Cloud security is a collective effort of cloud providers, security vendors and customers, says Forcepoint
Away from what global technology giants like Microsoft, AWS, IBM, SAP, VMware have been saying about security in the age of cloud, US-based cybersecurity company Forcepoint, says moving data to cloud is no solution for security and companies that are taking shelter of cloud just to park their security-worries need to be realistic because with the adoption of cloud, the surface of attack is also increasing.
In a recently released report, company argued that organisations think they get inherent security just by migrating to the cloud. But moving data off-site doesn’t absolve organisations of their responsibility to secure it and best practices still matter. Forcepoint warned that the end result of a rush to cloud computing without proper security considerations may mean a decreased security posture for many companies in 2017.
“Organisations migrating their already vulnerable environments to the cloud will find limited security benefits without proper preparation as the underlying foundation that runs virtual machines may be increasingly come under attack, said Surendra Singh, country director – India & Saarc, Forcepoint, adding that security is a collective effort of cloud providers – who should ensure proper screening of data that move into the cloud, security vendors – who need to simplify the security process, and customer – who should follow the best practices.
These findings are part of the Forcepoint 2017 Cyber Security Prediction report which examines the increasing convergence of the technological and the physical worlds and the long term implications of this new digital ecosystem on organisations and institutions worldwide. The report predicts that security challenge will rise with rapid integration of digital and physical in 2017.
“The security challenges rising from the rapid integration of the digital and physical in 2017 will be felt globally, as these spheres become increasingly reliant on one another, their influence on not only cybersecurity but in boardrooms, across borders and in the halls of government will only expand,” said Kris Lamb, vice president of Forcepoint threat protection R&D and security labs.
The newly launched report also look at other aspects of cybersecurity, like business and individual behaviours, the impact of larger technology trends on governance and international engagement. According to the report, rise of voice-activated Artificial Intelligence (AI) to access Web, data and apps will open up creative new attack vectors and data privacy concerns. Also, there could be rise of the corporate incentivised insider threat which may clash with customer data, corporate profit and other performance goals, forcing businesses to re-evaluate their corporate environments and growth strategies.
“With AI more and more information is given in a digital form. And as it gets digitised, it becomes vulnerable to external attack. As artificial intelligence becomes mainstream, the security challenges will grow multi-fold, therefore, right in the beginning, we have to track it and mitigate the issue,” said Singh.
In addition, Forcepoint predicts convergence in data compliance and data protection. The report says that 2017 will be the final full year before the European Union’s (EU) General Data Protection Regulation (GDPR) becomes a legal requirement. The Texas-headquartered company is of the view that GDPR demands may drive business costs higher with new data protection controls are applied and multiple stakeholders grapple with the who, when and how of data accessibility requirements.
Indian executives of Forcepoint said India also needs to step up its regulations on data protection. They said that the cyber security guidelines from Reserve Bank of India and Securities and Exchanges Board of India (Sebi) are not enough. They suggested that just as companies inform Sebi about change in management, they should report about cyber breach so that the same could be shared with customers immediately.