ISG expert outlines cloud assessments and cybersecurity strategies to protect cloud-based workloads during ITPro
Cloud assessments can significantly limit cyberattacks on cloud platforms – the target of nearly half the breaches in 2021 – an expert with Information Services Group, a leading global technology research and advisory firm.
Latest Aithority Insights : NVIDIA Raises the Standard of Low Code DevOps with the NVIDIA AI Enterprise 2.1
“Significant breaches, which were initiated through phishing attacks leading to compromised credentials, are case studies in the dangers of deploying cloud platforms and software-as-a-service (SaaS) platforms without a well-thought-out cybersecurity strategy and a cyber architecture built for the cloud.”
In a keynote address during Meeting the Challenge of Modern Security Threats in the Cloud, a virtual event hosted by IT Pro Today and InformationWeek, Doug Saylors, partner and co-lead of ISG Cybersecurity, said enterprises often assume cloud platforms deliver automatic risk management capabilities.
“The most common error we see in large organizations is a belief that adopting cloud platforms automatically includes risk transference. In fact, this is rarely the case,” Saylors said. “Basic cloud capabilities like server images, storage, backup and containers all require the same protections as on-premises assets.”
Human error continues to be a main driver of cyber breaches, impacting enterprises through stolen credentials, phishing and misuse, Saylors said. Cloud assessments expose these weaknesses and allow organizations to mitigate them before attacks occur.
Browse The Complete News About AI : Anari AI Launches Thor X to Enhance Cloud-based 3D Applications
“Nearly half (45 percent) of cyber breaches in 2021 occurred through attacks on cloud platforms,” Saylors said. “Significant breaches, which were initiated through phishing attacks leading to compromised credentials, are case studies in the dangers of deploying cloud platforms and software-as-a-service (SaaS) platforms without a well-thought-out cybersecurity strategy and a cyber architecture built for the cloud.”
Organizations are rapidly moving to multi-cloud environments, driven by business demand and the need to optimize the cost of running workloads. Enterprises that regularly conduct cloud security assessments using third parties and industry-standard frameworks can limit potential attacks to very narrow cloud segments, he said.
“Unfortunately, cybersecurity is rarely engaged on the front end of cloud transformation programs,” Saylors said. “Cloud storage does not guarantee immutability. Chief Information Security Officers must ensure compliance with required cyber policies to limit risk to the organization.”
Saylors recommended enterprises tailor and conduct basic cybersecurity maturity assessments leveraging standard frameworks to provide an enterprise-wide view of cyber maturity. Organizations should also assess their resiliency, their cloud-specific operational maturity, their detailed technical environment, and quantify the risk of financial loss for critical assets.
Future of AI-driven Customer Relationship: Microsoft’s Viva Sales and the Future of AI-driven Customer Relationship and Experience Management
[To share your insights with us, please write to sghosh@martechseries.com]
Comments are closed.