Critical cyber security challenges 2020: Cloud services

Organisations were pushed into a world where, all of a sudden, their entire work environment was remote.  Thankfully, most businesses either had access to, or had already deployed, applications and services that let their employees access, edit, save, and share work information in the cloud.

However, this rush to maximise cloud use presented a number of immediate technical issues for security teams to deal with due to the fact that the last vestiges of perimeter defences dissolved overnight, amplifying fears about a loss of control and increased risk.

What are people afraid of when using cloud services?

We explored some of these post-COVID challenges in our recent analysis of 300 cyber security professionals to understand how they are manifesting themselves within organisations.

From a broad perspective, the main things on the minds of cybersecurity professionals when it comes to using cloud services are data loss, the compromise of a cloud service provider, account takeover, downtime and, finally, malware.

With 40% listing a breach of their cloud service provider as one of their top concerns during lockdown, it is evident just how much importance is being put on this infrastructure from a business perspective.

Despite this, alarmingly 25% of people questioned also have no contingency plan for what would happen should their cloud services provider go down.  While many, including Microsoft, do experience occasional downtime, the impact can be especially severe for companies in regulated industries where access to data at all times is mandatory.  Here, resilience is a business-critical issue.

The mass transference to homeworking has also invited a significant spike in criminal activity, with 50% of people saying that they have seen an increase in Business Email Compromise (BEC), Phishing, Account Takeover (ATO) and Whaling.

Such attacks are becoming more advanced and targeting increasingly valuable information assets or involving larger and larger amounts, which – especially for smaller organisations – can have a disproportionate impact.

Business Email Compromise alone accounted for 50% of cybercrime losses last year, costing an organisation on average $75,000 (FBI Internet Crime Report 2019).

ATO parallels this as a particularly insidious form of email attack made significantly easier – or more successful – by the failure to implement strong authentication measures.  Almost 40% of all people asked put this at the top of their list of concerns.

The accelerated shift to the cloud hasn’t just increased risk from a technological change point of view either.

Securing the user has become more important than ever. It can take just a couple of clicks to share valuable company information – with our findings showing that 26% of people are sharing links to documents in the cloud without authorisation.

Pair this with 34% of people who use the same password for access to work services as personal accounts and it’s a recipe for disaster.  Weak account protection and poor cloud service configuration is an open invitation to cyber criminals to infiltrate the organisation and start exfiltrating data.

How to quash cloud security concerns

Security teams need to adopt a contemporary layered set of solutions to help them protect their organisations from the multitude of threats presented by the post-lockdown work environment.

A solution that offers the flexibility to work from anywhere on any device without restricting or frustrating users, damaging productivity, or increasing risk.

To mitigate the reliance on cloud service providers, emergency access to email is crucial.  A company that cannot communicate, essentially freezes.

Emergency email solutions offered via a webmail style interface allow users to continue being productive even in the face of downtime, typically holding 30 days of sent and received items.  For companies in particularly strict sectors or undergoing audits, compliant email archiving which allows secure and searchable access to all historical email that is stored outside of the primary email service provider is also a good idea.

To protect against the growing volume and sophistication of email attacks such as BEC and ATO, a modern email solution added on to those native to Office 365 or Gmail is critical.

Advanced email security solutions are multi-layered and capable of analysing an array of message attributes to understand context, cross-referencing this with factors such as originating domain and IP to flag anything suspicious. In addition, senior management can be given extra protection with custom rulesets and policies.

Adaptive MFA can also help reduce the risk from a remote workforce logging in to networks, applications, and systems.  This mitigates the risk associated with password re-use and ensures stolen credentials cannot be used to gain access.

Being adaptive means it challenges intelligently, i.e. only when unusual activity, time of day, device or location is identified – to reduce user friction – – with failover delivery methods for the user.

Finally, a CASB solution can protect against the inherent risk of employees sharing sensitive data, either accidentally or maliciously, using cloud applications.

CASBs allow security teams to apply rules and policies to specific groups and/or individuals in a way which manages risk without inhibiting the inherent productivity gains of cloud collaboration.  For example, allowing users to download files from a cloud application but not to upload files, or to use webmail applications but restricting the ability to attach files to messages.

The cloud is a crucial business enabler in today’s post COVID world.  The best security practitioners are those who realise the enabling effect it has on the broader business and provide appropriate controls to mitigate risk.

For a deeper look at the reality of the role of security during a global pandemic download Censornet’s report; Empowering the People: Critical Security Challenges 2020.