In early 2020, a security researcher discovered a non-password-protected database that was accessible to anyone on the Internet. The database belonged to Estee Lauder Companies and was part of its education platform. It contained user emails in plain text as well as IP addresses, ports, pathways, and storage information that malicious actors could exploit to gain deeper access into the network. Unencrypted production, audit, error, CMS, and middleware logs were also exposed, creating more possible backdoors into the network.
The company remediated the exposure on the same day that it was discovered and assured its customers that no consumer data was compromised. Despite minimal damage, there are at least three important lessons that we can learn from this breach:
Effective asset discovery and management are critical to security
Beware of the agility and ease with which cloud resources can be provisioned
Data should always be encrypted, even in non-production databases
THE SECURITY DNA
According to Canalys’ recently published review of cybersecurity, there were more data breaches over the course of 2020 than in the previous 15 years combined: 300 reported breaches (up 119% from 2019), during which 31 billion data records were exposed (up 171% over 2019).
In this new age, enterprises need to embed security into their core DNA via a holistic approach: one that encompasses the entire organization, namely people, skills, and technology as well as processes and governance models. Modern firms adopt cloud solutions as fluctuating consumer needs and innovation goals vastly surpass the capabilities and budgets of hosting all workloads on on-premise datacenters. Migrating to the cloud, via hybrid and multi-cloud architectures, has multiple benefits, but it also comes with its fair share of challenges. You need to retain visibility, control, and security as you aggressively move to hybrid cloud and multi-cloud environments. At each stage of your cloud transformation journey, your cloud security management needs to stay ahead of fast-evolving threats.
We must ask ourselves, then, how can we plan for effective cyber resilience, and how can we do so in ways that actually scale well? What challenges do we face? How must we overcome them? Which approaches are useful and expedient, and which must we leave behind?
FROM BARRIER TO BUSINESS ACCELERATOR: THE SECURITY STANDPOINT ON CLOUD
Businesses have been drawn to the efficiency, elasticity and innovation of the cloud. Yet, on average, for 200 global senior IT executives in a Cloud outcomes survey: Expectation vs. reality conducted by Accenture in 2020, only 35 percent of organizations report they have fully achieved their expected outcomes from cloud and 65 percent identify “security and compliance risk” as the most frequent barrier.
While cloud offers new opportunities to modernize services and transform operations, security and compliance risk remains the greatest barrier to its adoption. The complexity of hybrid- and multi-cloud environments, the need to extend cloud capabilities to the edge and endpoints paired with a shortage of skills present numerous roadblocks to a cloud-first journey. With cloud being the new normal, a strong strategic shift is required to fortify threat management in the light of increasing complexity of cloud deployments for uninterrupted business anywhere, anytime.
“Wherever your business goes, whoever it works with, you need cybersecurity that covers it all.”
HYBRID CLOUD ARCHITECTURE: THE RED ALERTS
The modern cloud scenario is increasingly pivoting towards the hybrid and multi-cloud norm. IT professionals at enterprises around the world consider hybrid cloud environments to be the most secure cloud deployment option; indeed, 85% selected hybrid cloud as their ideal IT operating model. Enterprises sometimes assume that their cloud provider handles all aspects of cloud security, but in reality, cloud security is a shared responsibility. Service providers deploy and manage security of the entire stack, but firms need to be responsible for their operations and user actions. Nevertheless, common security challenges might present faulty access management, governance challenges, compliance loopholes, ineffective incident management, and much more. Following are some common threats: