Cloud Computing is not new. In fact, according to a Forbes survey, 57% of organizations have adopted theCloud, and 80% of IT budgets are being committed to Cloud infrastructures moving forward.
57% goes beyond the definition of mainstream. It also means it’s a priority for hackers, who play the numbers game. For hackers, it doesn’t matter if they fail after hundreds of attempts. It only takes one successful breach for all their hard work to pay off. An article on Wired published a story about two separate hacking malwares that were specifically designed to destroy industrial hardware. Subsequent investigation revealed that it caused the blackout in Kiev last 2016. The damage a malware like that can’t be estimated in plain dollar values.
Securing your Cloud Infrastructure
Securing your data from Force Majure, malicious attacks, and other potential triggers of downtime should always be in a CIO’s to-do list. Eternal vigilance, like democracy, is the key to securing your Cloud Infrastructure.
Here are some best practices that every company should apply to protect themselves against data theft and other disasters.
Join the CyberSecurity Community
One of the secrets of cybersecurity is there are no secrets. The cybersecurity industry as a whole shares information with everyone including their competitors. It facilitates a collaborative exchange of information that prevents the hacker methodology against someone else.
Each consulting company or cybersecurity software vendor should have their own means of collaborating such as a forum, social media page, or website. There are also vendor-neutral sites such as the general Cyber Security Forum that is free to join.
Periodic Health Check and Testing
One of the biggest follies that companies make in terms of cybersecurity is they only test the integrity of a system during deployment. Cybersecurity is a cat-mouse game. Hackers do what they can to create a breach without getting caught. They try several different methods until one eventually works. White hat professionals then close the breach (if detected) and the cycle goes on.
2011 was the high water mark of Malware creation with over 26 million new strains were detected that year. That is almost one new computer virus every two seconds. They infect 100-300 thousand websites a day. If these numbers are treated as even close to facts, then integrity testing should be done at least every hour.
There are automated software that tests systems periodically through an embedded cron function, but such tasks take up computing resources needed for critical tasks. IT managers should be able to create a balanced schedule to handle both.
Prepare a Budget
Most websites would suggest buying software, high-end security hardware such as Cisco firewalls, or hiring a specialist to handle the issue. Companies can also hire third-party consultants or automated monitoring services.
Regardless of what method the IT manager wishes to take, the ultimate deciding factor would be, what can the company afford. Obviously, the higher the budget, the more options the company can take in securing its infrastructure. Conversely, a zero budget means those options are severely limited.
Planning and budgeting at the highest levels of management for the security of your Cloud infrastructure is a given. However, it is not always the case. In most cases, security maintenance is treated as an afterthought. It shouldn’t come as a surprise to technical people. A majority of the world’s population buy computers or mobile gadgets and just use them. They don’t even consider installing anti-virus software. But the technical team should be prepared to present their case to management. The cost-benefit of cybersecurity is an easy case.
The Future of Cloud and Cybersecurity
According to another Forbes article, 83% of all enterprise (computer) workloads will use Cloud computing. Factor in IoT, Big Data, and Artificial Intelligence and the figure could be higher.
That said, it would mean that storing data in public servers will not change in the foreseeable future, in fact, predictions say the current trend will proliferate and expand.
Hackers and other cybercriminals are also aware of the trend. They would focus their malware development to target the “treasures” stored in the Cloud. The higher the emphasis Cloud computing plays in business, the more enticing it becomes for black hat operators.
Cloud computing is the present and the foreseeable future. The same can be said with cybercrime. The question remains if your company’s security will follow suit.