Cybercriminals are using the cloud too – Are enterprises prepared?
Article by Goh Chee Hoh, Managing Director, Trend Micro Malaysia & Nascent Countries
Cloud technology has been an integral component in paving the way for organizations across industries to undergo digital transformation. Globally, 50% of organizations are adopting a cloud-native approach to support both employees and customers, and the number of connected devices is expected to climb to 55.9 billion by 2025. With the increased demand for cloud computing among small and medium-sized enterprises (SMEs) in the ASEAN region, the cloud computing market revenue is estimated to reach US$40.32 billion by 2025, according to IDC.
Particularly in Malaysia, we’ve also seen swift progress in cloud adoption – with the most recent milestone being the upgrade of the Malaysian Government’s Public Sector Data Centre (PDSA) into a hybrid cloud service called MyGovCloud. The pace of cloud adoption is expected to accelerate following the government’s decision to provide conditional approval to Microsoft, Google, Amazon, and Telekom Malaysia to build and manage hyperscale data centers and cloud services in Malaysia.
With cloud-based systems becoming a key component of organizations’ operations and infrastructures, malicious actors have been turning to the cloud, taking advantage of weaknesses in cloud security to perform various malicious activities — leading to new complexity regarding effective attack surface risk management.
Why businesses need better risk management
The shift to the cloud and dramatic increase in connectivity gives malicious actors new and often unmanaged attack vectors to target.
As revealed in Trend Micro’s semi-yearly Cyber Risk Index (CRI) report, 68% of ASEAN organizations think they will be successfully attacked within the next 12 months, with organizations in the Philippines and Singapore having the highest likelihood to experience one or more cyberattacks at 73% and 70%, respectively. Meanwhile in Malaysia, 67% of organizations believe that they are likely to be breached in the next 12 months – indicating a dire need for local organizations to be better prepared in managing cyber risk.
To better reduce the risk of cyberattacks, enterprises must first understand how cyber attackers are exploiting the cloud for their own benefit and bridge security gaps by proactively anticipating data breaches.
One of the most common ways that organizations put themselves in a vulnerable position to be attacked is through misconfigurations of the cloud. While misconfigurations might seem straightforward and avoidable, they are the most significant risk to cloud environments – making up 65 to 70% of all security challenges in the cloud. This is especially true for organizations that have been pushed to migrate quickly to the cloud since remote work became the new norm.
Malicious actors are also turning to low-effort by high-impact attack strategies in gaining access to cloud applications and services. On top of exploiting new vulnerabilities in an enterprise’s network, cyberattackers will persistently exploit known vulnerabilities from past years as many enterprises still lack the ability to get full visibility on environments that are left unpatched.
How enterprises can stay prepared
Since criminals can execute their attacks more effectively, they can also target a larger number of organizations, potentially leading to an increase in overall attacks. Organizations now have much less time to detect and respond to these incidents, and this will be expounded as the business model of cybercriminals matures further.
With that in mind, enterprises must strengthen their security posture foundations to defend against evolving cyber threats. Among the key cybersecurity strategies to adopt include:
We live in a world where skills shortages and commercial demands have combined to expose organizations to escalating levels of cyber risk. In the cloud, it leads to misconfigurations and the risk of knock-on data breaches, as well as unpatched assets which are exposed to the latest exploits. The bad news is that cybercriminals and nation states are getting better at scanning for systems that may be vulnerable in this way.
Better digital attack surface management starts with the right tooling. Solutions such as Trend Micro Cloud One enable and automates platform-agnostic cloud security administration and cloud threat detection and response, which can help security teams improve the efficiency of threat investigation and response, as well as reduce the risk of a security breach.
Empowering employees with resources and tools to ensure cloud operational excellence
Many enterprises are already well on their way in the world of cloud, with more and more security teams using cloud infrastructure services and developing cloud-native applications. However, this can often be a steep learning curve for cloud architects and developers – leaving gaps in protection, compliance, and visibility.
To improve the situation, organizations need to provide resources to employees to ensure that the cloud service configurations adhere to industry best practices and compliance standards. One such way is to use tools that automatically scan cloud services against best practices, relieving teams from having to manually check for misconfigurations.
Adopt a Shared Responsibility Model
Clouds aren’t secure or insecure, they’re as secure as you make them. Instead of “who is more secure – AWS, Azure, or Google Cloud?” ask “what have I done to make all of my clouds as secure as I need them?”
Security in the cloud works using the Shared Responsibility Model – which dictates who is responsible for any operational task in the cloud and security is simply a subset of those tasks. Security self-service for the cloud is fully here in all its forms, and understanding this model is critical to success in the cloud.
While increased cloud adoption allows organizations to be more agile, scalable, and cost-efficient, the benefits of using cloud services and technologies are no longer just reaped by legitimate companies, but also by cybercriminals who keep up with the trend. As criminals accelerate attacks and expand their capabilities, businesses must adopt a solid cybersecurity strategy to stay a step ahead.
The views of this article are of the author and may not represent the views of Tech Wire Asia.
- Supply chain issues are about to disrupt Christmas again
- Rockwell Automation: Beating the odds and growing strong in Asia Pacific
- What cybersecurity trends are expected in 2023?
- Emerging as the Hare in 2023 and Beyond – Fighting age-old criticism of automation
- DHL: Recalibrating logistics, supply chains in a post-Covid era