Cybersecurity is endangering and placing customer trust at the heart of competition. As companies struggle to prioritise data privacy and security, an Oracle and KPMG Cloud Threat Report has found organisations’ patchwork approach, misconfigured services and confusion around new cloud security models has created a crisis of confidence. BusinessLine reached out to Greg Jensen, Senior Principal Director of Security, Oracle, to understand how companies can respond to the current challenging environment, since most have accelerated the movement of workloads and associated sensitive data, to the cloud.
How can organisations tackle the increased threat level, given that sensitive information is stored in the cloud?
Cloud is a great business enabler and innovation catalyst, and most IT leaders acknowledge that some public clouds are more secure than their traditional on-premise data centres. However, with more organisations looking to transform into digital-first businesses, hybrid and multi-cloud environments are on the rise. This adds to the complexity, driving the need for an organisation-wide, security-first culture.
This will help organisations shift mindset, from focussing on just leveraging the foundational building blocks of security, to a layered defence model of overlapping controls that covers the complete tech stack. Though not without its challenges, this change improves the overall security fabric of an organisation.
Cyber business fraud is huge and cybercriminals have diversified their attack vectors. How can it be curtailed?
With more business-critical applications moving to the public cloud, it is evident that organisations are getting more comfortable with the security posture of public cloud providers. Often, an organisation uses cloud applications from many different cloud providers, increasing complexity when these interconnect.
Take a look at the explosion in targeted phishing and business email compromise attacks. One of the key targets is the user credential. The use of these stolen credentials is often of business-critical applications to commit fraud.
When businesses implement effective identity controls, multi-factor authentication and behaviour monitoring/transaction controls, organisations are able to better control who, how and what is transacting within their service and provide preventative controls. With cloud security, there is need for more education on the shared responsibility model — what cloud providers need to ensure and what subscribers need to manage.
What are the main causes of data loss and how should companies address the issue proactively?
They are many causes, including cyber-attacks and misconfiguration of cloud services. Over half the survey respondents have shared configuration issues with cloud as top contributor to data loss. Many companies have started retooling their cloud security controls and processes with a focus on securing the human perimeter via strong identity and access management measures. This has led to the adoption of multi-factor authentication for their most critical cloud accounts.
One of the proactive steps organisations can implement to protect data is to implement proper role-based and time-bound access controls for users/accounts. Educating employees on best practices to safeguard unprotected cloud secrets such as passwords, API keys, encryption keys and account credentials is crucial.
What are the main sectors that report data loss?
Some of the industries more susceptible to data loss include financial services, healthcare and manufacturing, but there is simply no industry excluded from these attacks. Some say, attackers follow money, but they also follow the intellectual property, and the flow of information and look for ways to manipulate that for either financial gain of themselves, financial impact of others, or impact to reputation and brand.
Ransomware attacks are growing, proving to be a big challenge for organisations. With malware attackers demanding a ransom to restore access, what are companies doing to counter it?
There is strong data that shows that the ransomware risk is simply not reducing. For years, businesses have paid to retain access to their data, but there are now new laws coming online in key western countries that limit the company’s ability to legally make these payments as the laws are being structured to prevent companies from paying ransom.
Why? The idea is, every dollar a business pays today, is funding the development of malware technologies that will be used to obtain a multitude of dollars in the future. If we can prevent a company from paying $50,000 today, that may go a long way in preventing a future threat from getting $250,000. Businesses should continue to do their due diligence in building effective strategies to mitigate the risk.