It seems like every year ends with some new trends in cloud computing and security – just like every year begins with predictions about cloud security. This year is no exception.
And cloud security should be a trending cybersecurity topic for 2018 because, as more organizations continue to bring cloud services into their business model, the risks increase. Hackers know you are using the cloud and they are going to target that vector more. For example, one cloud security trend I noted in recent months is that the cloud infrastructure is being used to spread malware to other cloud infrastructures.
Your data stored in the cloud is likely more at risk than you realize, according to McAfee’s Cloud Adoption and Risk Report. One finding in the report is that your organization likely experiences about 12 compromised account threats per month. These compromised accounts give hackers access to the data you’ve stored in a cloud service. And this type of threat has increased over the past year, likely due to more companies using services like Office365.
As long as companies rely on a public or hybrid cloud, the risks are going to be there, as Jeff Williams, co-founder and CTO, Contrast Security, told me in an email comment:
When companies leave the “safety” of their own data center or intranet, they’re exposed to new threats. Companies need to do a better job of understanding these threats and adding new protections to their cloud workloads.
Cloud service providers are paying attention to the increased risk. A more positive cloud security trend in 2018, according to Zach Malone, security engineer at FireMon, is that providers are increasingly adopting a “security by default” approach to reduce user error. Malone added in an email comment:
Configuration errors (which is a polite way of saying “human error” or “lack of knowledge”) have emerged as the leading cause of cloud breaches. To reduce human error, along with associated vulnerabilities and gaps in security defenses, cloud providers are starting to take steps toward providing users with a deeper understanding of their offerings and related security controls. They are also increasingly adopting a “security by default” approach, in which they take the security controls already built into their platforms and ensure they are "on by default."
It's not too surprising that cloud security trends are front and center this year, and that they are shifting in new ways. We depend on cloud services more than ever, and you know wherever the users and the data are, the hackers will follow.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba