Todas las entradas hechas por ericoneill

Why the future of cybersecurity is in the cloud

For decades we have feared the cloud.  During my time working counterintelligence for the FBI, we feared the Internet so much that agency computers functioned solely on an isolated intranet connected via hard cables.

It’s no wonder to me that that government has still not embraced the unlimited processing power cloud computing affords.  But despite the fact that utilisation of the cloud has become ubiquitous – we store our photos and memories, email accounts, business files and our very identities there – many companies fear the cloud: how can I control and secure my information if I give it to someone else?

This concern has made cloud computing one of the more polarising issues for IT professionals.  Many opponents of the cloud point to the fact that not all cloud services are equal in their dedication to security:

  • Poor configuration of the cloud can lead to circumvention of internal policies that classify sensitive data and protect access to it
  • Not all cloud services offer strong authentication, encryption (both in transit and at rest) and audit logging
  • Failure to isolate a user’s data from other tenants in a cloud environment together with privacy controls that are not robust enough to control access
  • Failure to maintain and patch to ensure that known flaws are not exploited in the cloud service

According to the 2017 Cost of Data Breach Study: Global Overview (Ponemon Institute, June 2017), the average total cost of a data breach is $3.62 million. The average cost for each lost or stolen record containing sensitive and confidential information is $141.  While these costs decreased overall from 2016 to 2017, the numbers remain astronomical, particularly to small businesses who may be unable to recover from data breach liability.  No industry is safe from cyberattacks and cyberattacks continue to grow, year after year.

Cloud security must grow and evolve to face these threats and provide a bulwark of defence for the consumers that leverage the efficiencies and advantages cloud services provide.  In addition to offsetting the fear highlighted above through good security practices by the cloud security vendor, cloud services can take security one step further.  Cloud services can not only secure data within the cloud, but can leverage the transformative cloud industry to secure the endpoint users that use the service.

Cloud security is the future of cybersecurity

Cyberattacks like the WannaCry/NotPetya pandemic and the extraordinary growth of ransomware are often launched by sophisticated attackers – sometimes state sponsored – that bowl over traditional and legacy security.  The modern attackers are cyber spies that use traditional espionage tactics, together with innovative and disruptive malware to bypass passive, defence-based security measures.  To defeat such attacks, security must transform itself into an active profile that hunts today’s attacks as aggressively as it predicts the threats of tomorrow.

To predict and defeat attacks in real time, cybersecurity must move to the cloud. The cloud can leverage big data and instant analytics over a large swath of end users to instantly address known threats and predict threats that seek to overwhelm security. 

Cloud security must create a collaborative approach that analyses event streams of normal and abnormal activity across all users to build a global threat monitoring system.  Because many different users leverage the same cloud environment, cloud security is particularly suited to building a collaborative environment that instantly predicts threats through a worldwide threat monitoring system and shares threats among all users under the cloud umbrella. 

Cyberattacks continue to disrupt our way of life with innovative new approaches to seeding malware and stealing our data.  Security must in turn actively work to disrupt the cyber spies, attackers and terrorists through a collaborative security approach that leverages the big data and analytics that thrive within the cloud.  We’ve come a long way from my days on the FBI Intranet.  It’s time to fully embrace the future of security.  That future is within the cloud.

The good news is that the future of cloud security is now.   Predictive security in the cloud has innovated security in a manner that will frustrate cyber spies for years to come. This technology collects and analyses unfiltered endpoint data, using the power of the cloud, to make predictions about, and protect against future and as-yet unknown attacks.  This means predictive security in the cloud can identify attacks that other endpoint security products miss, and provides visibility into attacks that evolve over time.  In other words, it gives you the ability to hunt threats before the attacker begins to hunt you.

This new approach to security will not just level the playing field between the attacker and security teams, it will shift the balance in the opposite direction and provide security with an advantage.  Cyberattacks rely on stealth and surprise to disrupt, destroy and steal – the tools of a spy. Predictive security in the cloud works like a counterintelligence agency that hunts the spies before they attack.  This innovative approach is the next generation of security.