The rapid adoption of mobility and cloud computing has seen the potential for a Cyber-attack to Australian business increase exponentially. Despite all the advancements in technology geared toward safeguarding your security posture, the fact is that both the number of attacks, and the severity of those attacks, continue to rise.
The Australian Cyber Security Centre 2016 Threat Report states, “Australia continues to be a target of persistent and sophisticated cyber espionage. The cyber threat to Australia is not limited by geography; adversaries with even a transitory intelligence requirement will target Australian individuals and organisations regardless of physical location.” Business can no longer adopt the attitude that they are too insignificant to be on the radar of hackers - this is simply not true.
Each year, reports are generated showing statistics in relation to the number of Cyber-attacks that occurred that year against certain industry sectors, or using specific attack vectors. The truth is that these reports rarely give a true indication of the threat landscape, as many attacks against business still, to this day, go unreported. Australian companies continue to be persistently targeted by a broad range of malicious cyber activity that could potentially harm their reputation, reduce their competitive advantage in the market place, or worse – completely take down their business.
Companies moving to a cloud computing services model must understand they still need to take steps to ensure they address the same cyber threats that were present when they utilised a physical model. However, be it an on premise solution or hosted in the cloud, the correct implementation of a threat management system is a challenge for even the most highly resourced organisations, who quite often, don’t know where to start. Often companies put in place solutions that are poorly scoped, implemented incorrectly, or can become ineffective over time if not properly maintained. The outcome of this is a lack of visibility and insufficient protection.
One solution to this dilemma is to partner with a managed security provider, however it is important that companies do their homework and partner with a provider that is pro-active and trustworthy, in order to achieve the best outcome. It is also important that companies remain actively engaged in the implementation and ongoing monitoring of their security posture – this ensures they retain ownership of the security measures being put in place. A good security provider will encourage this collaborative approach.
If you are moving into or are already using services in the public cloud, it is your responsibility to understand the level of protection that your public cloud provider offers and what it is that you need to do to ensure that your information is effectively secured. There are a number of tier1 vendors that now provide solutions for protecting information being stored in the public cloud and it is important that you make yourself aware of these technologies and how to best implement and manage these solutions. As referred to above, if you do not have the technical expertise, strongly consider partnering with an organisation that does such as a managed security service provider with strong cloud awareness. Whether you partner with a service provider, or go it alone, visibility is key and will create the opportunity to make more informed security decisions and create a security posture that is more effective.
When designing your security environment, both on premise and in the cloud, consideration must be given to a wide range of issues. Some of these issues include whether your current software licensing will be transferable if you move from an on premise environment to a cloud environment and whether the cloud environment will serve your business as efficiently if you experience growth in the future.
Consider, also, what authentication will be required by your users and customers when accessing your services hosted in the cloud and whether the current connectivity you have is sufficient. In addition, is there redundancy in place should you lose your internet link or should the cloud service provider lose theirs? A simple example of this is a cloud service provider that comes under a DDoS attack - could they continue to operate in the event they were under a DDoS attack?
[Related: 4 advantages of moving to the cloud]
What about recovery? How quickly will you be able to recover if and when something does go wrong? What measures can you put in place to mitigate this risk?
Consider whether there are any government or corporate policies and regulations that you must be aware of, which may stop or limit where you can host your information? Some cloud services are hosted overseas - would hosting with these providers violate any relevant policy?
When moving your services to the cloud, consider the levels of contingencies that are offered by your service provider. Speed of service and recovery from an outage are but two metrics that should be factored into any measurement criteria. Have you converted the Operational Level Agreements that were in place when your infrastructure was housed internally, to SLA’s agreed with your cloud provider?
Lastly, consider whether the cloud service provider you have chosen can deliver on the service you want. Just as there are chasms of difference between the qualities of service of many managed security providers, so too is there vastly different levels of service from cloud service providers. Do your homework and know who you are partnering with.
Michael Demery is Director at Seccom Global