The Future of Cybersecurity Is in the Cloud

save
Share and earn Cybytes
Facebook Twitter Google+ LinkedIn Email

For decades we have feared the cloud.  During my time working counterintelligence for the FBI, we feared the Internet so much that agency computers functioned solely on an isolated intranet connected via hard cables. It’s no wonder to me that that government has still not embraced the unlimited processing power cloud computing affords.  But despite the fact that utilization of the cloud has become ubiquitous – we store our photos and memories, email accounts, business files and our very identities there – many companies fear the cloud: how can I control and secure my information if I give it to someone else?

This concern has made cloud computing one of the more polarizing issues for IT professionals.  Many opponents of the cloud point to the fact that not all cloud services are equal in their dedication to security:

  • Poor configuration of the cloud can lead to circumvention of internal policies that classify sensitive data and protect access to it.
  • Not all cloud services offer strong authentication, encryption (both in transit and at rest) and audit logging.
  • Failure to isolate a user’s data from other tenants in a cloud environment together with privacy controls that are not robust enough to control access
  • Failure to maintain and patch to ensure that known flaws are not exploited in the cloud service.

The fears are understandable.  The last three years have shown an extraordinary explosion of cyberattacks, both against individual companies and users and within the cloud.  The global WannaCry and NotPetya attacks from early 2017 thrust ransomware into the public’s consciousness.  Our first cyber pandemic compromised more than 300,000 computers across 150 countries.  The threat of ransomware is not an idle one. The massive shift in ransomware as an exploit suggests that organizations and individuals continue to place security on the back burner, that our current security practices are inefficient and deficient, and that a cardinal change in our approach to cybersecurity is not only warranted, but critical.  In 2017 ransomware most often targeted technology companies, government agencies, non-profit organizations, and legal firms.  Financial organizations, healthcare providers and retail stores were the top three industries targeted by malware in 2017.

 

According to the 2017 Cost of Data Breach Study: Global Overview (Ponemon Institute, June 2017), the average total cost of a data breach is $3.62 million. The average cost for each lost or stolen record containing sensitive and confidential information is $141.  While these costs decreased overall from 2016 to 2017, the numbers remain astronomical, particularly to small businesses who may be unable to recover from data breach liability.  No industry is safe from cyberattacks and cyberattacks continue to grow, year after year.

Cloud security must grow and evolve to face these threats and provide a bulwark of defense for the consumers that leverage the efficiencies and advantages cloud services provide.  In addition to offsetting the fear highlighted above through good security practices by the cloud security vendor, cloud services can take security one step further.  Cloud services can not only secure data within the cloud, but can leverage the transformative cloud industry to secure the endpoint users that use the service.

Cloud Security is the future of cybersecurity.

Cyberattacks like the WannaCry/NotPetya pandemic and the extraordinary growth of ransomware are often launched by sophisticated attackers – sometimes state sponsored – that bowl over traditional and legacy security.  The modern attackers are cyber spies that use traditional espionage tactics, together with innovative and disruptive malware to bypass passive, defense-based security measures.  To defeat such attacks, security must transform itself into an active profile that hunts today’s attacks as aggressively as it predicts the threats of tomorrow.

There is no greater transformative agent than the cloud. 

To predict and defeat attacks in real time, cybersecurity must move to the cloud.  The future of cybersecurity is cloud security.  The cloud can leverage big data and instant analytics over a large swath of end users to instantly address known threats and predict threats that seek to overwhelm security. 

Cloud security must create a collaborative approach that analyzes event streams of normal and abnormal activity across all users to build a global threat monitoring system.  Because many different users leverage the same cloud environment, cloud security is particularly suited to building a collaborative environment that instantly predicts threats through a worldwide threat monitoring system and shares threats among all users under the cloud umbrella. 

Cyberattacks continue to disrupt our way of life with innovative new approaches to seeding malware and stealing our data.  Security must in turn actively work to disrupt the cyber spies, attackers and terrorists through a collaborative security approach that leverages the big data and analytics that thrive within the cloud.  We’ve come a long way from my days on the FBI Intranet.  It’s time to fully embrace the future of security.  That future is within the cloud.

The good news is that the future of cloud security is now.  Carbon Black’s Predictive Security Cloud has innovated security in a manner that will frustrate cyber spies for years to come. Carbon Black’s new technology collects and analyzes unfiltered endpoint data to make predictions about, and protect against, future, and unknown attacks.  This allows Carbon Black’s Predictive Security Cloud to identify attacks that other endpoint security products miss, and provides visibility into attacks that evolve over time.  In other words, Carbon Black hunts threats before the attacker begins to hunt you.

The Predictive Security Cloud uncovers threats, patterns, and indicators invisible to other approaches, looking upstream to the root cause of attacks to better predict future ones.  This is possible because the cloud allows us to leverage bid data analytics across all endpoints under Carbon Black management.  The Predictive Security Cloud is also simple to use and allows seamless unification with the rest of the security stack to create new workflows and extend the value of the platform. 

This new approach to security will not only level the playing field between the attacker and security, it will provide security an advantage.  Cyberattacks rely on stealth and surprise to disrupt, destroy and steal – the tools of a spy. 

The Cb Predictive Security Cloud works like a counterintelligence agency that hunts the spies before they attack.  This innovative approach is the next generation of security.


Carbon Black recently published a series of essays about the experiences of experts in the field on information security as they moved their endpoint security program to the cloud; this is one of those essays. To read the full series check out 7 Experts on Moving to a Cloud-Based Endpoint Security Platform.

The post The Future of Cybersecurity Is in the Cloud appeared first on Carbon Black.

Share this post and earn Cybytes
Facebook Twitter Google+ LinkedIn Email
Follow
75 Followers
About Carbon Black, Inc.
Carbon Black is the leading provider of next-generation endpoint security. Carbon Black’s Next-Generation Antivirus (NGAV) solution, Cb Defense, leverages breakthrough prevention technology, “Streaming Prevention,” to instantly see and stop cyberattacks before they execute. Cb Defense uniquely combines breakthrough prevention with market-leading detection and response into a single, lightweight agent delivered through the cloud. With more than 7 million endpoints under management, Carbon Black has more than 2,500 customers, including 30 of the Fortune 100. These customers use Carbon Black to replace legacy antivirus, lock down critical systems, hunt threats, and protect their endpoints from the most advanced cyberattacks, including non-malware attacks.
Promoted Content
7 Experts on Moving to a Cloud-Based Endpoint Security Platform
Everyday companies put more of their assets in digital form. Healthcare records, retail purchases and personnel files are just some of the many examples of how our entire lives have moved online. While this makes our interconnected lives more convenient, it also makes them more vulnerable to attack. The monetary benefits of exploiting these vulnerabilities have created an extremely profitable underground economy; one that mimics the same one we all participate in and has led to an increase in the sophistication and frequency of attacks. At the same time, mobility and cloud are changing the security landscape. We’ve moved from a centralized to a decentralized model as end users increasingly work on-the-go and access critical business applications and resources from anywhere. As such there is more emphasis on the endpoint and individual identities - from both the defender and the attacker - than ever before. As endpoints become smarter, new challenges emerge: emerging ransomware and 0-day exploits infect all kinds of systems with ease, while many attackers use no malware at all to accomplish their malicious goals. With all this change, we spoke to 7 leading security experts to identify what’s working and how they’ve influenced their organization to make the necessary changes before becoming the next victim.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel