Fast track digital transformation has opened new doors for organizations to generate maximum value for their businesses. Cloud Computing is one of the key enablers for this rapid adoption of digitalization. It is expected that this rapid digitalization will have a ripple effect, with the potential to transform multiple industries across the globe.
According to the Thales Cloud Security Report, 45% of businesses have gone through some sort of cybersecurity breach in the last year. This is an alarming situation for businesses, whereby the C-suite of organizations are working hard to improve their company’s security postures.
In this post, we will discuss the insightful perspectives of industry experts and see what digital security measures they recommend, in order to minimize the impact of cyberattacks.
Strong Cybersecurity Backups, a Perspective of Brian Dunagan, Vice President of Retrospect, a StorCentric Company
Ransomware is one cybersecurity problem that has absolutely shaken the business world. In ransomware, the cybercriminal hacks into the victim’s system or entire network, blocks important operations or exfiltrates sensitive/confidential data, and demands a ransom in exchange for its recovery.
The illegal use of technology has enabled cyber criminals to come up with attack vectors like Ransomware-as-a-Service (RaaS). With such a technology, the very nature of cybersecurity breaches has become wider, dangerous, frequent, and precise.
According to ThoughtLab Cybersecurity Benchmarking Study, there was a 20% increase in the number of material breaches from the year 2020 to 2021.
In 2021, from the total revenue of businesses, a budget of just 0.80% was assigned to the cybersecurity department. In 2020, it was a measly 0.53%.
Currently, 29% of the Chief Executive Officers (CEO) and Chief Information Security Officer (CISO), along with 40% of the IT security leaders have raised concerns and admitted that they are not well-equipped to deal with today’s evolving cybersecurity threats.
According to Brian Dunagan, businesses need to inculcate a strong security posture and effective tools to effectively claw their way out of these security threats. To achieve this, they should develop a proactive Disaster Recovery (DR) plan.
A top-notch backup solution, with precise anomaly detection mechanisms, is an organization’s best bet today. Brian Dunagan is of the opinion that organizations should have detailed information about the backups, and should even be aware of the changes that take place between those backups.
The security leaders should regularly analyze their Operating System (OS) compliance, as an unpatched system makes room for ransomware attacks much easier. If a system is out of compliance, the backups will replace them with new version of each OS.
Multifactor Authentication (MFA) and Configuration Encryption should be supported by the back-ups. Even if the hacker has been able to gain administrative access, we can stop that person from entering programs or configuration files, provided our backup has the ability to support Multifactor Authentication and Configuration Encryption.
Another important thing is that the backup should have flexible retention periods, and the organization should be able to extend or shrink the retention period, depending on the demand.
CEO and Co-Founder of DH2i, Don Boxley on Protecting the IT Infrastructures
Today, employees thrive in working environments that offer remote access across globally distributed locations. A recent article of Gartner has raised concerns about rapid expansion of the attack surface, as this was the top-most targeted area by cyber miscreants. This statement does not come as a shock to us, because the increased attack surface was a consequence of an exponential growth in hybrid work structures.
Today, the traditional Virtual Private Networks (VPN) are proving in-effective with Cloud-based technologies, as they were responsible for multiple cybersecurity breaches in the past year. It is a complicated process to set up a VPN, and requires dedicated and costly routers for running smoothly. VPNs have a huge lateral attack surface, enabling the perpetrators to target vulnerabilities within enterprise networks.
Zero Trust Network Access (ZTNA) is the safest security solution for an enterprise, so far. Any un-authorized third-party is denied access to enterprise’s IT infrastructure by using the Software Defined Perimeter (SDP).
SDP hides and protects the IT infrastructure from external parties. The SDP solution even stops authorized users from accessing the un-necessary parts of the enterprise network, as they are only allowed access to those applications that are relevant to their job roles.
SDP protects the direct flow of data/communication among users, sites and the Cloud, by the deployment of Datagram Transport Layer Security (DTLS). DTLS guards enterprise communication channels by restricting cyber criminals from illegally eavesdropping and tampering with their communications.
Don Boxley further elaborates that with the help of arbitrarily selected User Datagram Protocol (UDP) ports, SDP can protect the servers and routers from the evil intentions of hackers. Software-Defined Perimeter (SDP) is a secure and affordable solution, which does not require a dedicated VPN for deployment.
Surya Varanasi, StorCentric CTO’s take on Strong Cybersecurity Layers
Fior Market’s Research states that by 2025, the global market for Cloud Computing is expected to grow up to US $712 billion. In 2017, it was at US $270 billion. The Compound Annual Growth Rate (CAGR) for the Cloud Computing market, from 2018-2025, is 18.46%
Today, the pace at which data is being transferred to the Cloud is so fast, that the incorporation of strong security measures has become imperative. With a new ransomware attack making international headlines every other day, one thing is for sure; that the importance of cybersecurity is not declining anytime soon.
Verizon Business’s 2022 Data Breach Investigations Report has stated that there was a 13% increase in ransomware attacks in one year, which is more than what it was for the past 5 years, combined.
According to Surya Varanasi, organizations can effectively protect their valuable IT infrastructures from the malicious cyber attacks by applying these four strategies: Layering, Detection, Protection and Recovery. With a strong layer of defense against cyber miscreants, enterprises can secure their IT infrastructures from a lot of un-foreseen cybersecurity incidents.
Since hackers usually target an enterprise’s back-ups first, organizations are adopting robust back-ups with barriers like object locking and immutable snapshots. It is often a difficult task for cyber criminals to overcome these strong back-up hurdles, halting cyber intrusions to a great extent.
The strong backups, along with object lock layers, thwart cyber criminals from the vital IT resources of an organization.
Conclusion
The sheer importance of the Cloud, makes related cybersecurity threats even more significant. Organizations that have managed to achieve a successful Cloud-based transformation, have strictly incorporated robust cybersecurity solutions, Disaster Recovery (DR), Back-ups and compliance across their IT infrastructures.
dinCloud, an ATSG company, provides top-notch Cloud-based services and solutions to enterprises. We have incorporated robust Disaster Recovery (DR) and Business Continuity (BC) mechanisms across our cloud infrastructure.
