For decades, businesses have feared the cloud. During my time working counterintelligence for the FBI, we feared the Internet so much that agency computers functioned solely on an isolated intranet connected via hard cables. Despite utilization of the cloud becoming ubiquitous – we store our photos and memories, email accounts, business files and our very identities there – many companies still fear the cloud. How can I control and secure my data and my customer’s information if I give it to someone else?
This concern made cloud computing one of the more polarizing issues for IT professionals. Many opponents of the cloud point to the fact that not all cloud services are equal in their dedication to security:
- Poor configuration of the cloud can lead to circumvention of internal protective policies
- No offer of strong authentication, encryption (both in transit and at rest) and audit logging
- Failure to isolate individual data from other tenants in a cloud environment
- Privacy controls are not robust
- Failure to maintain and patch to ensure flaws are not exploited
The fears are understandable. The last three years showed an extraordinary explosion of cyberattacks, both against individual companies and users within the cloud. The global WannaCry and NotPetya attacks from early 2017 thrust ransomware into the public consciousness. Our first cyber pandemic compromised more than 300,000 computers across 150 countries. The threat of ransomware is not an idle one – in 2016 ransomware was estimated to be a $1 billion crime. In 2017, ransomware is now estimated to be a $5 billion crime. That massive shift in ransomware as an exploit suggests that organizations and individuals continue to place security on the back burner, that our current security practices are inefficient and deficient and that a cardinal change in our approach to cybersecurity is not only warranted, but critical. In 2017, ransomware most often targeted technology companies, government agencies, non-profit organizations, and legal firms. Financial organizations, healthcare providers and retail stores were the top three industries targeted by malware in 2017.
According to the 2017 Cost of Data Breach Study: Global Overview (Ponemon Institute, June 2017), the average total cost of a data breach is $3.62 million. The average cost for each lost or stolen record containing sensitive and confidential information is $141. While these costs decreased overall from 2016 to 2017, the numbers remain astronomical, particularly to small businesses who may be unable to recover from data breach liability. No industry is safe from cyberattacks and cyberattacks continue to grow, year after year.
Cloud security must grow and evolve to face these threats and provide a bulwark of defense for the consumers that leverage the efficiencies and advantages cloud services provide. In addition to offsetting fear through solid security practices by the cloud security vendor, cloud services can take security one step further. Cloud services can not only secure data within the cloud, but leverage the transformative cloud industry to secure endpoint users that use the service.
Cloud security is the future of cybersecurity
Cyberattacks like the WannaCry/NotPetya pandemic and the extraordinary growth of ransomware are often launched by sophisticated attackers that bowl over traditional and legacy security. The modern attackers are cyber spies that use traditional espionage tactics with innovative and disruptive malware to bypass passive, defense-based security measures. To defeat such attacks, security must transform itself into an active profile that hunts today’s attacks as aggressively as it predicts the threats of tomorrow.
There is no greater transformative agent than the cloud
To predict and defeat attacks in real time, cyber security must move to the cloud. The cloud can leverage big data and instant analytics over a large swath of end users to instantly address known threats and predict threats that seek to overwhelm security. Cloud security must create a collaborative approach that analyzes event streams of normal and abnormal activity across all users to build a global threat monitoring system. Because many different users leverage the same cloud environment, cloud security is particularly suited to building a collaborative environment – instantly predicting threats through worldwide threat monitoring and sharing threats among all users under the cloud umbrella.
Cyberattacks continue to disrupt our way of life with innovative new approaches to seeding malware and stealing our data. Security must in turn actively work to disrupt the cyber spies, attackers and terrorists through a collaborative security approach that leverages the big data and analytics that thrive within the cloud. We’ve come a long way from my days on the FBI Intranet. It’s time to fully embrace the future of security. That future is within the cloud.
Eric began his career in the FBI as a “Ghost” – an undercover field operative tasked to surveil and monitor foreign, national, and domestic terrorists and spies. During the Hanssen investigation, Eric worked directly undercover with the spy within the FBI’s Information Assurance Division – created to protect all classified FBI intelligence. Currently, Eric runs The Georgetown Group, a premier investigative and security consultancy out of Washington, DC. Eric is also the National Security Strategist for Carbon Black, the leader in next generation endpoint protection.
A talented motivational speaker who weaves real life experiences into a presentation that is both entertaining and rewarding, Eric O’Neill provides practical insights into real work situations relevant to many industries.