Cloud computing is driving a revolution in the way we work and do business, making IT more efficient and cost-effective. It is being widely adopted across many industry sectors and it is becoming the new normal. Business and data analytics, data storage and data management are projected to lead cloud adoption in 2017 and beyond. Thus, it isn’t surprising that cloud computing is one of the fastest growing sectors in technology, with the IDC predicting that the sector will grow from $70 billion in 2015 to more than $140 billion by 2019.
But as organisations adopt hybrid infrastructures that include on-premise, private and public clouds, it’s also opening companies up to new types of cyber threats as well as security vulnerabilities. As enterprises continue to store vast amounts of data in the cloud, they become very attractive targets for cybercriminals. According to Cloud Security Alliance, the 12 biggest cloud security threats, which they call the Treacherous 12, are as follows:
Data breaches
Insufficient identity, credential and access management
Insecure interfaces and APIs
System vulnerabilities
Account hijacking
Malicious insiders
Advanced persistent threats
Data loss
Lack of due diligence
Abuse and nefarious use of cloud services
DDoS attacks
Shared technology issues
First and foremost, businesses that operate in the cloud need to acknowledge that security risks are intrinsic to this way of working. It’s crucial for companies to develop clear security guidelines and train their employees on the best practices of cyber security, have adequate data backup measures as well as perform regular risk assessments to keep up on potential threats in order to secure their data. They should also deploy additional security software to protect data and applications in the cloud. But as the frequency and complexity of cyber threats grow and more and more applications move to the cloud, it’s becoming increasingly difficult for enterprises to secure their data using a traditional approach.
To combat the latest evolution of threats, cybersecurity companies like Symantec are driving a new definition of web and cloud security. As a good example, Symantec Web & Cloud Security delivers an integrated set of compliance and security services to unify access governance, secure information and protect the enterprise. By integrating advanced threat protection, CASB SaaS Controls, web risk and data security into their web gateway solutions, they hope to provide a simple path for organizations to safely adopt cloud applications and architectures.
With a comprehensive and holistic approach to security, businesses are able to take full advantage of the cloud in the safe knowledge that their critical information is secure and protected.
