In this week’s blog post, we are sharing insights based on our latest interview with Sagi Brody is a thought leader and CTO at Opti9, a leading hybrid cloud solutions provider in North America. He is an expert in all aspects of the cloud and interconnection industries, specialising in digital evolution, data recovery, and compliance. He is a renowned industry leader and is highly sought after to provide insight and guidance on the latest cloud technologies and best practices.
Our topic for today is how organisations can implement effective cloud cyber security solutions and the misconceptions around the technological advancements.
What are the pitfalls of people making incorrect technological assumptions and how can they be avoided?
Technology is developing rapidly and the language used to describe it is often unclear. Terms like “cloud” and “managed services” are too vague and vendors can take advantage of this by redefining them as they please. Cloud services and software as a service (SaaS) are great for convenience and ease of use, but many people assume that their data is automatically secure, resilient, and backed up. Unfortunately, this is not always the case. Additionally, when you use a cloud service, your data is stored on a remote server or servers. This means that if the server is hacked, your data is at risk. If the server goes down, your data can also be lost.
For example, with Microsoft Office 365, there are no built-in backups. The devil is in the details; while Microsoft provides resilience and redundancy, there is no way to restore email from two or three weeks ago. People wrongly assume that using cloud or SaaS products will solve all their problems. Organizations should create standards around security, resilience, and compliance and make sure these platforms meet their requirements before adoption. Otherwise, they may find themselves trying to make them conform after the fact.
Who Is the Decision Maker When It Comes to Implementing New Technology
The decision maker when it comes to implementing new technology is usually the person who is in charge of the company’s IT department. They will be the one who decides which new technology to use and how to implement it. The type of firm and sector often determine which personnel are responsible for making decisions on such topics, with CIOs, infrastructure, and tech personnel usually being the ones in charge. Organizations often avoid taking on responsibility for disaster recovery or backups, instead opting for a vendor to be bound by an SLA through a contractual arrangement. The landscape of IT is becoming more complex, with data and applications spread across different platforms. The goal of IT is to push for simplicity, so that the infrastructure is secure, compliant and resilient. One way to achieve this is to outsource some responsibilities to vendors with experience in the field. Alternatively, there are companies with huge IT teams who want to own the responsibilities themselves. Ultimately, it’s important to acknowledge what you want to be responsible for, and have a conversation about it.
What Should Companies Do Differently to Improve Their Cyber Security?
Many organisations and individuals have a mistaken sense of security. From CEO level to non-technical folks, they may think that having backups will protect them from a cyber attack or ransomware attack or disaster recovery scenario. But that is not entirely true. We witnessed the Colonial Pipeline ransomware incident in the US approximately one year ago. Many people don’t realize that their sense of security is inadequate.
There are a few things that companies should do differently in order to improve their cyber security. First and foremost, companies should put in place a strong cyber security policy. This policy should be well-communicated to all employees and should include clear guidelines for how employees should conduct themselves when online. Additionally, companies should implement a robust cyber security system. This system should include a variety of measures, such as firewalls, intrusion detection systems, and data encryption. Finally, companies should regularly update their cyber security software and firmware. This will ensure that they are protected from the latest security threats.
Companies should be aware of the possible scenarios and have run-books ready to address them. As attackers become more sophisticated, they are targeting backup and disaster recovery tools to try and get ransom payments, so to tackle this issue companies can also make use of tools that can detect suspicious behaviours such as disabling backups, removing encryption, or changing a retention policy. Such technology has been warmly welcomed by the industry and has enabled companies to be agile and responsive to the needs of the market.
Misconceptions About Cloud Cybersecurity
There are a few major misconceptions about cloud cybersecurity that need to be addressed. The first is that the cloud is immune to cyberattacks. The reality is that the cloud is a target for cyberattacks just like any other networked system.
Second misconception about cloud cyber security is related to the human aspect of security — the social engineering that cannot be automated. People often think that contracting a security vendor, like a managed security service provider, will provide them with complete security, but that is simply not the case. No security vendor can guarantee a hundred percent that their clients will not be hacked. A holistic approach is needed with both proactive and reactive capabilities, integrated and working together with a security vendor and disaster recovery vendor offering incident response as a team. Organizations need to be prepared with a disaster recovery strategy in case of a hack, because while preventative measures are necessary, they are not enough. In the event of a hack, organizations must be able to decide which would be less painful — paying a ransom or initiating their recovery plan. If they don’t have the confidence in their plan, then they don’t really have a good cybersecurity plan or strategy.
Cloud Cybersecurity Trends for the Future (2023 and Beyond)
Cloud security is a rapidly growing field with a number of trends. One trend is that more businesses are moving their data to the cloud. Cloud allows businesses to access their data from anywhere, and it is often more cost effective than using traditional methods. However, this means that more data is stored in remote locations, which makes it more vulnerable to attack.
Another trend is the increasing use of artificial intelligence (AI) in cyber security. AI can help identify and prevent attacks before they happen. The complexity of today’s technology has increased to the point where it’s impossible to keep track of random alerts. There is too much noise, too many systems, and too much complexity. That is why the trend of observability is gaining traction, as it uses machine learning and artificial intelligence to detect anomalies and understand what is normal for a specific organization. For example, an AI can recognize that receiving 30 alerts during a week is normal and only notify the user of any suspicious anomalies outside of this baseline. This is why many modern tools are leveraging artificial intelligence to better detect anomalies.
Should You Keep Cybersecurity In-House or Outsource It?
There are numerous tools and services available today that can help organizations bring cybersecurity in-house. To determine what capabilities should be in-house and what should be outsourced, CSOs should consider the size and capabilities of their organization. For larger organizations with a CISO and security team, they should look for best-in-class individual vendors to handle different layers of the security landscape and build a flexible model or reference architecture that allows them to mix and match and replace individual best-in-class components, so that everything is working properly and securely. For smaller organizations that may not have a security team or a CISO, a managed service provider should be sought out to ensure full coverage and wide coverage. This allows for better coverage if there is no in-house team, as the managed service provider can provide the necessary expertise and resources.
The main takeaway is to avoid assumptions and understand what responsibility each cloud provider or SaaS platform is required to fulfill. This includes Salesforce, QuickBooks, Azure, Office 365, and other cloud providers. They all have their own shared responsibility models and it is important to understand the security, resilience, and compliance elements that you are responsible for and what the vendor is responsible for. It is important to avoid any misunderstandings by understanding these responsibilities beforehand, rather than after something has already happened and then asking “I thought you were responsible for that?”
Second takeaway is for risk management. These days, complexity is a killer, and all of the decisions that the IT department and individual business units make around technology are related to potential risk. To do a better job, risk management teams need to hold all of the business units accountable to certain risk standards and requirements that they must adhere to before making business decisions around platforms or vendors. It may sound oversimplified, but it is common to see development teams using platforms for testing that end up becoming production-critical components.
Lastly, it’s a hybrid world today in terms of cloud computing, and there isn’t one best platform. People often ask which cloud is the best for them, but the answer depends on their use case and requirements. Saying one cloud is better than another doesn’t demonstrate a good understanding. Building a reference architecture that adheres to standards for security, compliance, and risk is more important. This architecture should enable the consumption of multiple clouds and platforms and make it appear as if they are part of the local environment. To achieve this, a flexible IT and networking model is needed to mix and match platforms for different use cases.
Organizations must have the necessary knowledge and assets to ensure the reliability and security of their IT systems as they keep on taking on cloud and its associated technologies. As the Global Risk Community team, we thank Sagi Brody for his expertise and insight into effective cloud cyber security solutions and the misconceptions around the technological advancements.
More information about this topic is available in our original interview, which is accessible here.
#risk #saas #cybersecurity #cloud #technology