Support 416-591-6711 option 1 or Email Us

Cybersecurity Measures Make Your Cloud Fortified, Not Fluffy

Wed, 10 Jul 2019

Clouds are fluffy-looking by nature. Clouds look like wispy cotton balls against the sky, with not much to them, and certainly no fortification. Don't let your business' cloud applications be viewed in the same way. Hackers will attack if they think your cloud is not properly fortified; that your organization's cloud cybersecurity measures are wispy. Hackers search for vulnerabilities in cloud cybersecurity, using it as an entry point to access a network and drive other attacks. Cloud computing, with its recovery ability, agility, and economic value, offers many advantages from on-premises computation and storage. The Cloud has revolutionized how we conduct business, allowing for more tailored applications and storage solutions and remote computational abilities. The Cloud also means cybersecurity must be addressed differently from that of on-premises security, and must be factored into the incident response strategy

Cybersecurity Measures Make Your Cloud Fortified, Not Fluffy

Giving up control is scary.

Cloud computing divides some IT professionals. How do you implement proper cybersecurity measures and protect data if you hand it over to someone else (or something else in the sense of The Cloud)? How do you take cloud cybersecurity into account in your incident response plan? Like all technology there are good cloud services, and questionable cloud services. Not all cloud services are equally dedicated to cloud cybersecurity. 

Common cloud cybersecurity concerns:

  • Poor configuration of the cloud, leading to cybersecurity circumvention
  • Weak authentication, in transit and at rest encryption, and audit logging
  • Weak boundaries between one user’s data and that of other tenants in a cloud environment
  • Ineffective privacy controls that are not strong enough to control access
  • Lack of maintenance and patching to safeguard against flaws 

Ensure you know the cybersecurity strengths and vulnerabilities of any cloud applications you employ. Cloud cybersecurity must evolve to better face these vulnerabilities, and to provide a stronger defence for consumers who want the benefits cloud services offer. Cloud cybersecurity and incident response needs to be the responsibility of both the user of, and the supplier of, the cloud services. 

Detecting cloud vulnerability

The cloud presents a range of cybersecurity challenges from hardware chip vulnerabilities to misconfigurations. Throughout 2018, simple storage services (S3) buckets showed themselves repeatedly to be a weakness for organizations with more than “70 million records stolen or leaked as a result of poor configuration.”[1] There was an upsurge in ransomware attacks against open databases, container deployment systems and serverless applications. Poor configuration was a common theme across all of these attacks. There is widespread availability of tools online that allow hackers to identify misconfigured cloud resources. If organizations do not take proper precaution in securing their cloud resources, then they are leaving themselves vulnerable to cyber-attacks. 

2018 saw several cases of exploited vulnerabilities in hardware chips. The Meltdown and Spectre threats were due to deficiencies in modern processors that allowed the theft of data in a process known as speculative execution. Meltdown ‘melted down’ the separation between user applications and the operating system, while Spectre violated the separation between various applications. Both of these have widespread reach, impacting desktop, laptop and cloud computers. When successfully exploited, hackers were able to gain access to customarily forbidden data locations.  

This is especially problematic for cloud services because, as Symantec points out in their 2019 Internet Security Risk Report (ISSR), “while cloud instances have their own virtual processors, they share pools of memory—meaning that a successful attack on a single physical system could result in data being leaked from several cloud instances.”[2] Variations of these attacks transpired throughout 2018, as attackers continue to focus on chip level vulnerabilities. The threat escalation in 2018 is indicative of advancing attacks and the future challenges that lie ahead for cloud cybersecurity. 

Symantec’s ISSR explained that "The same security mistakes that were made on PCs during their initial adoption by the enterprise are now happening in the cloud," pointing out that "A single misconfigured cloud workload or storage instance could cost a company millions of dollars or land it in a compliance nightmare."[3] Companies must prepare by having a cybersecurity incident response plan in place should a hacker exploit a misconfiguration or chip vulnerability.

Incident response and cybersecurity for the cloud

The cloud is full of opportunity as well as risk. Your cybersecurity posture should be risk-free; this starts with having a robust incident response plan. Protecting yourself from end-to-end is vital. Your organization requires a layered cybersecurity approach that unifies cloud and on-premises security and implements an incident response plan in case things go sideways. You want to protect users and data whether grounded, in the cloud or travelling between. Robust cybersecurity includes governing access, protecting information, defending against threats, and protecting workloads as they migrate to the cloud.

That said, no cybersecurity protection is perfect, and no single group of measures can ensure 100% cybersecurity for your business. You give your organization the best chance to protect your cloud infrastructure when you work with an experienced cybersecurity solutions partner, like ISA, to design and implement the cloud security solutions that can ensure a reasonably high level of protection. The most important step your organization can take to secure your network, including your cloud applications, is developing an incident response plan. 

Cybersecurity Measures Make Your Cloud Fortified, Not Fluffy

Incident response is proactive

The term incident response sounds reactive; it is the opposite. Incident response plans are a proactive approach to cybersecurity. Incident response plans are proactive because they plan and prepare for any incident eventuality. Incident response plans reflect the Scout’s motto to “be prepared,” so if you were (or aspire to be) an IT Scout throw your three-fingers in the air and create an incident response plan in partnership with a cybersecurity solutions specialist. 

ISA offers an incident response readiness service, supporting their clients through an incident response lifecycle. The first stage of which is incident response preparations. During Incident response preparations, you're ensuring that your network, including all cloud infrastructure, has adequate cybersecurity measures in place end-to-end. This step is the most important in the incident response lifecycle. Without proper incident response preparation, your incident response times will be slow, your incident response scattered with IT department members scrambling to contain the problem. Having a clear incident response strategy, knowing specific incident response roles, shrinking your attack surface, having appropriate cybersecurity software in place, and knowing where your most valuable assets are housed, will all help the speed of incident response should an attack successfully breach your defences. Having a cybersecurity incident response team of ISA specialists with over 25-years of experience in your back pocket will help during incident response by helping to contain and eradicate a threat quickly and efficiently. 

Your cloud applications shouldn't be fluffy; they should be fortified. Speak with ISA’s cybersecurity incident response specialists about how to go from fluffy to fortified.


‹ Back