Cloud computing makes data omnipresent. Thus, the pervasiveness of data requires protection and security; cloud security plays a paramount role here.
In the present day scenario, cloud security has to face many challenges due to the constant fear of threats, attacks and data breaches.
Further, Mathivanan V, Vice President, ManageEngine in a discussion with PCQuest shares his
views in-depth about the present day Cloud security and vulnerability situation in India and how patch management can be one of the best solutions for cloud security.
1) What are the present IT Cloud security and vulnerability scenario in India?
The year 2017 witnessed a spree of ransomware attacks, which led to both economic and operational blockade in many organizations in India and across the world. According to Gartner, IT security spending in India is expected to grow to $1.7 billion in 2018, and security analysts foresee that attacks aren't likely to slow down in 2018.
There will be more connectivity, digital transformation initiatives, and more data collection by organizations worldwide. All these changes will, in turn, bring with the risk of fresh cyber attacks, which explains why IT security should figure among the top agenda of every business.With the wave of digitization and the explosion in IoT devices in India, more data breaches and attacks are expected to emerge.
2) Which are the most vulnerable sectors/audience?
Today, no enterprise is completely immune to cyber threats and vulnerabilities.Currently, the healthcare industry experiences more cyber attacks than any other industry. By preying on the sensitive data such as medical records, cybercriminals are able to seize huge amounts of ransom money, according to 2016 IBM X-Force Cyber Security Intelligence Index.
The financial sector comes second on the list of industries targeted by cyber-attacks. This industry is clearly an obvious target, as it holds sensitive records of investments, personal savings, and taxation. With more and more financial data moving to the cloud, applications are updated on a regular basis. Cybercriminals targeting financial firms have to get extremely creative to seize control of such data. There is no room to relax, as more often than not, cybercriminals are indeed as creative as they are destructive! Unfortunately, if there's a way in, they'll find it!
After the financial sector comes the government agencies. These agencies have always been hot targets.
All institutions, whether they belong to one of these three sectors or not, should have to stay vigilant and guarded continuously, with a robust cybersecurity solution in place. Any institution that fails to do so, is making its systems vulnerable to the next wave of cyber attacks. They could come from anywhere. For all we know, it could even be tomorrow. Are companies ready to face the future? is the burning question.
3) What factors lead to these vulnerabilities?
As businesses become more digital, there are greater opportunities and higher payoffs for cybercrime. This is why enterprises should vulnerabilities as soon as possible. Today, an estimated 70 percent of threats originate on endpoint devices. The most common factors leading to exploited vulnerabilities on endpoints are as follows:
Gaps in protection: When endpoints are away from the organization's network, the only protection left is the antivirus solution installed on the device, if there is one. Typical detection and prevention measures aren't enough to handle today's advanced threats, including zero-day exploits.
Lack of visibility: In today’s bring-your-own-device (BYOD) work environments, everything is mobile. Smartphones, tablets, laptops, and netbooks are constantly entering and exiting the network, bringing with them whatever they've picked up while away from the company network. As corporate networks evolve, organizations are often left with limited visibility into endpoint activity, and there is no context to see where such vulnerabilities come from. It goes without saying that “You can't detect what you can't see.”
User error: The leading cause of security vulnerabilities is user error. When attackers send out phishing emails with malicious attachments or links, users inevitably click on things they shouldn't, despite training and continuous warnings—and the results can be devastating.
Sophisticated cybercrime: In the digital age, cybercriminals are highly organized, fully motivated, and well-financed. Businesses can’t take them lightly and afford to underestimate the potential of today’s evolved cybercriminal.
4) How do you find the role of cloud in vulnerability management?
A growing mobile workforce in a data-sensitive world highlights the importance of automation and security on the cloud, as well as proactive prevention measures to safeguard organizations from cyber attacks.
It is a myth that cloud computing is less secure than traditional on-premise systems. This myth has risen out of the fear that data is stored on servers and systems we don't own or control. However, the physical location of data actually means less than the means of access. The best practice, therefore, is to focus on a well-defined security strategy with the right enabling technology.
When it comes to cloud, managing cyber threats involves much more than simply scanning for vulnerabilities. Enterprises need to understand that controlling access is much more important than the actual location of the data. Looking at how data is accessed, and spotting future threats is vital. Last but not the least, vulnerability testing is an absolute necessity.
Whether an organization uses a physical, virtual, cloud, or hybrid environment, it cannot ignore vulnerabilities that attackers use to breach the network if the organization wishes to keep its applications and data secure. An example: Though Amazon Web Services (AWS) data centres are built to be secure, the responsibility of securing applications running on AWS remains with the individual companies using this service.
5) What role does patch management play in securing the cloud?
A gripping report from Gartner states that by 2020, known vulnerabilities will account for 99 percent of all exploits, whether through malware, ransomware, or phishing. With growing number of high-profile attacks on known vulnerabilities, staying on top of updates and patches has never been as important as it has become now.
The best way to reduce an attack surface is to implement a cloud-based patch management solution. No software exists without errors and vulnerabilities, but enterprises can avoid letting cybercriminals exploit these vulnerabilities by being up to date on patches.
A patch management solution can adequately secure cloud infrastructures only if it combines several key practices and elements. Your best bet is to combine several elements, including:
- Patch automation: Ensure patches and updates are deployed around the clock with no need for manual intervention.
- Patch testing: Test patches before deploying them across the network. This feature is essential in critical systems that require high stability and uptime.
- Vulnerability reports: View reports to determine whether a network is vulnerable to identified attacks or not.
- Patch rollback: Rolling back patches is a good disaster recovery plan should the patch interfere with system functionality and have to be removed.