Cybersecurity risks are a growing concern for CISO’s with increased public cloud adoption, proliferation of devices and shadow IT.
In 2019, CISO’s have growing concerns around public cloud security challenges, data breaches, security policy lapse and shortage of cybersecurity skillsets. According to a recent study, the biggest concern that CISO’s have around Public Cloud is “Uncontrolled Growth” within their enterprises.
Public Cloud offers organizations agility, faster time to market and several other benefits. Organizations of all sizes and shapes are adopting cloud to accelerate their digital transformation plans. increasingly various business teams are making their own technology decisions without involving their IT and Security teams.
This uncontrolled deployment of public cloud with minimal governance and security policies enforcement (often referred to as “Shadow IT”) is the biggest concern for CISO’s in 2019.
Traditional security measures don’t work anymore
In the traditional model, datacenters were protected by enforcing a perimeter security to block any outside attack through firewalls, secured gateways, etc.
Perimeter based security intrinsically trusts everyone on the “inside” of the network. As traditional constructs are changing with more employees accessing corporate network resources (applications and data) remotely, perimeter security measures are becoming less effective.
Companies are opting for Hybrid cloud where corporate assets in public and private cloud are communicating with each other. Despite security challenges, Containers are growing in popularity offering software development teams the ability to deliver their applications to market quickly.
All of these technologies are creating a wider surface area for cyber criminals to find security vulnerabilities in the trusted network. These malicious actors (hackers) are always searching for any gaps that exists in the trusted network and once they gain a foothold, they will move laterally through internal networks into public cloud for unfettered access to applications and data.
Lessons learnt from Top 10 Data Breaches
Some of the largest breaches had intruders traversing the internal network for months without detection. The infographic (courtesy twitter: @tscadvantage) below depicts Top 10 Data Breaches over the last 5 Years:
OPINION POLL
[poll id=”4″]
Suggested Read:
3 things CISO’s should make sure business stakeholders understand about cloud security
Relevant Tweets:
Top 5 Cyber Threats 2019
{#infographic} @jodelak#Security #cybersecurity #security #infosec #malware #CyberAttacks #threats #infosecurity #Malware #CISO #DDoS@antgrasso @KaiGrunwitz @AnsgarKaschel @TopCyberNews @cybersecboardrm @reach2ratan @CyberIntelFirst @alvinfoo @vg_fco pic.twitter.com/d77NLs2BwA— Giuliano Liguori (@ingliguori) March 31, 2019
The Ponemon Institute estimates the average global cost of a #databreach is $3.62 million, or about $141 per record. Costs in the US are nearly twice that:https://t.co/Fxyn55gk5h#ITSecurity #CyberSecurity #cybercrime #CIO #csuite #CISO #GDPR pic.twitter.com/35auBOyNlO
— Marc Wilczek (@MarcWilczek) March 31, 2019
“Cybersecurity: How to protect personal and health information from a cyberattack,” via @vtdigger: https://t.co/oi4m1URUgX #CyberSecurity #CyberRisk #CyberThreats #CyberAttack #CyberCrime #CyberAware #RiskManagement #infosec #DataSecurity #DataProtection #DataPrivacy #phishing
— TSC Advantage (@TSCAdvantage) October 29, 2018