Is data security still an afterthought for many businesses?

IoT and cloud computing are on the increase

High-profile cybersecurity breaches are increasingly in the news, a prime example being the NHS incident of May 2017 when services were brought to a standstill for several days though cancelled appointments and operations, at great financial and individual cost. You’d expect the desire to avoid unnecessary financial losses/liabilities and negative publicity would motivate organizations to implement appropriate cybersecurity systems in a world driven by tech and increased dependency on IoT and the cloud. Surprisingly, though, digital security is often very much a secondary consideration. A recent cybersecurity report carried out by ESG, revealed that participating security professionals believed their existing tools to be inadequate for safeguarding critical cloud data, even though their employers continued to invest heavily and with increasing speed, in cloud applications.

The same report divulged that 39% of respondents would only consider on-premises systems in exceptional circumstances. Additionally, more than half of those questioned expected around half of their data to be moved to the cloud over a 12-month timeframe and that a significant proportion of said data would be sensitive. Considering that cloud-first strategies are gaining momentum because of the numerous benefits they offer, it is somewhat alarming that over two thirds of those surveyed stated that they lacked the tools within the cloud to safeguard sensitive company information. With IoT and interconnectivity becoming increasingly the norm, it begs the question as to why are so many cybersecurity systems/practices not fit for purpose?

Mitigation Security

COVID-19 has accelerated the cloud migration

There’s no denying that pandemic has accelerated the transition to the cloud, with businesses scrambling to quickly collate the necessary IT infrastructure to support home working without considering the security aspects. Many facilities managers are still of the mindset that enabling remote working is just a case of issuing login details with little understanding of the security risks associated with home broadband equipment or the vast range of personal devices being used. What’s even more astonishing is that some believe that implementing multiple security layers slows down performance and hinders innovation on account of over complex procedures. Cybercriminals have been quick to capitalise this naivety and the daily number of cyberattacks have skyrocketed since the outbreak of COVID-19.

So, what’s going wrong?

Companies with modest IoT deployments often don’t factor-in security unless they’re specifically requested to do so, because many of their end customers believe it to be overkill because of perceived costs versus perceived risk. These short-sighted attitudes are somewhat baffling in a digital world because if cybersecurity is left unchecked, not only will it impact a business’s ability to trade, associated liability costs can run into millions.

While most localised IT systems have a dedicated IT security team to safeguard a company’s valuable assets, different requirements come into play when protecting assets stored in the cloud. The two biggest considerations are firewalls and data encryption. Firewalls are essential because bots and hackers will easily identify weaknesses and take advantage. Encryption is needed because in the event of a security breach, the data cannot be compromised quite so easily. It is also essential to have a carefully designed architecture to mitigate the risk of a security breach in the first place. More specifically:

• Include partitioning – with different levels of access control
• Enable traceability – so an audit trail can be quickly generated in the event of an incident Apply multilayer security – for enhanced protection and to mitigate weak spots
• Introduce proactive monitoring – so potential threats can be swiftly dealt with
• Automate manual processes to remove the risk of mishandling or modification Implement incident management and investigation policy and processes that align to your organizational requirements.

Perception versus reality

Far too many businesses, particularly smaller ones, are of the mindset that migrating their IT systems to the cloud, where all data security matters are taken care of on your behalf, will cause unnecessary upheaval compared to the perceived risks. Others are fearful about losing control, while some are simply too overwhelmed by the prospect of change or lack the support of colleagues to make that change.

These views are somewhat naive if not dangerous because cloud companies like Amazon Web Services and other public cloud providers have invested millions in building robust cybersecurity infrastructures to protect their customers’ data, accounts, and workloads from unauthorized access whilst enabling them to operate more efficiently and cost effectively.

Cybercriminals are becoming more sophisticated all the time, so regarding cyber security as a “bolt-on” to an existing system no longer cuts the mustard. The world is reliant on digitization and IoT and automation are gaining momentum so businesses deciding to ignore data security will be doing so at their own peril.

By Jonathan Custance

Anita Raj

Post-COVID: What decisions are leaders taking about digital transformation in 2021?

Digital transformation in 2021 If organizations were once only talking about digital transformation (DX), in 2020, it was all about translating that talk into some real action. When the pandemic hit and businesses were disrupted, ...
Jim Fagan

Behind The Headlines: Capacity For The Rest Of Us

Capacity For The Rest Of Us We live in the connected age, and the rise of cloud computing that creates previously unheard of value in our professional and personal lives is at the very heart ...
Martin Mendelsohn

How Will COVID-19 Impact Security Talent?

New Security Talent As we emerge from the era of COVID-19, unemployment will recede, and new jobs will be created more rapidly than jobs were lost between March and May of this year. We’re already ...
Ronald van Loon

How Continued Learning Can Help Data Scientists Solve Industry-Specific Challenges

Data scientists are, first and foremost, problem solvers. But new problems can’t always be solved with old tricks.Currently organizations in every industry are experiencing overwhelming challenges, many of them emerging from shifts to digital, the ...
Business Virtual

Open Virtual Exchange (OVX) – Helping DSPs Fast Track the Monetization of SDWAN

Open Virtual Exchange (OVX) Bring agility and speed to market with intelligent network automation Digital Service Providers (DSPs) do have high expectations from virtual network services such as Software-Defined WAN (SD-WAN), as it promises to ...

PROXY SERVICES

The CloudTweaks technology lists will include updated resources to leading services from around the globe. Examples include leading IT Monitoring Services, Bootcamps, VPNs, CDNs, Reseller Programs and much more...

  • Smartproxy

    Smartproxy

    Smartproxy is a rising star in the constantly growing proxy market. Smartproxy offers awarded customer service, impressive performance, and is serious about your anonymity (yes, cybersecurity matters). The latest features developed by Smartproxy are 30 minute long sticky sessions and Google Proxies. Rumor has it, the latter guarantee 100% success rate

  • Bright Data

    Bright Data

    Bright Data’s network is one of the most robust of its kind globally. Here are its stark advantages: Extremely stable connection for long sessions (99.99% uptime guaranteed). Free to integrate with our Proxy Manager which allows you to define custom rules for optimized results. Send unlimited concurrent requests increasing speed, cost-effectiveness, and overall efficiency.

  • Rsocks

    Rsocks

    RSocks team offers a huge amount of residential plans which were developed for plenty of tasks and, most importantly, has been proved to be quite efficient. Such variety has been created on purpose to let everyone choose a plan for a reasonable price, online, rotation and other parameters.

  • Storm Proxies

    Storm Proxies

    Storm Proxies' network is optimized for high performance and fast multi-threaded tools. You get unlimited bandwidth. No hidden costs, no limits on bandwidth. Try Storm Proxies 100% Risk Free. If you are not happy with the service email us within 24 hours of purchase and we will refund you.