For decades we have feared the cloud. During my time working counterintelligence for the FBI, we feared the Internet so much that agency computers functioned solely on an isolated intranet connected via hard cables. It’s no wonder to me that that government has still not embraced the unlimited processing power cloud computing affords. But despite the fact that utilization of the cloud has become ubiquitous – we store our photos and memories, email accounts, business files and our very identities there – many companies fear the cloud: how can I control and secure my information if I give it to someone else?
This concern has made cloud computing one of the more polarizing issues for IT professionals. Many opponents of the cloud point to the fact that not all cloud services are equal in their dedication to security:
- Poor configuration of the cloud can lead to circumvention of internal policies that classify sensitive data and protect access to it.
- Not all cloud services offer strong authentication, encryption (both in transit and at rest) and audit logging.
- Failure to isolate a user’s data from other tenants in a cloud environment together with privacy controls that are not robust enough to control access
- Failure to maintain and patch to ensure that known flaws are not exploited in the cloud service.
The fears are understandable. The last three years have shown an extraordinary explosion of cyberattacks, both against individual companies and users and within the cloud. The global WannaCry and NotPetya attacks from early 2017 thrust ransomware into the public’s consciousness. Our first cyber pandemic compromised more than 300,000 computers across 150 countries. The threat of ransomware is not an idle one. The massive shift in ransomware as an exploit suggests that organizations and individuals continue to place security on the back burner, that our current security practices are inefficient and deficient, and that a cardinal change in our approach to cybersecurity is not only warranted, but critical. In 2017 ransomware most often targeted technology companies, government agencies, non-profit organizations, and legal firms. Financial organizations, healthcare providers and retail stores were the top three industries in need of increased malware protection in 2017.
According to the 2017 Cost of Data Breach Study: Global Overview (Ponemon Institute, June 2017), the average total cost of a data breach is $3.62 million. The average cost for each lost or stolen record containing sensitive and confidential information is $141. While these costs decreased overall from 2016 to 2017, the numbers remain astronomical, particularly to small businesses who may be unable to recover from data breach liability. No industry is safe from cyberattacks and cyberattacks continue to grow, year after year.
Cloud security must grow and evolve to face these threats and provide a bulwark of defense for the consumers that leverage the efficiencies and advantages cloud services provide. In addition to offsetting the fear highlighted above through good security practices by the cloud security vendor, cloud services can take security one step further. Cloud services can not only secure data within the cloud, but can leverage the transformative cloud industry to secure the endpoint users that use the service.
Cloud Security is the future of cybersecurity.
Cyberattacks like the WannaCry/NotPetya pandemic and the extraordinary growth of ransomware are often launched by sophisticated attackers – sometimes state sponsored – that bowl over traditional and legacy security. The modern attackers are cyber spies that use traditional espionage tactics, together with innovative and disruptive malware to bypass passive, defense-based security measures. To defeat such attacks, security must transform itself into an active profile that hunts today’s attacks as aggressively as it predicts the threats of tomorrow.
There is no greater transformative agent than the cloud.
To predict and defeat attacks in real time, cybersecurity must move to the cloud. The future of cybersecurity is cloud security. The cloud can leverage big data and instant analytics over a large swath of end users to instantly address known threats and predict threats that seek to overwhelm security.
Cloud security must create a collaborative approach that analyzes event streams of normal and abnormal activity across all users to build a global threat monitoring system. Because many different users leverage the same cloud environment, cloud security is particularly suited to building a collaborative environment that instantly predicts threats through a worldwide threat monitoring system and shares threats among all users under the cloud umbrella.
Cyberattacks continue to disrupt our way of life with innovative new approaches to seeding malware and stealing our data. Security must in turn actively work to disrupt the cyber spies, attackers and terrorists through a collaborative security approach that leverages the big data and analytics that thrive within the cloud. We’ve come a long way from my days on the FBI Intranet. It’s time to fully embrace the future of security. That future is within the cloud.
The good news is that the future of cloud security is now. Carbon Black’s Predictive Security Cloud has innovated security in a manner that will frustrate cyber spies for years to come. Carbon Black’s new technology collects and analyzes unfiltered endpoint data to make predictions about, and protect against, future, and unknown attacks. This allows Carbon Black’s Predictive Security Cloud to identify attacks that other endpoint security products miss, and provides visibility into attacks that evolve over time. In other words, Carbon Black hunts threats before the attacker begins to hunt you.
The Predictive Security Cloud uncovers threats, patterns, and indicators invisible to other approaches, looking upstream to the root cause of attacks to better predict future ones. This is possible because the cloud allows us to leverage bid data analytics across all endpoints under Carbon Black management. The Predictive Security Cloud is also simple to use and allows seamless unification with the rest of the security stack to create new workflows and extend the value of the platform.
This new approach to security will not only level the playing field between the attacker and security, it will provide security an advantage. Cyberattacks rely on stealth and surprise to disrupt, destroy and steal – the tools of a spy.
The Cb Predictive Security Cloud works like a counterintelligence agency that hunts the spies before they attack. This innovative approach is the next generation of security.
Carbon Black recently published a series of essays about the experiences of experts in the field on information security as they moved their endpoint security program to the cloud; this is one of those essays. To read the full series check out 7 Experts on Moving to a Cloud-Based Endpoint Security Platform.