The Threat Against Cloud Storage: Protecting Digital Systems
Cloud storage has revolutionised the data game.
The managed service can offer a range of benefits for enterprises, including helping them to save on costs, improving data accessibility and providing robust backup and recovery options should a company need them.
However, with all its opportunities, cloud environments are becoming more complex, which can cause increased challenges for businesses - particularly in highly regulated industries. Storing sensitive information in the cloud can make it a target for data breaches and malicious activity by threat actors. This can potentially lead to unauthorised access and data theft, in addition to the public having privacy concerns.
To mitigate these issues, it is paramount that companies ensure their security measures are strong. With insights from KPMG, IBM, Kyndryl and Persistent Systems, we examine how the current cybersecurity landscape is evolving in line with cloud storage developments.
The executives in this feature offer advice on what businesses will need to be mindful of moving forward and how they can leverage cloud storage to remain digitally agile, whilst protecting their customer data.
Adapting to a changing security landscape
The cloud landscape keeps changing and becoming more complex, with legacy systems unable to handle today’s new threat environments. With AI adoption continuing to rise and data being central to enterprise success, data security is becoming a more significant concern for businesses.
In response, the security landscape is evolving in tandem with these cloud storage concerns, with organisations moving to protect the data of its workforce and clients. As Nataraj Nagaratnam, Global CTO for Cloud Security at IBM, explains, concerns like data theft are currently a leading cloud security threat.
“Effectively addressing and preventing data theft requires a data-centric security, compliance and resilience strategy,” he says. “Cloud providers have a responsibility to not only monitor the threat landscape but provide their clients with the necessary technology to protect the data they are entrusted with.”
In order to confront cyber threats, businesses must evolve to embrace new cloud-based technologies. Often, legacy infrastructure lacks advanced security features to keep up with new digital threats, which can make it challenging for businesses to detect and respond to cyber threats.
Ben Scowen,β―Vice President UK&I Cloud & Core Leader at Kyndryl, notes that businesses must evolve to embrace new cloud-based technologies - which involves changing the benchmarks for security. Too often, organisations continue to face challenges when it comes to implementing strong cloud security measures.
“The cybersecurity landscape has significantly expanded to accommodate evolving IT environments,” he explains. “Although organisations have invested in layered, in-depth security point solutions, the siloed approach makes it difficult to grapple with the growing sophistication and frequency of cyberattacks.
“Security leaders need to shift from the current siloed security approach to a new zero trust architecture, an integrated framework that is underpinned by governance across five elements: identity, device, network, apps and data.”
With a robust framework, the cloud can help to enhance the security posture of a company. In order to protect sensitive information, businesses will benefit from researching reputable cloud providers with strong security measures, in addition to developing a clear cloud security strategy that includes employee training and regular audits.
“Safeguarding data integrity and protecting against cyber threats have become more crucial than ever,” says Barath Narayanan, Global BFSI and Europe Geo Head at Persistent Systems. “By integrating security from the outset, organisations not only enhance their resilience to cyber threats but also streamline compliance with regulatory frameworks.”
In order to protect valuable data assets, it is necessary to monitor the cloud to detect vulnerabilities and unusual activity.
“Continuous monitoring in conjunction with the adaptation of existing or the introduction of new operational processes is critical,” comments Adrian Bradley, Head of Cloud Transformation at KPMG.
Embracing data regulations
As the regulatory landscape continues to develop, organisations are being advised to consider emerging cloud regulations to ensure compliance. This will ensure a focus on data across all industries.
To do this, business leaders can ensure that their company understands specific regulatory requirements relevant to their industry and geographic location. Regulations like GDPR in Europe, CCPA and HIPAA impose clear rules on how data must be handled.
“We have moved into a data-centric world,” Nataraj explains. “Enterprises need to stay on top of regulations that focus on data privacy and data resilience. As businesses attempt to manage the complex regulatory landscape, they can employ a sovereign cloud approach to ensure their data can remain in-country, up and running at all times, assure data privacy or comply with the latest regulations.
With the new GDPR regulations in the EU, notification of a breach will be mandatory within the first 72 hours of an organisation becoming aware. Individuals holding personal data will be allowed to gain confirmation from the organisation over if their personal data is being processed and for what purpose.
With this in mind, businesses must consider how they can protect their data and maintain the trust of their regulators. Choosing a cloud provider that allows transparency and control over data processing activities is essential so that businesses can best navigate the complex regulatory landscape, whilst maintaining trust.
“Businesses need to be mindful of these regulations when they’re designing or implementing new systems, ensuring they adopt a “secure by design” mindset,” Ben notes. “Data protection in data processing procedures is best adhered to when it is already integrated into the technology.”
Likewise, Adrian notes that operating cloud environments to address regulatory requirements is essential. He advises that organisations form “common control frameworks” to ensure compliance.
“Crucially, these controls and checks that are in place need to be automated throughout the cloud journey,” he says.
Maintaining transparency and control over data processing activities is just as vital, as Barath explains.
“Advanced data governance tools can automate the documentation process, ensuring accurate and accessible records for audits,” he notes. “Being prepared for data breach notifications is another imperative. Establishing incident response plans and utilising cloud platforms with built-in security incident management capabilities facilitates timely detection, response, and compliance with reporting obligations.
“Regularly testing these incident response plans through simulations ensures all stakeholders are prepared to act swiftly in the event of a breach.”
Leveraging cloud storage to gain insights
With a robust data foundation, businesses can leverage analytics to gain insights from data sources such as the Internet of Things (IoT).
IoT devices generate vast amounts of data that needs to be stored and processed effectively. Cloud storage is able to make this easier to manage and access from anywhere with an internet connection, providing greater insights for improved decision-making.
“IoT devices collect huge amounts of data, only some of which is ordinarily used for analytics,” Adrian explains. “Cloud storage and analytics hold the key to unlocking the valuable insights in this data. This may be on pricing, customer behaviour and competitors, while also supporting preventative measures against fraud and ransomware.”
However, having a clear cybersecurity strategy remains important to protect sensitive IoT data that can be exploited.
“Choosing the right cloud service provider is key, ensuring businesses can efficiently store, manage, and access vast amounts of data,” Barath suggests. “Security and efficiency in data storage are important, particularly in multi-cloud environments. Optimising data placement ensures that information is stored as close as possible to where it will be processed, minimising latency and enhancing overall system performance.
“Moreover, efficient data storage practices contribute to cost savings by reducing unnecessary data transfer and storage expenses.”
By uncovering patterns and trends within IoT data, businesses can make informed decisions that drive innovation. With use cases ranging from optimising supply chain logistics or personalising customer experiences, insights gained from IoT data can work to empower organisations to stay competitive in a rapidly changing market landscape.
Barath adds: “The integration of IoT data with emerging technologies like edge computing and 5G networks holds promise for further enhancing data processing capabilities. Edge computing reduces latency by processing data closer to its source, while 5G networks offer higher bandwidth and faster data transmission speeds, enabling real-time analytics and decision-making at scale.”
To read the full story in the magazine click HERE
βββββββ**************
Make sure you check out the latest edition of Technology Magazine and also sign up to our global conference series - Tech & AI LIVE 2024
**************
Technology Magazine is a BizClik brand