The cloud adoption journey has been consistent. From decision-makers in organisations to individual CXOs who once raised questions about its cognizance in security and adoption is today future-ready with their cloud strategies? Discreet questions like where the data is and if it is in safe hands find no coverage’s across the internet. It can be said that the internet has evolved in the hands of the cloud or vice versa. Administrative tools and contractual obligations have emerged to give better visibility to, and accountability of, data custodianship. Even the capabilities of technology professionals have been enhanced to include full certification paths towards demonstrating cloud proficiency.
Can be said historically now that startups and mid-size companies who were tangled between servers and other computing equipment are today serverless and enjoying seamless business processes with Cloud and Cloud Security in place. The question of the cost thereafter is a specific myth as services are driving the future of businesses and hence quantifying cloud security. Many organizations that relied on security through air-gapped systems are now starting to become internet-connected. This is particularly true in industrial organizations.
The Remote Business in Front
With the pandemic and even before those organisations have opted for new virtues and methods for managing workloads and workforce? The internet came as a savior and today cloud computing with layered cloud security architectures and enabling the future of computational power. We asked two experts their thoughts about industrial organizations adopting the cloud and the importance of cloud security in the age of digital transformation; we will talk about their insights and what we think about Cloud Security in 2022.
Industry 4.0 and The Growing Mansions of Cloud Security
The way today’s organisations operate and visualize their industrial processes has changed dramatically and technically facing the fever of automation. In this process, individual companies are rethinking and organizing the pace of future processes of business. One term which has taken over the industry today is Industry 4.0. Industry 4.0 of all its defining capabilities can be a synonym for based on digital transformation, Internet-based technological ecosystems such as the internet of things (IoT), the industrial internet of things (IIoT), cloud computing, fog computing, big data, machine learning (ML), deep learning, and artificial intelligence (AI).
To all the vital facets of Industry 4.0 is the right ecosystem of cloud computing. Cloud computing is required for an organization to make this broad leap forward, and the adoption of cloud computing by industrial organizations comes with many benefits. Over the previous years, data have been captured on a small scale with respect to the total amount of available data within OT/ICS networks. In particular, most of the data we currently collect is based on what is required by a system to be collected such as signals coming from monitoring real-world processes or data related to safety control and safety instrumented systems. However, there are many signals and data within OT/ICS networks that can be captured that are not necessarily a requirement but could be used to enable more secure and smarter industrial environments, i.e., smart factories.
The Cybersecurity Implication
There are cybersecurity implications for this adoption, as well, with both positive and negative results. On the positive side, the massive amount of big data and predictive techniques could be used to enhance our current capabilities to observe malicious activities within an OT/ICS network. The cloud and industry 4.0 can enable innovations that allow visibility and detection of attacks at a larger scale and higher dimensions than non-Industry 4.0 organizations. For example, if a malicious user has gained access to an ICS network and is trying to spoof signals sent to a human-machine interface (HMI) in order to achieve some goal, real-time data processing and ML-based predictive modelling in the cloud could be used to alert on suspicious activity. This is a positive benefit, as the cloud and all the data processing is being used to increase the organization’s cybersecurity posture. A negative impact could be the introduction of new devices such as IIoT-based data collection systems into OT/ICS networks as part of an industrial organization’s digital transformation. A solution to this problem is having cybersecurity technology that provides both device visibility into the OT/ICS networks and capabilities that aid with device integrity such as security configuration and vulnerability assessment.
The Market Sentiment
The Cloud Computing market continued to grow. As per a recent Gartner, Inc. forecast, the total public cloud services segment has grown from $270 billion in 2020 to $332.3 billion in 2021. Emerging technologies like containerization, Desktop as a Service (DaaS), and edge computing are driving major cloud spending.
As organizations recover back to the pre-covid levels, Cloud Computing is a powerful technology available at their disposal to accelerate transformation plans. Cloud Computing gives organizations the power to co-innovate with cloud service providers and offers intelligent digital solutions that are accessible, adaptable, and agile.
Digital Transformation projects like implementing Robotic Process Automation for streamlining manual tasks and building AI and ML models on existing datasets to prepare intelligent systems are all based on data. Security is the most important attribute when it comes to Digital Transformation projects. And as organizations rely on the cloud for their data projects, they need to secure challenging cloud environments.
BitGlass’s 2020 Cloud Security Report throws some interesting insights about Cloud Security. Around 33% of respondents admitted that they are extremely concerned about the security of the public cloud. While this sounds like Cloud is not as secure as required for data-critical projects, it is not entirely true. Public Cloud Solutions are second to none when it comes to data and application security.
Few Challenges
Since data in the public cloud is being stored by a third party and accessed over the internet, several challenges arise in the ability to maintain a secure cloud. These are:
Visibility into cloud data: In many cases, cloud services are accessed outside of the corporate network and from devices not managed by IT. This means that the IT team needs the ability to see into the cloud service itself to have full visibility over data, as opposed to traditional means of monitoring network traffic.
Control over cloud data: In a third-party cloud service provider’s environment, IT teams have less access to data than when they controlled servers and applications on their own premises. Cloud customers are given limited control by default, and access to underlying physical infrastructure is unavailable.
Access to cloud data and applications: Users may access cloud applications and data over the internet, making access controls based on the traditional data centre network perimeter no longer effective. User access can be from any location or device, including bring-your-own-device (BYOD) technology. In addition, privileged access by cloud provider personnel could bypass your own security controls.
Compliance: The use of cloud computing services adds another dimension to regulatory and internal compliance. Your cloud environment may need to adhere to regulatory requirements such as HIPAA, PCI and Sarbanes-Oxley, as well as requirements from internal teams, partners and customers. Cloud provider infrastructure, as well as interfaces between in-house systems and the cloud, are also included in compliance and risk management processes.
Cloud-native breaches: Data breaches in the cloud are unlike on-premises breaches, in that data theft often occurs using native functions of the cloud. A Cloud-native breach is a series of actions by an adversarial actor in which they “land” their attack by exploiting errors or vulnerabilities in a cloud deployment without using malware, “expand” their access through weakly configured or protected interfaces to locate valuable data, and “exfiltrate” that data to their own storage location.
Misconfiguration: Cloud-native breaches often fall to a cloud customer’s responsibility for security, which includes the configuration of the cloud service. Research shows that just 26% of companies can currently audit their IaaS environments for configuration errors. Misconfiguration of IaaS often acts as the front door to a Cloud-native breach, allowing the attacker to successfully land and then move on to expand and exfiltrate data. Research also shows 99% of misconfigurations go unnoticed in IaaS by cloud customers. Here’s an excerpt from this study showing this level of misconfiguration disconnect.
Expert’s View
Trishneet Arora, Founder and CEO, TAC Security, “IoT has evolved at a pace and scale like never before in the new normal world. With the world increasingly assuming a connected ecosystem nature, the likely fallout will be in form of higher complexities and vulnerabilities in the cybersecurity value chain that will require an advanced level of preparedness to fend off threats. The need of the hour is to equip security professionals with a simplified framework that gives them a real-time understanding of aspects requiring immediate attention.”
Satya Machiraju, VP, Information Security, Whatfix, “With digital transformation gaining momentum, it is imperative for businesses to review security approaches in order to stay ahead of digital adversaries. As more and more organizations use clouds (IAAS, PAAS, SAAS), security measures must be monitored and updated to protect them from various threat vectors. With the wider adoption of cloud services, the hacker spotlight on cloud adoption accelerates and security teams cannot rely on manual processes or DevOps to handle security as per the organization’s risk appetite.
In order to automate cloud security controls and fully secure cloud-native applications, every organization need to adopt a Zero Trust architecture. Organisations need to invest in securing endpoints and validating the identities of users in a comprehensive manner. Businesses must invest in technology that makes use of AI and ML to analyse user behaviour and challenge the user’s access attempt without degrading the overall user experience. Moreover, organizations need to implement a comprehensive cybersecurity training program to upskill their security teams for adequately preparing them to defend their operations in the new normal”.
Trends Shaping Cloud Security in 2022
Supply Chain Attacks
Cybersecurity defenders should focus on cutting off attackers’ ability to move laterally by reducing entitlements and privileges for all internal and external identities (including machine identities) that are allowed to access cloud resources
Cloud Breaches Will Be a Fact of Life
McKinsey & Co. has noted that the pandemic has forced many enterprises to leapfrog years in their use of the cloud during the lockdown period. But it hasn’t been a smooth transition, and security has suffered in some cases; 40% of companies have suffered a cloud-based data breach. In 2022, expect every organization to endure at least one cloud breach.
Businesses should focus on reducing their cloud attack surface and containing the blast radius if a hacker breaches their security controls. They should invest in tools that provide visibility into cloud identities and give defenders a clear picture of the potential damage that could follow a breach so they can respond quickly and connect with all the stakeholders.
Cloud Maturity – The Key Differentiator
Companies that are in the early stages of their cloud migration are at a greater risk than those that are optimizing their existing infrastructure. Expect those organizations in the building stages of cloud development to suffer more breaches.
Cloud-native companies have an advantage here since they typically have a better understanding of the complexities associated with managing the security posture of cloud infrastructures to protect their data and assets, rather than relying on platform providers to step in.
Cybersecurity professionals should focus on building security controls for identities, access and configurations into their cloud migration roadmap at every stage.
Machines – the New Sweet Spot
Organizations have become wiser about improving security among their users by leveraging multi-factor authentication (MFA) and single sign-on (SSO) to prevent credential abuse and mishandling. As more organizations improve security on the human front, cybercriminals will look to open new fronts by targeting machine and service identities. These have already been exploited in almost every cloud breach to help attackers access data or move laterally within systems. This is primarily because machine and service identities are created by developers to enable other functions that are outside the wheelhouse of cybersecurity.
This needs to change. Faced with a shortage of cyber security talent, organizations need to leverage tools that can serve as a force multiplier for security staff. Automation can help with cybersecurity by identifying and prioritizing the risks connected to machine identities and their entitlements, as well as automating the remediation of those risks.
