Cloud security: what you don't know will hurt you
If your organization isn’t doing business in the cloud today, it might have some catching up to do. A 2017 report by LogicMonitor suggests that 83% of enterprise workloads will be in the cloud by 2020. Yet the same study tells us that security will continue to be a major worry in the move. In fact, security was identified as the number one concern in cloud adoption for fully two-thirds of the IT professionals surveyed. The reasons for the concern are obvious. Disastrous data breaches are now depressingly commonplace, and they come with devastating costs. A UK study by CGI and Oxford Economics found that cybersecurity breaches caused long-term damage to the share values of the companies affected, with an average permanent drop of 1.8% in share price. (For investors in a typical FTSE 100 firm, that represents an overall average loss of £120 million.) In the most serious attacks, the report found, cyber breaches reduced a company’s value by as much as 15%. And keeping the bad news quiet is no longer an option: The strict rules of Europe’s new GDPR force companies to report these breaches, making it almost inevitable that financial markets will respond unfavourably. Since very few companies can afford the costs of a data breach, it’s essential that organizations take whatever steps are necessary to protect their cloud-based data, and with it, their reputations. Cloud computing represents a wonderful liberation. After all, it allows you to offload the headaches and costs of an ever-expanding on-premises data center to a reputable third party. But that liberation comes with a cost. As more and more businesses move to the cloud, those huge repositories of data become irresistible targets to hackers, many of whom are backed by organized crime and rogue states. In response to this growing threat, the Cloud Security Alliance has identified 12 security issues of critical importance. The issues, known as The Treacherous 12 , are ranked in order of severity (as determined by survey responses):
- Data breaches
- Weak identity, credential and access management
- Insecure Application Programming Interfaces (APIs)
- System and application vulnerabilities
- Account hijacking
- Malicious insiders
- Advanced Persistent Threats (APTs)
- Data loss
- Insufficient due diligence
- Abuse and nefarious use of cloud services
- Denial of service
- Shared technology issues
Share this
You May Also Like
These Related Stories
Achieving data integration zen: building your business case
Achieving data integration zen: building your business case
Jan 20, 2019
3
min read
Building an ETL Pipeline with Multiple External Data Sources in Cloud Data Fusion
Building an ETL Pipeline with Multiple External Data Sources in Cloud Data Fusion
Aug 23, 2022
12
min read
Cloudscape podcast episode 7: August 2018
Cloudscape podcast episode 7: August 2018
Aug 9, 2018
1
min read
No Comments Yet
Let us know what you think