Virtualization Technology News and Information
Article
RSS
Prepare to become cloud-resilient in 2024

Cloud technologies have democratized business. Using the cloud, small and medium-sized enterprises (SMEs) - once limited by the cost of on-premise infrastructure and labor - can leverage the same computing resources as multinational corporations. This level playing field has spurred innovation and growth, which is good news for organizations and consumers, who reap the benefits of increased market competition.

At this point, the cloud's promise is old news. Its exponential growth has continued undaunted for years, with Gartner predicting global public cloud spending will exceed $1 trillion by 2027. Most business leaders understand and respect the value of cloud computing.

However, increased accessibility encourages heightened risk. The volume and sophistication of cyber threats have escalated significantly in the wake of expanding cloud adoption. Industry research suggests that cybercrime will become a $10.5 trillion industry by next year, a stark increase from $3 trillion in 2015. Rising cybercrime reflects the world's growing reliance on digital infrastructure and cybercriminals' increasingly complex tactics.

Cloud environments make attractive targets

In 2019, cloud misconfigurations exposed nearly 33.4 billion records worldwide. And in 2022, 81% of organizations reported experiencing a cloud-related security incident. These stats underscore the attractiveness of cloud environments for malicious entities. But what makes the cloud such fertile ground for bad actors?

Although more secure than traditional on-premise infrastructure, cloud platforms require a specialized skillset to maintain. Many organizations neglect to properly update, service and troubleshoot their cloud environments, inviting vulnerabilities. Gaps in cybersecurity will become further problematic as cybercriminals get smarter. Generative AI is becoming more widely available and inexpensive, and hackers are deploying these tools to increase the speed and efficiency of their attacks.

Additionally, many organizations migrate to the cloud without adequately improving their cybersecurity posture. Legacy approaches to cybersecurity are simply unacceptable for monitoring and protecting a cloud environment.

Moreover, breaches in cloud environments are often more lucrative. While on-premise infrastructure is easier to breach, these environments are more challenging for hackers to navigate. Doing so requires a port scanner to identify vulnerabilities and critical data. Cloud environments, on the other hand, enable hackers to browse data as a native user - in effect allowing them to "shop" for their preferred data.

IT leaders must embrace cloud computing

Recent stats about cloud insecurities may persuade leaders to pursue other alternatives to data storage and computing needs. Yes, there's utility in a hybrid approach to cloud adoption. However, outright rejection of the cloud is dangerous to business continuity in an increasingly digital world.

According to McKinsey, cloud migration unlocks up to $1 trillion in business value. This value derives from IT cost optimization, risk reduction and the digitization of core operations via cloud computing. Furthermore, the cloud improves innovation through access to analytics, AI and automation use cases while accelerating product development and enabling superior scalability. Finally, there are the immediate cost benefits of cloud adoption: lower infrastructure, hardware and labor costs and fewer ongoing maintenance bills.

Organizations opting out of the cloud simultaneously opt out of supreme competitive advantage. Therefore, the decision isn't whether to adopt cloud computing or storage; instead, it's how to meaningfully protect these systems after adoption.

...while remaining vigilant about its insecurities

Improved cloud security demands a shift in mindset - from a reactive posture to a proactive and dynamic approach that integrates security into daily operations.

A cultural shift is important for several reasons, perhaps most importantly because human error remains the cause of up to 95% of data breaches. Employees probably understand the value of cloud migration, but do they understand its implications? The answer is often no. Accordingly, leaders should helm trainings emphasizing the importance of basic cyber hygiene. Solutions as simple as mandated password changes can make all the difference.

Security literacy training should be accompanied by essential upgrades in cybersecurity infrastructure, including:

  • Multi-factor authentication (MFA). Using a secondary device to verify access, MFA ensures that new login attempts belong to authorized users.
  • Encryption protocols. Encrypted data is unreadable without a key, making data breaches less costly and cloud privacy more absolute.
  • 1-2-3 backup schemes. If data is lost, stolen or destroyed, second and third backups - typically stored in separate locations - ensure continuous operations.
  • Disaster recovery (DR) plans. DR plans enable quicker recovery following a disaster, leading to better uptime.
  • Continuous penetration testing. Penetration testing validates an organization's defense protocols by simulating attacks and assessing vulnerabilities. Continuous penetration testing is particularly valuable in the digital age because a slight change in software - a daily occurrence - can have serious consequences for cybersecurity.

Cloud fortification typically falls under the purview of a senior IT leader or chief information security officer (CISO). In some cases, it may be the responsibility of a third-party partner, such as a managed service provider (MSP). Regardless, this primary stakeholder must ensure cloud platforms and tools are frequently updated and maintained, as outdated infrastructure is another common vulnerability for hackers to exploit.

2024 is the year of cloud resilience

Leaders who prioritize a robust cybersecurity program in 2024 will discover that the same innovative technologies emboldening hackers - GenAI, automation and machine learning (ML) - can also significantly improve organizational security. For example, ML-powered continuous penetration testing systems can learn from successive tests and autonomously provide insights about an organization's cloud vulnerabilities, improving efficiency and reducing labor-related costs.

The secret lies in testing these technologies alongside tried-and-true cybersecurity infrastructure. In 2024, we'll see IT leaders and MSPs reach new heights as they work to keep pace with their hacker counterparts.

##

ABOUT THE AUTHOR

Jonathan Lerner 

As President and CEO at InterVision, Jonathan Lerner thrives on pushing the boundaries of what's possible, transforming business through the evolutionary power of leading-edge technology. Jonathan has spent the last two decades inspiring high-performance teams to define market-differentiating strategies that deliver operational excellence and drive profitable revenue growth. His executive leadership spans multiple industries, including financial services, capital markets, technology services, professional and managed services, retail, logistics, distribution, public sector, and telecom.

Published Monday, February 12, 2024 7:32 AM by David Marshall
Filed under: ,
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<February 2024>
SuMoTuWeThFrSa
28293031123
45678910
11121314151617
18192021222324
252627282912
3456789