In the first of a three-part series, we outline the importance of maintaining a good cloud security posture and discuss potential cloud security risks.
What is cloud security?
Cloud security is the implementation of security controls to protect confidential information stored in cloud environments and reduce the risk of data breaches.
Effective cloud security involves regularly assessing and hardening defences, ensuring broad threat visibility and rapidly responding to threats.
Why is cloud security important?
Cloud security is important for organisations that use cloud infrastructure, cloud platforms and cloud services.
According to recent research, 94% of enterprises now operate in the cloud. Those that fail to prioritise security are leaving themselves vulnerable to cyber threats.
Data breaches and other incidents, such as ransomware attacks, can have a significant impact on an organisation’s reputation, ability to retain customers and financial performance. Data loss or exposure caused by ineffective cloud security can also prevent companies from fully meeting their compliance responsibilities.
Prior to the Coronavirus crisis, the cloud had an increasingly important role in many workplaces. However, reliance on SaaS applications such as Microsoft Teams and Zoom grew significantly throughout the lockdown phase due to the flexibility these solutions provide for remote working.
A recent survey revealed that 87% of IT decision makers think the COVID-19 pandemic will lead to an increase in migrations to the cloud. The research also reveals that nearly three-quarters of respondents believe 95% of workloads will be in the cloud within the next five years.
Who is responsible for cloud security?
Cloud security is the responsibility of both the organisations which provide cloud infrastructure, services and applications and the companies and employees using them.
In the shared responsibility model, cloud providers such as AWS, Microsoft and Google take responsibility for the security of the cloud while organisations are responsible for security of the data they upload to it.
This puts organisations under obligation to ensure that appropriate controls are in place to protect and continuously monitor the security of data.
Understanding cloud security risks
While cloud security offers a range of benefits, organisations must balance these against a variety of potential security risks, including:
A greater attack surface
Cloud computing increases an organisation’s attack surface and potential vulnerabilities. Concerns about cloud security are so acute that cloud misconfigurations are considered a data security risk by 95% of IT decision-makers in the UK.
Data breaches are a common consequence of poor cloud security management. Even if an organisation meets all of its responsibilities, it can still be harmed by a data breach due to errors made by third party suppliers. The loss or theft of intellectual property has the potential to be highly damaging. A survey of over 3,200 IT managers suggested that 70% of companies using major cloud computing vendors were hacked or had their data exposed in 2019.
Cloud services put more control into the hands of employees. While this offers greater flexibility, it also increases the risk of inappropriate content being shared or confidential data being stolen or accidentally exposed.
Research by Kaspersky Lab has shown that 90% of security incidents in public cloud infrastructure are caused by employees being manipulated by social engineering attacks rather than by errors made by cloud providers.
Malware and ransomware infections
When companies put data and services in the cloud, they often mistakenly believe that their data is automatically backed up and that it’s safe in the event of a disaster. However, this isn’t always the case.
Ransomware most commonly infects the cloud when it originates on a local computer and is synced to the cloud. This can result in backed-up data being compromised.
Attackers are increasingly targeting cloud back-ups and providers of cloud services. One recent example of this is the cloud computing provider, Blackbaud. In May 2020, the company was the subject of a ransomware attack which spread to over 120 of its customers across the education and not-for-profit sectors
While Blackbaud managed to prevent the attack from encrypting its files, it chose to pay the ransom demand in response to the hackers stealing data from its network and threatening to publish it online.
Poor management of data and key controls puts organisations at risk of failing to meet compliance requirements such as the GDPR, leading to significant fines and other sanctions.
Cloud security statistics
• 93% of enterprises have a multi-cloud strategy while 87% have a hybrid cloud strategy.
• 60% of organisations use cloud technology to store confidential data.
• 66% of IT professionals see security as their most significant concern in adopting an enterprise cloud computing strategy.
• While 48% of corporate data is stored in the cloud, only 32% of organisations take a security-first approach to data storage in the cloud.
• 70% of organisations have experienced a public cloud security incident in the last year, including ransomware and other malware (50%), exposed data (29%), compromised accounts (25%) and cryptojacking (17%).
Alleviating your cloud security concerns
Given the wide range and evolving nature of cloud security risks, addressing them can prove problematic. With so many challenges to contend with, working with an experienced cloud security partner can be highly beneficial. Many organisations are turning to managed security service providers to reduce the strain on employees and help continuously identify and respond to threats.
Why choose Redscan?
Redscan is an award-winning provider of cloud security services that enable organisations make tangible, lasting improvements to the security of their cloud environments.
ThreatDetect™, our Managed Detection and Response service, combines industry-leading security expertise, the latest cutting-edge technologies and aggregated security intelligence to detect, respond to and help remediate threats across networks, endpoints and cloud environments