5 Basics of Cloud Security

The basic objective of a cloud security strategy is to provide a method to monitor and protect the flow of information to and from cloud hosted services. There has been and will continue to be a shift towards public and private cloud services as the age of digitisation is increasingly being embraced by organisations. 

 

According to Cisco’s Annual Cyber Security report, one of the principle reasons why organisations are deciding to host corporate applications in the cloud is increased security. 

 

On the other hand many small and medium organisations are adopting cloud technology without a clear strategy resulting in the blurring of edges of responsibility between the cloud provider and the organisation. In the eyes of cloud security providers, there are clear responsibilities and boundaries as illustrated in the graphic below. 

 

Security in the cloud is a shared responsibility: Cloud Security, DNS, IaaS PaaS Saas 

Cyber attackers are increasingly taking advantage of this blurring of the boundaries to exploit systems. It is important to undertake a proper risk assessment before cloud services are adopted. This will enable a clear understanding of the risks and a consequent strategy to mitigate the risks.  

 

The basic approach to cloud security will be based on the risk profile, it essentially needs to address the different phases of the cyber security threat, namely before, during and after an attack. It should be an extension of the organisations security approach to the on-premise information systems and data which generally address the question, who is allowed access to what information. 

 

Some of the key features that need to be addressed with a cloud cyber security approach include; 

  • Visibility and Control
  • Securing Cloud Applications
  • Extended Protection
  • Virtualise the Security Architecture
  • Threat intelligence

 

Visibility and Control 

Users will try to use whatever they can to get the job done. Organisations need visibility and control of what applications are being used in the cloud and remotely, especially with the growth of new SaaS applications. Visibility enables an understanding of what is being used in line with policy, what is out of policy and what is a threat. Visibility is the first step to controlling and securing the organisations environment based on what services should be provided. 

 

Securing Cloud applications 

As SaaS applications are increasingly being deployed in public clouds such as Amazon Web Services and Azure, it is vital to ensure that the cloud platform is secure. Even though the cloud providers will deploy their own security solutions, organisations also need to implement independent security systems to secure the user and the data as this is not the responsibility of the cloud provider. In it’s recent cyber security report, Cisco identified that a major growth area for cyber attacks was the misuse of legitimate cloud services to host malware. Hence the need to secure services in public clouds cannot be understated. 

 

Extended Protection

As remote connectivity and branch networking trends increase in popularity, the security solution should be adaptable to extend the necessary features such as firewalling, threat management and anti-malware capabilities to the edge of the network as opposed to the current centralised deployment model. This functionality should be provided on endpoints, remote connections and remote offices and vitally to devices working off site such as Internet Cafes. 

 

Virtualise the Security Architecture 

The need for security is now pervasive at the client, the branch, the HQ as well as public and private clouds where SaaS applications are located. This necessitates the capability for a virtualised security architecture where the panoply of security functionality can be deployed easily at any location. This approach also enables the organisation to scale security at speed which will meet business demands for rapid deployment of new services while avoiding security being an afterthought. 

 

Threat intelligence 

Most organisations deploy security components from multiple vendors. An intelligent approach to securing information and systems in the emerging environment must make use of threat intelligence to overcome any cross vendor incompatibilities. This is the ability to take intelligence feeds from other sources such as other security vendors feeds and make context based threat assessments relating to your organisation and what it means for you. This assessment can naturally feed into automated protection mechanisms. 

 

In our next blogs in this series, we will cover off some best practices approaches to cloud security and discuss some of the technologies being used. 

 

Cyber Attack Simulation: the new test in town

 

When was the last time you had a penetration test of your network or a vulnerability assessment? Penetration testing has traditionally been an annual event for most organisations. Of late we have seen vulnerability assessments delivered as a service with the ability to run tests on demand. Invariably vulnerability assessments are still run once a year oftentimes due to resource shortage and in many instances it’s just not a high priority because nothing bad has happened – or at least we are not aware of it. 

 

On the other hand, industry security statistics would indicate that the general approach to security could well be a disaster waiting to happen, or worst still a disaster that has happened but just not discovered yet. Yes we know that enterprise organisations and some medium sized organisations have a highly security regime in place and manage security according to best practices. Despite the efforts of the aforementioned organisations the numbers are still overwhelmingly in favour of the bad guys as illustrated below. 

 

  • 100% of organisations interact with known malware sites – simply put, everyone is likely to be infected at some stage 

 

  • 99 days average time to detect a breach of a pool of known vulnerabilities  

 

  • 4 hours average time it takes cyber attackers to steal data 

 

  • 365 days – time between vulnerability assessments and penetration tests 

 

For sure both vulnerability assessments and penetration test have proven to be valuable tools in the arsenal for protecting IT systems from compromise, but only when used effectively and frequently enough. 

 

One challenge however that either approach may find very difficult to keep up with is the rate of change as newer, more sophisticated and persistent threats and exploits appear on an almost daily basis. 

 

An emerging approach to confront the threats head on while enabling organisations to take the initiative is to deploy a solution that conducts a series of simulated attacks based on known and emerging threat vectors. With this type of approach, you can now address the question “how do you know your security systems are working?”.  

How many times have you seen a detailed and impressive list of access control lists only to be undone by the second to last line “permit ip any any”. 

 

Without comprehensive and persistent testing, any assurance of cyber security is based purely on assumption and best guess.  

Yes you have defences in place such as firewalls, endpoint security, anti-malware solutions but how do you know that they are really effective against known/unknown cyber threats. The assumption is that you have the right defences in place to protect from vulnerabilities and they security solutions are optimally configured. You only truly know for certain when an attempted breach has been attempted, detected and blocked. On the other hand you may have been hacked and you either never know or you don’t know for months after the event when the hackers have stolen day and moved on to other victims. 

 

 

A simulated attack is a method of safely checking whether your systems are safe and your data is protected from vulnerabilities. The simulation can run a range of attack vectors to test your defences against a range of vulnerabilities. Simulated attacks that are successful will give you a clear understanding of your current vulnerabilities and how to mitigate them – it gives you actionable intelligence of the holes in your cyber defences. It can also validate the security controls that are in place and be used to test your security incident response procedures. Remember cyber defences is not just about preventing attacks, it’s also about what you do when the attacks occur to remediate and recover. 

 

A simulated attack service can also be used to undertake real time validation especially when changes are made or as you become aware of new vulnerabilities. When run as a cloud service, it can be run repeatedly to provide ongoing security posture assurance. A simulated attack service is definitely a service worth considering augmenting a comprehensive security posture assessment approach that includes penetration testing and vulnerability assessment. Simulated attacks can be seen as an emerging solution that is geared to match the rapid and changing nature of cyber threats. 

 

 

Cyber Risk Assessment– get good at it

Today’s reliance on IT technology is unparalleled and will only increase. While some businesses are pondering the benefits of IoT deployment or bespoke business applications, others are ploughing ahead and pioneering their initiatives. Some of these initiatives are stuttering and some are big winners that have transformed their business. Digitisation and it’s attendant benefits is the new game in town and it is not going away soon.  

The constant question that new initiatives will always raise is, what about cyber security? These new initiatives also need to be balanced against new compliance regimes such as GDPR which can levy punitive fines for breaches involving sensitive personal data. IoT means a greater footprint or attack surface; a new cloud application means potential exposure of data or the possibility of unauthorised access. While these risks and others exist, this should not hinder businesses taking advantage of the potentially major opportunities from digitization. What is therefore of paramount importance is a way to effectively assess and mitigate the risk from these initiatives and other IT activities that will enable the businesses to safely adopt new technology. 

 

Cyber security is everyone’s concern 

Cyber security is no longer just an IT issue, now it is definitely everyone’s concern. Responsibility is now being devolved as applications move to the cloud. More departments are involved in selecting and implementing their apps, therefore they also need to have security at the forefront in both the selection and operational processes. 

 

Comply with regulation or become extinct 

Regulation is now gaining real teeth and therefore compliance is no longer an optional nuisance. Consider the Carphone Warehouse breaches recently. If the recent 6m records breach occurred under the watch of GDPR, the fine could be a whopping £428m, compared with the max £500k fine which could have been levied under the previous Data Protection Act. Compliance is now an imperative and failure could mean business extinction due to the punitive fines.  Compliance should be seen as an opportunity to get your business in shape in which case everyone benefits. 

 

Cyber risk assessment is a specialism 

Change is another constant in IT, therefore risk assessment should be constant and continuous. Oftentimes risk assessments are left till the end of an initiative when in fact it should feature right at the beginning and be a part of the “go/no go” decision. If risk assessment is built into project implementation, the end result will definitely look a lot better than if it were an after thought. The struggle is to find the skills where there is a good understanding of IT risk management. It is an area where businesses need to invest in training staff at all levels of the organisation. 

 

Risk assessment and mitigation needs to be a continuous process where all departments in a business are engaged in continuing assessment, monitoring and improvement of the risk exposure.  

 

An interesting development in this light is a joint solution offered by Aon, Apple, Cisco and Allianz. The components of the solution include the following; 

  • Risk Assessment with a target output of an analysis of the businesses level of insurability, its security posture with recommendations on how to correct any gaps.  
  • Those wishing to improve their security posture receive a plan that includes an enterprise ransomware solution incorporating, advanced email security, endpoint protection and DNS layer security.  
  • The business will also deploy Apple MacOS and iOS endpoints.  
  • Businesses choosing this solution will receive favourable terms from Allianz who consider this combination to be a more secure solution.  

 

While it may not be practical for all businesses to adopt this solution, the method/approach is a useful indication of a what can be done. The importance things is the assessment needs to be continuous and reflect the status of the business and it’s use of IT at any point in time which of course is a moving goal post.

7 infographics from the Cisco 2018 Cyber Security Report explained

In our final part of Cisco’s 68 page 2018 Annual Cyber Security Report, we summarise the key findings and highlight the main takeaways contained in the report.
While most of the information is already known, put in context it gives a thorough view of the changing landscape and importantly identifies some of the steps that Information Security teams could take to mitigate the growing risk.
The reports highlights include;
  • Self-propagating ransomware is a growing trend
  • Legitimate cloud platforms are increasingly being exploited for cyber attacks
  • Cyber attackers are exploiting gaps in security coverage as organisations move to the cloud
  • Lack of skilled cyber security staff is a growing problem
  • Security is more effective when policies governing technology, processes and people are synced
  • Scalable cloud security, advanced endpoint protection and threat intelligence can be deployed to reduce the cyber threat risk
According to the Cisco report, cyber attackers are amassing their techniques and capabilities at an unprecedented scale.
Ransomware is the most profitable form of malware and has evolved into self-propagating network based cryptoworms as witnessed by Nyetya
and WannaCry. These ransomware variants took down whole regions and
sectors of infrastructure such as the Ukraine and the NHS.
Cyber attackers are weaponizing the cloud and using legitimate cloud services from well known vendors such as Google, Amazon, Twitter to host and conduct malware attacks. They are in fact capitalising on the benefits of cloud platforms such as security, agility, scalability and good reputation, oftentimes repurposing their sites before they are detected.
Cyber attackers are exploiting gaps in security coverage including IoT and cloud services especially where the organisation has not extended their security controls to include securing users and data in the cloud. Another growing obstacle to more effective cyber security is lack of skilled cyber security personal and inadequate budgets.
Cisco’s report also provides some essential guidance that organisations
should adopt in order to meet the growing challenge and provide more effective cyber security protection. Some of these measures include;
  • Implementing scalable cloud security solutions
  • Ensuring alignment of corporate policies for technology, applications and processes
  • Implementing network segmentation, advanced endpoint security and incorporating threat intelligence into security monitoring
  • Reviewing and practising security response procedures
  • Adopting advanced security solutions that include AI and machine learning especially where encryption is used to evade detection
While the security report is essential reading for all personnel responsible for an organisations information assets, in many areas it reiterates what we have been hearing about in the news and trade publications. The essential call to action is really to make a good start by doing the essentials. If you have already done this, then keep testing, refining and improving your cyber security posture.

5 Takeaways from the Cisco 2018 Annual Cyber Security Report

Cisco Annual Cybersecurity Report 2018

Cloud abuse on the rise according to Cisco Security Report

Cisco’s Annual Cyber Security Report 2018 provides an insightful account into the changing cyber security landscape. This article summarises some findings of the report pertaining to cloud security.
Some main take aways from the report that will be discussed in this blog include:
  • Legitimate cloud services such as Twitter and Amazon being used by attackers to scale their activities
  • Machine-Learning is being used to capture download behaviour
  • Cloud Security is a shared responsibility between organisations and its provider
  • There is an increase of belief in the benefits of cloud security
  • Cloud abuse is on the rise
According to the report, increased security was the principle reason security professionals gave for organisations deciding to host corporate applications in the cloud.
Fifty seven percent believe the cloud offers better data security
Organisations who have a security operations team are likely to have a well defined cloud security approach that may include the adoption of Cloud Access Security Broker (CASB) as they deploy to the cloud.
Many smaller organisations however are adopting cloud services without a clear security strategy, there is therefore a blurring of the security boundaries where many organisations are not certain about where their responsibilities end and where the responsibility of the cloud provider starts.
Security in the cloud is a shared responsibility: Cloud Security, DNS, IaaS PaaS Saas
Security in the cloud is a shared responsibility
Cyber attackers are increasingly taking advantage of this blurring of the boundaries to exploit systems.
An increasing trend amongst cyber attackers is to use legitimate cloud services to host malware and command and control infrastructure. Public clouds that have been used for malware activity include Amazon, Google, DropBox and Microsoft.
This makes it doubly difficult for security teams to identify bad domains and take protective measures without risking significant commercial impact caused by denying user access to legitimate business services.
Examples of legitimate services abused by malware for C2
The misuse of legitimate services is attractive to cyber attackers for a number of reasons;
  • Easy to register a new account and set up a web page
  • Adopt use of legitimate SSL certificate
  • Services can be adapted and transformed on the fly
  • Reuse of domain and resources for multiple malware campaigns
  • Less likely that infrastructure will be ‘burned’ (service can just be taken down) with little evidence of its purpose
  • Reduce overhead for attacker and better return on investment
Cyber attackers are effectively using legitimate and well known cloud infrastructure with their attendant benefits; ease of scale, trusted brand and secure features such as SSL. This enables them to scale their activity with less likelihood of detection if current protection methods are retained.
The challenges posed for the security teams defending organisations from these new threats call for a more sophisticated approach because in effect you need to block services that users are trying to access for legitimate work such as Amazon or Dropbox. Furthermore, the legitimate services are encrypted and so malware will be encrypted and evade most forms of threat inspection techniques– the threat will only become apparent after it has been activated on a host.
Intelligent cloud security tools will need to be deployed to help identify malware domains and sub-domains using legitimate cloud services. Such tools can also be used to further analyse related malware characteristics such as associated IP addresses, related domains and the registrant’s details.
An emerging and valuable approach to detect anomalous behaviour is machine learning.
Machine learning algorithms can be used to characterise normal user activity, unusual activity can be identified, and action taken automatically.
Machine-learning algorithms capture user download behaviour 2017
To meet the range of challenges presented by cloud adoption,
organisations need to apply a combination of best practices, advanced security technologies, and some experimental methodologies especially where they need to overcome the use of legitimate services by cyber attackers.

Would you like to learn more? Claim your Free copy of our latest eBook “A View of the Cyber Threat Landscape”. Click here.

What’s HOT What’s NOT: Cyber Security 2018

What are the main cyber security trends and focus areas for IT Managers and Chief Security Officers so far in 2018?

One thing we know for sure is that cyber security won’t be taking a lower profile as IT embeds itself at the core of organisations becoming a true business enabler.
IT is at the core of organisations and if there is a glitch then the business impact is profound. It is therefore beneficial to be able to focus limited resources and efforts on the priorities that will really
make the biggest difference.
 So the question is what will be HOT and what will NOT in 2018. The list below, while not being exhaustive, gives a focus on what you should be prioritising.

 HOT

  • GDPR
  • Ransomware
  • Cloud

NOT

  • Anti-Virus
  • VPNs

HOT: GDPR

25th May 2018 is the date the GDPR will come into force. The regulation will affect literally every organisation that holds personal data. With the increasing regulatory powers for investigation and enforcement, firms not complying with the regulation could face severe penalties.
GDPR must, therefore, be high on the list of business priorities and a comprehensive approach to GDPR compliance will necessitate a comprehensive review of policy, process and technology.
In a recent article we discovered that 52% of medium sized business have NOT made changes/prepared for GDPR!

NOT: Anti-Virus

In the face of the new breed of sophisticated, adaptable forms of cyber attacks, traditional Anti-Virus is becoming redundant. The approach of traditional Anti-Virus which is based of signatures relies on threats having been detected and updates being propagated to clients before an attack occurs.
Organisations need multiple layers of protection to stand any chance of detecting and blocking new threats some of which can dynamically probe and adapt to the host environment.
Anti-Virus is still essential especially if it also monitors for abnormal behaviour, however if it is your primary line of defence, expect the worst, as Robert Mueller says, you will be attacked, depending solely on Anti-Virus increases the likelihood of it happen sooner and more frequent.

Related Resources

HOT: Ransomware

2017 saw the spread of global ransomware variants Wannacry and Nyetya. Wannacry made significant parts of the NHS powerless while Nyetya caused major losses for businesses. Fedex counted losses in excess of $300m and at one stage had to resort to WhatsApp for internal communications due to compromised email systems.
The ransomware ‘business model’ has stepped up a notch with it being made available to buy as a service. The avatar of the attacker has suddenly changed from a stereotypical hoody wearing geek to just about anyone who can pay with some Bitcoin.
Ransomware has been the most profitable form of cyber attack to date and franchising it just made it cement it’s pole position as the number one threat in 2018.

Related Resources

NOT: VPNs

Statistics indicate that nearly 50% of workforces are mobile, meaning they access their organisation’s IT applications from remote locations to the organisation’s offices. The ubiquitous VPN has been the secure way of connecting.
 With the various flavours and increasing range of users requiring connections, VPNs are becoming a greater management overhead and an increasing security risk especially if the controls are not kept up to date with the threats.
A need for a more sophisticated and granular method of providing remote access is emerging where users are connected only to what they require, when they require it and furthermore their security posture is established even before they are allowed any connectivity.

Cloud: HOT

Organisations having realised the benefits of cloud adoption have embraced it while mitigating the risks as best they can. The benefits of the cloud in many instances include lower operational costs, agility, increased resilience and scalability.
Cloud adoption is also well suited to the growth of a mobile workforce who need anytime anywhere access to their applications. Securing the cloud data and user access is however an area of cloud implementation that is emerging as a focus area that businesses have not paid sufficient attention to.
Technologies such as secure DNS and the secure Internet gateway are solutions that are highly likely to gain a lot of traction as organisations audit and protect cloud connectivity from a range of emerging cyber threats.

Related Resources

There will inevitably be questions about security topics such as BlockChain, IoT and Phishing just to name a few. Let us know how your list wouldn’t be different.

Trial Cisco Umbrella for 14 Days, completely free and no obligations!

If you have read the last few updates you should now have a deeper understanding of Cloud Security, that’s great! But what can YOU do about it? 

We are offering a 14 day trial of Cisco Umbrella, the industry’s first Secure Internet Gateway in the cloud.

Cisco Umbrella provides the first line of defence against threats on the internet. Because Umbrella is delivered from the cloud, it is the easiest way to protect all of your users in minutes.

It takes no time to install and you don’t have to provide any payment details (or even have a phone call).

So what’s to lose? 

Click here to start your trial! 

I made a call, the customer said no, but I loved it

 

We have been doing our cloud security blog now for a couple of weeks and decided to start to speak directly to some of the contacts who had been reading the blogs. I spoke to one contact from the legal sector (who shall remain nameless) who gave some very interesting feedback.

 

The bad news is that the call did not end up in a sale or a trial of the software, and they didn’t want to meet with us or try out any of our services so there is no fairy tale ending here.

 

What was more interesting was that the customer said about Umbrella cloud security and his current IT partner.

 

On the subject of Cisco Umbrella, he said they had been using it for over a year now and “it was absolutely brilliant”. The ability to automatically block bad domains and to investigate suspected threats was extremely good and he was very happy that they had decided to deploy the product.
Furthermore, he said it was introduced to him by their IT provider whom they have worked with for nearly 10 years now. He said it was a very strong partnership where they had offered an exceptional quality of service, they weren’t the cheapest but it would just be silly for them to look elsewhere at this stage because you get what you pay for and they certainly were getting very good value for money. He felt it would be silly of them to be looking to change under such circumstances. I said to him I hoped my customers felt the same way about the service we provide as we certainly strive to differentiate ourselves in this way. He thanked me for the call and we went t our separate ways.

 

Wow this is what I have been banging on about for what seems a lifetime, it’s not about being the cheapest or biggest, but rather about providing good value for money.

 

What was even more satisfying is the fact that he appreciated what we had been writing about in terms of cloud security and the importance of DNS security. He was totally happy with the Umbrella product and now couldn’t see them operating without it.

 

So I am really happy that though this customer said no to us, they endorsed what we believe and what we have been banging the drum about.

 

Protect yourself against 92% of malware threats that can be stopped at source via secure DNS. The free trial is waiting for you to just click the link and be up and running in 5 minutes. It will be the best cyber security click you’ve ever made.

Test the solution yourself! Free 14 day trial 

Take Control with CASB and DNS

Its been a cloudy blog of a fortnight (pardon the pun but I couldn’t help it). To summarise we have been looking at the changing IT landscape and the consequent change in the threat landscape. We then looked at how organisations need to change their approach to cloud security to address this new reality.

 

The age of digitisation is bringing about a dramatic change to the IT landscape. Digitisation is about new efficient ways of doing things at scale. It’s about automation and new ways of engagement with customers in a way that suits them and at a time that suits them.

 

Digitisation is turning century old industries on its head as new players emerge that are agile, visionary and creative at a rate it’s outpacing their peers.

 

The new IT landscape is about DevOps “scoring an end goal” around or despite IT. Being applied to conceive and deploy apps in a fraction of the time it used to take using a conventional approach. Its about using the cloud to take advantage of Infrastructure, Platform or Software as a Service and being able to globally scale an application.

 

The new IT landscape is also about anytime anywhere access for users/employees. Power is being devolved to branch offices because they need better connectivity to access their new apps in the cloud. Analysts are saying that approximately 50% of users now access their applications remotely and 25% actually work remotely.

 

We also need to factor the explosive growth of IoT and the pervasive use of mobile devices to access the web.

 

Digitisation is a bright new horizon but it also brings major security headaches. Some of these include;

  • A massive increase in cyber attack landscape, more devices, more apps, more points of access
  • Increase in the number of alerts security teams need to process and understand
  • More applications to monitor and manageLack of visibility in what users are doing and how they are using apps
  • The growth of shadow IT exposing corporate information and services to attacks
  • Outdated non-cloud savvy security relative to the emerging landscape

 

Cyber attackers have evolved in sophistication to keep apace of the changes in IT. They constantly evolve their exploits, they are offering attacks as a service, they are using cloud scale computing power as well. Cisco’s annual cyber security report identifies that the scale and sophistication of attacks have increased over the past 12 months.

 

Security teams need to evolve their approach to security making it cloud centric with the ability to protect users and data anywhere anytime. Remember cloud services still require organisations to take responsibility for the security of their data. Gartner has identified that 95% of data breaches will be the fault of the end user.

 

Some of the essential tools that security need to include in their new armoury include secure DNS services as well as CASB services. DNS will block access to malware sites before they happen, or if a machine has been infected, it will block the command and control call back. CASB has the ability to monitor user activity in the cloud, profile applications in use and prevent data leakage. Both tools can also provide invaluable visibility into the normal behaviour of users and trigger protective actions and alerts as and when behaviour varies from the norm.

14 Day Free Trial of Cisco Umbrella

Get started in 30 seconds

No credit card or phone call required

 

WHAT IS INCLUDED?

  • Threat protection like no other — block malware, C2 callbacks, and phishing.
  • Predictive intelligence — automates threat protection by uncovering attacks before they launch.
  • Worldwide coverage in minutes — no hardware to install or software to maintain.
  • Weekly security report — get a personalized summary of malicious requests & more, directly to your inbox.
  • 1,000+ users? — You’re eligible for the Umbrella Security Report, a detailed post-trial analysis.

See how easy Umbrella is to instal

Securing SaaS Applications: How to Secure the Cloud

Security in the cloud is a shared responsibility: Cloud Security, DNS, IaaS PaaS Saas

 

More organisations are adopting a cloud strategy to leverage cloud services and enjoy the associated speed of development and deployment. One of the biggest challenges, however, is creating the balance that provides an appropriate level of governance over the use of cloud applications that still empowers users to leverage these services.

 

We recently highlighted a news article (read it here) about a tool that was able to trawl through Amazon Web servers and access potentially sensitive data hosted by a number of organisations. The tool highlighted flaws in the configuration of servers in the cloud. This is a good example possibly of a rush to deployment that left good cyber security practices behind.


In this blog series, we have discussed the need for a pervasive cloud centric cyber security approach that not just protects the user but also the data.

 

Cloud service providers are responsible for the security of their infrastructure, while organisations that use those services are responsible for user activities on top of that infrastructure. Cloud service providers will build security into their platforms and environment, however, if the data is being accessed by the wrong person or used inappropriately, they will not be aware of that. Additionally, they do not know what applications an organisation has approved or disallowed. 

 

The cloud centric security approach, therefore, needs to have extensive visibility of who is accessing applications and data and how they are using it. The security approach must have the ability to identify malicious infrastructure and protect sensitive data from it. Compromised accounts need to be identified as well as potential malicious insiders. The emerging security tool that addresses this security concern is the cloud access security broker (CASB).

 

A cloud access security broker helps organisations address a range of cloud security vulnerabilities by providing visibility into the applications in use, profiling them from a risk perspective, and enforcing policies especially around data loss prevention (DLP) and user activity.

 

A good CASB implementation will also provide for the retrospective discovery of sensitive data and malware in cloud applications. The CASB should also integrate with network based entities to give visibility into real time data, threats in motion, as well as preview historical use of cloud applications.

 

In our next episode, we will take a deeper look at CASB and how they can work more effectively with other security tools to secure the cloud.

Free eBook: A View of the Cybercrime Threat Landscape

 

$2,235,018 per year

The average amount SMBs spent in the aftermath of a
cyber attack or data breach due to damage or theft of IT
assets and disruption to normal operations.

The amount is staggering, and enough to jeopardize the viability of
many companies. Yet the business benefits that come with the internet,
Cloud computing and other applications are impossible to forego
and remain competitive.

That’s why business owners and executives are asking one question:

  • Is our internet safe?

If your service provider can’t demonstrate how it is making you
company less likely to become a victim of cybercrime, then it is time
to consider alternatives.

In this eBook, we’ll outline what companies are up against
today, and how Cisco Umbrella can help bring you peace of mind.

Download the eBook here!

What Next?

 

Trial Cisco Umbrella for 14 Days, completely free and no obligations!

If you have read the last few updates you should now have a deeper understanding of Cloud Security, that’s great! But what can YOU do about it? 

We are offering a 14 day trial of Cisco Umbrella, the industry’s first Secure Internet Gateway in the cloud.

Cisco Umbrella provides the first line of defence against threats on the internet. Because Umbrella is delivered from the cloud, it is the easiest way to protect all of your users in minutes.

It takes no time to install and you don’t have to provide any payment details (or even have a phone call).

So what have you got to lose? 

Click here to start your trial! 

See how easy Umbrella is to installwatch this video 

A View of the Cybercrime Threat Landscape

Download: A View of the Cybercrime Threat Landscape

$2,235,018 per year

The average amount SMBs spent in the aftermath of a
cyber attack or data breach due to damage or theft of IT
assets and disruption to normal operations.

 

The amount is staggering, and enough to jeopardize the viability of
many companies. Yet the business benefits that come with the internet,
Cloud computing and other applications are impossible to forego
and remain competitive.

 

That’s why business owners and executives are asking one question:

  • Is our internet safe?

 

If your service provider can’t demonstrate how it is making you
company less likely to become a victim of cybercrime, then it is time
to consider alternatives.

 

In this eBook, we’ll outline what companies are up against
today, and how Cisco Umbrella can help bring you peace of mind.

Download: A View of the Cybercrime Threat Landscape