not only what is in a backup but what changed between backups.

Using anomaly detection and backup comparison, administrators can identify exactly which files changed to signal an anomaly and evaluate their contents to isolate valid ransomware infections.

Next, organizations need to be able to do OS compliance checks. ​​Many ransomware variants depend on unpatched systems for infiltration. Retrospect Backup now utilizes its extensive footprint to aggregate system information and identify systems that are out of compliance with the latest version of each operating system.

The ideal backup solution should also support configuration encryption and multi-factor authentication combined with a password prompt. That way, even if an attacker gains administrative access to the computer where the backup runs, they will not be able to access the program or the configuration files.

Last but certainly not least, the backup should enable flexible immutable retention periods, alerting the organization when a file is leaving its retention period, and enabling the organization to choose if that is satisfactory or if the retention period must be extended.

Don Boxley, CEO and Co-Founder, DH2i

Don Boxley, CEO and Co-Founder, DH2i

In a recent article from Gartner, it stated: ‘Hybrid work and digital business processes in the cloud have introduced new risks. At the same time, sophisticated ransomware, attacks on the digital supply chain and deeply embedded vulnerabilities have exposed technology gaps and skills shortages…’

Gartner went on to state that of its ‘Seven Top Trends in Cybersecurity in 2022’ attack surface expansion was number one.

I was not surprised to read this finding, as it echoes what we are hearing from our channel partners and end-customers. The traditional network perimeter is a thing of the past. Employees are no longer housed behind four walls. Today, employees and strategic partners require remote access from globally distributed external locations. And, your apps and data now run anywhere from a central office location, across multi-sites and multi-clouds, all the way out to the Edge.

Unfortunately, traditional approaches such as VPNs have proven themselves unreliable for this new reality. All one needs to do is Google ‘VPN data breach’ to see this statement validated in the latest headlines.

VPNs are complicated to set-up and manage and need expensive dedicated appliance/routers. Maintaining ACLs and firewall rules have proven near impossible. And VPNs can introduce performance issues. However, when it comes to data protection and security, VPNs inherently create larger lateral attack surfaces, exponentially increasing data breach vulnerability.

What is required instead is an unVPN security solution. In other words, a security solution that can ensure Zero Trust Network Access (ZTNA). This can be accomplished today through the use of a software defined perimeter (SDP) solution which permits users to access only authorized apps, not a slice of the network, thereby eliminating the possibility of any lateral movement.

SDP can enable data to flow directly between users, sites and clouds using application level DTLS encrypted ZTNA tunnels and Public Key Authentication. And SDP can utilize randomly generated non-standard UDP ports to make the tunnels and servers untrackable and invisible to port scanners and other hacking tools.

SDP is not only the most secure solution, it also enables higher performance and cost avoidance. With no intermediate brokers, tunnels are direct which means superior performance. And, whereas traditional networking tools for multi-site connectivity are typically complex and expensive to maintain – especially for clouds – since SDP is an unVPN solution, it doesn’t require dedicated VPN appliances.

And, for cloud connectivity, users do not have to pay cloud vendors an hourly VPN fee to allow users to connect. And then, costly direct links and VPNs can be phased out for even more savings.

Browse our latest issue

Intelligent CISO

View Magazine Archive