on 15 October 20
Cloud Security Alliance has shown during a recent study report that the sensitive data in the cloud reached a breaking point. 64% of respondents believed that their on-premises software was less secure than the cloud - among them, many were IT security professionals from all around the world.
The problems regarding security surrounding data stored in the cloud were the single most dominant item that could hold back its adoption, this being a turning point.
There was a shocking number of sensitive data that was stored in the cloud by the employees - this was shown in our latest Cloud Adoption & Risk Report. By the year 2020, customers will be responsible for 95% of all cloud security breakdowns. This information was given by a recent Gartner report and backed up by the statistics concerning sensitive data stored in the cloud.
When reported in the media, data breaches could cause irreversible damage to the company involved both in terms of status and client's trust. In addition, legal obligations may decree public confession of such a leak. If the breached data is sensitive (login credentials, IP or Health Records), this particular exposure may put both parties at risk.
Companies always had the obligation to protect sensitive data from being exposed. As it happens, 15.8% of all data stored in the cloud-based file sharing app contained personal information. The health care provider from HIPPA is compelled to inform the press and the individuals affected that more than 500 persons got hacked and lost their information. This happening can lead to the company’s loss of reputation and trust as well as monetary fines.
One of the tendencies that we exposed was the naming convention of records saved in the cloud. The most important type of information is healthcare information. Therefore, cybercriminals made a priority out of it. They are selling anything from account credentials to credit numbers using the dark web.
Organizations can use the newest improvements in big data analytics to gain an advantage on Rascal insiders relying on cloud services. Nowadays, machine-learning algorithms are looking for unique behaviors that are in close correlation with the insider’s threat.
Insiders represent the number one threat to your data’s safety. A surprisingly 48% of cloud data breaches are the consequence of insiders which are accidentally or intentionally exposing information from a cloud service. Cloud services are created in order to be used anywhere and from any smart device. Yet, because of the accessibility granted by the cloud services, the hackers’ results aren’t usually hardly obtained.
Types of Insider threats:
- Data Exfiltration: Employees with malevolent intents taking out data from the organization cloud apps.
- Malicious Users: Employees that are dissatisfied are exposing and stealing valuable information.
- Cloud Malware: Monitor and Control third party apps that are installed by operators in the Google Apps platform.
- Ransomware: Ransomware is malicious code that is used by cyber criminals to launch data kidnapping and lock screen attacks. You can protect yourself from such attacks by storing your information through periodic back-ups.
- Phishing: Deceitful emails that are sent by the attackers pretending to be coming from a reliable organization. They generally have the mischievous intention to collect your
personalidentifiable information and account credentials. Some of the insiders may be deceived by this and therefore provide the hacker with a lot of private information.
Internal and external dangers
During each month, the average organization is experiencing 19.6 cloud-related security cases. This is owing to a large amount of sensitive information that is actively saved in the cloud. Each month there is a threat caused by an insider, and 55,6% of organizations become casualties of stolen login IDs. These unauthorized user attempts are happening 5.1 times each month.
One of the most important tasks that the IT security team has to deal with is to protect data from within. Why? Because 95% of cloud security incidents are produced by inside employees. The harder part that the IT security team must do is sort through a field of false positives in order to locate an actual threat.
User Behavior Analytics
User Behavior Analytics is used to create a baseline for real credit card transactions using machine learning. During the holiday seasons, they have realized that the frequency and the number of credit transactions increase for most of the people. Therefore, they use related hints to create a baseline of normal behavior. When the baseline has been launched, they can precisely locate deceitful transactions. This is a much better alternative compared to looking for a polar bear in a snowstorm.
To conclude, it is important to keep in mind that nothing is safe enough for you to trust completely. IT security professionals are struggling to improve clouds security each month, yet every month the number of breaches continue to rise. The best thing you can do? Stop storing your information on cloud-based services and use a simpler alternative such as an SD card or a stick.
Robert Morris is a data analytics expert, writer and a blog editor at askpetersen.com
Share your perspective
Share your achievement or new finding or bring a new tech idea to life. Your IT community is waiting!