A recent 2021 Netskope Cloud and Threat Report raised some eye-opening pieces of research. In 2021, 53% of all web traffic has been cloud-related, which increased the dangers of cyberattacks. It also revealed a 13% malware spike from cloud apps.
Ray Canzanese, Netskope Threat Research Director, provided an interesting perspective on this subject. He stated, “Cybercriminals increasingly abuse the most trusted and popular cloud apps, especially for cloud phishing and cloud malware delivery.”
According to Canzanese, “Enterprises using the cloud need to quickly modernize and extend their security architectures to understand data content and context for apps, cloud services, and web user activity.”
To be clear: every IT provider’s objective should automatically be to provide their solutions in the most secure way as possible.
Though it seems obvious that cloud services and cybersecurity should go hand in hand, it’s not always the case.
Especially since cloud usage will continue to rise as a response the global pandemic.
Unfortunately, Cloud growth poses new cybersecurity challenges.
The good news:
Large cloud service providers are increasing their cloud services to protect infrastructure. Google for example, created their Cloud Security Command Center. Its main function is to scan for vulnerabilities within the cloud.
The bad news:
Even with these cloud cybersecurity advancements, cybersecurity risks still abound. A recent survey mentioned the top cybersecurity Cloud challenges. The top three problems included data loss (64%) coming in first, with data privacy (62%) trailing a close second, and two problems tied for third: accidental leakage of credentials and compliance issues (39%).
Until all cloud services get up to speed with cybersecurity, learn more about how to combat cloud attacks with some great suggestions by Cypress Data Defense.
And immediately…
Implement these 4 solutions to reduce your cloud cybersecurity risks:
Apply Multi-Factor Authentication (MFA):
- Multi-factor authentication incorporates two factors to identify a person logging in to an account.
- If a cyber attacker steals a user’s password, they need more than just that password to gain access to the account.
- By using MFA, you limit your risk of lost, stolen, or compromised sensitive info.
Apply strong user access control/least privilege:
- Organizations should put strong user access control in place. This defines the extent of access.
- The least privilege model ensures that users can only access data that they need to complete their tasks.
- Following these principles decreases the chances of internal leak and boosts overall data security.
Install encryption in the Cloud:
- Data encryption is extra secured protection on the cloud.
- You will manage your encryption keys based upon your risk tolerance, while not being completely reliant on your provider.
- Encryption provides an added level of security for your data both at rest and during transit.
Perform routine penetration tests:
- The Cloud provider and the organization share responsibility for conducting cloud penetration tests.
- Both may perform tests to detect security vulnerabilities in their cloud service.
The key takeaway here is to ensure that your cloud services include robust cybersecurity strategies and tools.
Learn more about our secure cloud services here and our cybersecurity services here.