Anurag Singh joined Clearwater Analytics in mid-2019 to establish the development and operations center for Clearwater Analytics in India. As Managing Director, Mr. Singh is responsible for the day-to-day management and performance of the India center, which includes incubating and growing the teams. He collaborates closely with Clearwater Analytics global leadership to enable the India center to participate in the research, development, and operations of the Clearwater SaaS platform.
The last decade has seen several enterprises experimenting with cloud technologies. The pandemic over the last two years has significantly accelerated cloud adoption, in part due to the surge of remote workand many organizations facing major operational resilience challenges in the early days of the pandemic. According to the findings of the Oracle KPMG Cloud Threat Report, almost 90 percent of organizations said they use SaaS and 76 percent said they use IaaS. Further, 50 percent said they expect to move all their data to the cloud in the next couple of years.
Increasing cloud usage means increasing the cyberattack surface. Cybercriminals have had many opportunities to take advantage of the new production environment and exploit the vulnerable workforce in remote areas.
There has been a phenomenal rise in cyber security incidents, including data theft, phishing and malware attacks, insider threats and denial-of-service attacks among others. Early last year, we had one of the deadliest “Distributed Denial of Service (DDoS)” attacks in the history of the internet, fortunately mitigated early by the targeted cloud provider. As we witness an accelerated cloud adoption, threats around data leakage and misuse have also risen dramatically. Whether it is data at rest or data in transit, access to it needs to be made as secure as possible.
This makes cloud security more important than ever.Cloud security is a set of principles, methods, and technologies designed to control and protect the cloud environment.The Global Cloud Security Market is estimated to be USD 34.8 Bn in 2021 and is expected to reach USD 67.6 Bn by 2026, growing at a CAGR of 14.2%.
According to PwC’s Digital Trust Insights Survey 2022, the risk landscape is constantly evolving, and organizations are investing more in cybersecurity than ever to manage risk. The seemingly overnight migration of corporate data to the cloud has increased the number of potential points of failure in security systems.
Businesses need to develop effective cloud security architectures and strategies. Adapting existing authentication methods to provide consistent access control to cloud and on-premise network resources is one way to increase security. Encryption is an additional step that businesses can take to secure all data uploaded to the cloud service. Sophisticated algorithms are used toencrypt data so that only authorized parties can access the information. Data in the cloud can be encrypted both at rest and in transit. This prevents data leakage and disclosure even if other security measures fail.
The use of tools such as real-time security monitoring and reporting to meet cloud-specific, industry and compliance standards, and tools such as multi-factor authentication, encryption, and offline backup for enterprises should be utilized to maximize data protection.Further strengthening of cloud security requires additional approaches like human-centric cybersecurity and user and entity behavior analytics.Our defenses must keep evolving at a pace faster than the evolution of the capabilities of cybervandals, cyberterrorists, cyberfraudsters and the hacktivists.
Organizations should provide frequent, practical cyber-security training and skill upgradation for employees and encourage employees to become ‘cloud-smart’.
Cloud security is an interdisciplinary area that cannot be separated from the development lifecycle. For this to be ultimately effective, organizations must focus on people, processes and technology to make the necessary changes and ensure safety is part of the company’s DNA.
Application security is another area that needs a lot of attention. Many tools are available to secure various elements of an application portfolio, from locking down coding changes to assessing inadvertent coding threats, evaluating encryption options and auditing permissions and providing precise access rights for various environments. The DevOps teams implement Shift Left to ensure application security are thought through in the early stages of the development lifecycle, ensuring collaboration between development, security, and operation teams.
In recent years, Zero Trust access model has become very popular, with attention placed on how this approach to security can help organizations defend itself against the new generation of attackers – who are better networked, more organized and who have access to sophisticated tools. Zero Trust is a network security concept centered on the belief that organizations should not automatically trust anything inside or outside traditional boundaries. Implementing Zero Trust requires the verification of anything and everything that tries to connect to assets before granting access and the continued evaluation of sessions during the entire duration of the connection.
Typically, organizations need to have a well-established and robust security review process for the workloads residing on the Cloud Platform. They need to follow CIS (Center for Internet Security) benchmarks to adhere to best security practices within their systems and continuously improve the security posture by implementing and reviewing their security runbooks and guidelines. They need to ensure the security of connections within their systems by adopting the use of secure cryptographic protocols and protect their systems by infusing a “least privilege” posture for access controls to resources and workloads. Hardening of infrastructure should be done iteratively using the latest security guidelines using CIS benchmarks, CSA (Cloud Security Alliance) guidelines, and NIST (National Institute of Standards and Technology) guidelines. The workloads exposed to Internet should be isolated from the workloads that are to be kept private.
The cloud of the future needs to be a more reliable and resilient digital fortress than ever before. Cloud security will become smarter, more automated and more discriminating thanks to advances in artificial intelligence, machine learning and other innovations. Cloud security will also be designed and implemented with a focus on a positive user experience so that security measures will be less intrusive to users and less impactful on business productivity or personal enjoyment.Also, in a cloud-first world, there will be a greater need for CISOs to develop deeper, cloud-centric expertise. This will be the key as CISOs become even more engaged with various digital transformation and business initiatives, so that they can ensure cybersecurity is effectively and properly integrated into evolving business models, covering all aspects of IT.