Intelligent Tech Channels Issue 14 | Page 49

EDITOR’S QUESTION Enterprise cloud usage more unsecured than secured 70% of enterprises using Saas solutions have no cybersecurity strategy in place to cope with any incidents, answers Alessio Aceti at Kaspersky Lab. W ith the rapid adoption of cloud, what are the upsides and downsides for enterprises in the near future? S wift adoption of cloud-based services and a lack of well-defined security strategies is leaving organisations struggling to keep control of their data, across a sprawling number of services and applications. According to new research from Kaspersky Lab, 35% of businesses admit that they are unsure if certain pieces of corporate information are stored on company servers or on those of their cloud providers. This makes the safeguarding and accountability of data extremely hard to achieve, putting its integrity at risk and paving the way for potentially severe security and cost implications. With cloud services enabling companies to take advantage of key technologies to support day-to-day operations and growth plans – without worrying about maintenance or the hefty price tag – it’s no surprise that 78% of businesses are already using at least one Software-as-a- Service SaaS based platform. The same number 75% are also planning to move more applications to the cloud in the future. When it comes to IaaS, nearly half 49% of enterprises and 45% of SMBs are looking to outsource IT infrastructure and processes to third parties. However, for many organisations, the speed of adoption and lure of cost and operational savings has been to the Alessio Aceti, Head of Enterprise Business, Kaspersky Lab. detriment of security, with many using cloud services with no strategy in place for the security of their information. Uncertainty around who is responsible for the security of data in the cloud can often 35% of businesses admit they are unsure if certain corporate information is stored on company servers or on those of their cloud providers. be the basis for this approach. Research found that 7 out of 10, 70% businesses using SaaS and cloud service providers have no clear plan in place to deal with security incidents which could affect their partners. A quarter admit to not even checking the compliance credentials of their service provider, suggesting an assumption that they will pick up the pieces if something goes wrong. However, with 42% of businesses not feeling adequately protected from incidents affecting their cloud service provider and a quarter 24% of businesses having experienced a security incident affecting the IT infrastructure hosted by a 3rd party, over the last 12 months – a reliance on cloud providers alone to provide complete protection could be a risky strategy. Businesses have to find ways to get the cloud zoo under control. Every package of data needs to be protected wherever it happens to be at any one time. To do so, companies need spotting anomalies within their cloud infrastructures, and that can only be achieved through a combination of techniques including machine learning and behavioural analytics. This ability to identify and defend against unknown threats is absolutely fundamental to cloud infrastructure security. Besides that, enabling visibility of the cloud ecosystem and its cybersecurity layer will give businesses a clear view on where data resides and if its current protection status meets corporate security policies. Only this way business will be able to tame the cloud zoo and have complete control, no matter how much and where data is stored.  49