The risk of cybersecurity attacks as workloads move to the cloud
- 08 June, 2018 14:11
Many IT organisations have shifted their focus from cloud migration to cloud operations. While most expect cloud infrastructure to bring about improved security, a recent report from the Ixia Application Threat Intelligence (ATI) Research Centre suggests a darker truth hiding behind the silver lining of the cloud.
According to Ixia’s 2018 security report, data breaches are up by 45 percent and nearly three quarters of organisations have had one or more serious security misconfigurations. This shows how security practices are trailing behind mainstream adoption of cloud operations.
Spending on cloud computing continues to grow. Nearly all organisations have workloads in one or more clouds, and are all facing challenges with security and compliance in this hybrid environment. The survey found that more than 90 percent of IT professionals responsible for their organisation’s public and private cloud environments are concerned about data and applications security in the cloud. With such uniform concern around security and data privacy in the public and private cloud, the results of the report make it clear that a better process for achieving cloud security is a must-have for organisations of all sizes.
The security report also revealed that the combination of cloud growth and a high number of security misconfigurations suggests we will see more breaches where cloud is the perpetrator in 2018 and beyond. Many IT leaders are turning to a multi-layer security approach to combat the challenges of an ever-expanding attack surface. However, as cyberattacks evolve, organisations should focus more on visibility and detection. To reduce the risk of business disruption and potential data breach, organisations need to understand the risks involved in cloud infrastructure and deploy security analysis and threat detection solutions to combat attackers.
Organisations that use public cloud infrastructure allow cyberattacks to target the cloud provider as well as the provider’s other clients. Most providers employ strong security measures, but they still face the same threats as traditional networks. The only difference is that, on the public cloud, users don’t have as much control over what can be done to safeguard against these threats. The scope and monetary value of a successful attack on shared infrastructure can be extremely attractive to hackers and cyber terrorists.
According to the report, most serious attacks include:
• Data breaches: if a cloud provider suffers a data breach, users may suffer exposure of sensitive customer information that could lead to serious financial or legal consequences.
• Denial of service: these attacks take advantage of vulnerabilities in servers, databases, or other resources to disrupt a cloud service, sometimes as a distraction while another attack is taking place.
• Insecure interfaces: the connectors of digital devices are the most exposed part of any system and are frequently targeted. If this is compromised, an attacker can get access to virtually anything.
• System vulnerabilities: in multitenant computing, vulnerabilities in one environment can lead to an attack on an adjacent tenant with shared resources. The source is often poorly implemented or unpatched software.
Moving to public cloud eliminates the burden of operating the infrastructure, but organisations are still responsible for the security, availability, and performance of their services, no matter whose equipment they run on. Cloud adopters must make sure their security solutions have all the data and metadata they require to defend against security breaches, data loss, and business disruption.
One of the biggest challenges for security professionals today is to get network information they need, when they need it, so they can make informed decisions about network security and problem resolution. The solution to this is adequate network visibility. When organisations can’t see some segments of a network or certain types of traffic, they won’t know when their network has been breached. Achieving full visibility helps address the fundamental security concerns that teams have. With a proper visibility architecture in place, teams will be able to see exactly what’s happening in their network. Access to the right data offers huge value for managing network security.
Jeff Harris is VP, portfolio marketing, at Keysight Technologies.