DigitalCIO
No Result
View All Result
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
DigitalCIO
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
No Result
View All Result
Digitalcio
No Result
View All Result
Home Archive

How to Secure Your Cloud from Cyberattacks

DigitalCIO Bureau by DigitalCIO Bureau
August 20, 2023
in Archive
0
74
SHARES
1.2k
VIEWS
Share on FacebookShare on Twitter

Security will be the crucial factor for the cloud platforms across Industries. Read on to know more about it…

The coronavirus lockdown has forced many organizations to turn to the cloud more quickly and fully than otherwise intended. This type of frenetic rush toward cloud-based services also can easily lead to confusion and misconfiguration, both of which make organizations greater targets for cybercriminals.

The concerns of organisations particularly in the current scenario of constant disruption. The disruptive forces could be in the form of unprecedented events like data theft, ransomware, malware, and other cyberattacks.

Survey Report
A report released by security provider IBM X-Force describes the types of threats that impact cloud security and how companies can better protect their cloud-based assets. Based on a survey of senior business and IT professionals, IBM’s “2020 Cloud Security Landscape Report” found that while the cloud can empower certain business and technology capabilities, the type of ad-hoc management of cloud resources is causing increased complexity for IT and security staffs.

As one example, the issue of security ownership is one that often creates confusion. Among the respondents, 66% said they rely on cloud providers for baseline security. A full 73% said that public cloud providers were the primary party responsible for securing software-as-a-service (SaaS). And 42% pointed to providers as the main party responsible for security cloud infrastructure-as-a-service (IaaS). While a shared security responsibility is typically the right model for cloud environments, the failure to define this process and create specific policies can easily amp up the risk of security threats.

Misconfiguration issues are another problem that can occur amid the rush to the cloud. The failure to properly configure a cloud environment and any resulting data leaks can help cybercriminals capture sensitive files and information. In 2019, cloud misconfiguration problems led to the loss of more than 1 billion records in compromised environments, according to X-Force.

Significant Threats
Cybercriminals motivated by financial gain were the most common group targeting cloud environments. However, nation states also were a pervasive threat. Attackers used cloud resources to ramp up cryptomining and DDoS campaigns and to host malicious websites and operations.

Criminals used cloud-based applications as a popular entry point for their attacks, employing such strategies as brute-forcing and exploiting vulnerabilities and misconfigurations. Certain vulnerabilities can remain hidden due to “Shadow IT,” a practice that occurs when employees sneak past IT and approved channels to use their own unauthorized apps and services.

Ransomware was used more than any other type of malware in cloud environments, followed by cryptominers and botnet malware. Outside of malware, data theft was the most common activity found in compromised cloud environments with the loss of all kinds of data from personally identifying information (PII) to client-related emails.

Mitigation
To help organizations better protect their cloud-based environments and assets, X-Force has the following recommendations

1. Establish collaborative governance and culture: Adopt a unified strategy that combines cloud and security operations across application developers, IT operations and security. Designate clear policies and responsibilities for existing cloud resources as well as for the acquisition of new cloud resources.

2. Take a risk-based view: Assess the kinds of workloads and data you plan to move to the cloud and define appropriate security policies. Start with a risk-based assessment for visibility across your environment and create a roadmap for phasing cloud adoption.

3. Apply strong access management: Leverage access management policies and tools for access to cloud resources, including multi-factor authentication, to prevent infiltration using stolen credentials. Restrict privileged accounts and set all user groups to least-required privileges to minimize damage from account compromise (zero-trust model).

4. Have the right tools: Ensure that tools for security monitoring, visibility, and response are effective across all cloud and on-premises resources. Consider shifting to open technologies and standards that allow for greater interoperability between tools.

5. Automate security processes: Implementing effective security automation in your system can improve your detection and response capabilities as opposed to relying on manual reaction to events.

6. Use proactive simulations: Rehearse for various attack scenarios. This can help identify where blind spots exist and also address any potential forensic issues that may arise during attack investigations.

Tags: Artificial Intelligence and Machine LearningBig Data and AnalyticsBlockchainCloud ComputingCybersecurityDigital TransformationE-booksInfographicsInternet of Things (IoT)Panel DiscussionWebinarsWhitepaper
Share30Tweet19
DigitalCIO Bureau

DigitalCIO Bureau

Recommended For You

Vats Srivatsan named Interim CEO of WatchGuard Technologies

by DigitalCIO Bureau
May 8, 2025
0
Vats Srivatsan named Interim CEO of WatchGuard Technologies

WatchGuard Technologies Chief Executive Officer (CEO) Prakash Panjwani will transition out of his operational role, continuing to serve on the Board of Directors and as a strategic advisor...

Read moreDetails

Google 2024 Ads Safety Report: AI plays key role in safer advertising ecosystem

by DigitalCIO Bureau
April 19, 2025
0
Google 2024 Ads Safety Report: AI plays key role in safer advertising ecosystem

Google has released its 2024 Ads Safety Report, demonstrating how it is using advanced AI technology to create a safe and responsible advertising ecosystem. A notable finding from...

Read moreDetails

Proofpoint Named a Leader in 2024 Gartner Magic Quadrant

by DigitalCIO Bureau
December 26, 2024
0
Proofpoint Named a Leader in 2024 Gartner Magic Quadrant

Proofpoint announced it has been named a Leader in the 2024 Gartner Magic Quadrant for Email Security Platforms. The Gartner Magic Quadrant for Secure Email Gateways was last published in...

Read moreDetails

Tenable Adds New Features To Security Center

by DigitalCIO Bureau
December 20, 2024
0
Tenable Appoints Shai Morag As Chief Product Officer

Tenable has announced new vulnerability intelligence, risk prioritization and web application scanning features for Tenable Security Center, the world’s #1 vulnerability management solution managed on-premises. Tenable Security Center identifies, investigates...

Read moreDetails

Commvault Unveils innovation facility in Coimbatore

by DigitalCIO Bureau
November 12, 2024
0
Commvault Unveils innovation facility in Coimbatore

Commvault announced the launch of an advanced, facility in Coimbatore, Tamil Nadu. This facility, which complements Commvault’s existing operations in Bangalore and strengthens the company’s presence in India,...

Read moreDetails
Next Post

Microsoft's venture fund sets up office in India

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Related News

InfoVision Launches Advanced Media Analytics Platform AlphaMetricx

InfoVision Launches Advanced Media Analytics Platform AlphaMetricx

November 23, 2024
NSDC and Autodesk partner with Upskilling startup Novatr to Foster Skill Development

NSDC and Autodesk partner with Upskilling startup Novatr to Foster Skill Development

February 21, 2024
CrowdStrike to Acquire SaaS Security Provider Adaptive Shield

Cognizant And CrowdStrike To Drive Enterprise Cybersecurity Transformation

January 21, 2025

Browse by Category

  • Acquisition
  • Appointment
  • Archive
  • Artificial Intelligence
  • CIO Interviews
  • Cloud
  • Datacenter
  • Events and Conferences
  • Market Insights
  • News
  • Opinion and Analysis
  • Products
  • Resources
  • Security
  • Storage
  • Tech News
  • Telecom
Digitalcio

Welcome to DigitalCIO, your ultimate source for staying ahead in the ever-evolving world of technology and business.

BROWSE BY TAG

Acquisition AI Appointment artificial intelligence Artificial Intelligence and Machine Learning AWS Big Data and Analytics Blockchain CISCO Cloud Computing Cloudflare Commvault CrowdStrike Cybersecurity Dell Technologies Digital Transformation Dynatrace E-books Fortinet Gartner GenAI Generative AI Google Cloud HCLTech Honeywell IBM Infographics Internet of Things (IoT) Kaspersky Microsoft Netskope Nutanix Palo Alto Networks Panel Discussion Qlik Salesforce Schneider Electric ServiceNow Sophos Tenable Veeam Veeam Software Vertiv Webinars Whitepaper

CATEGORIES

  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
  • Archive

NAVIGATION

  • Home
  • About Us
  • Advertise with Us
  • Contact Us

© 2024 digitalcio.in - All rights reserved.

No Result
View All Result
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources

© 2024 digitalcio.in - All rights reserved.

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?