Businesses around the world are eager to jumpstart their digital transformation and journey to the cloud – ultimately improving operational agility, but the transition can be risky if security practices are not taken into consideration. The U.S. National Cyber Security Alliance estimates that six months after suffering a cyberattack, 60 percent of companies go under. Add to this, the Ponemon Institute states, the average price for small businesses to clean up after their businesses have been hacked stands at $690,000; and, for middle market companies, it’s over $1 million.
According to Alert Logic’s 2017 Cloud Security Report, hybrid cloud implementations have a 141% higher rate of security incidents than a pure public cloud environment. Let that settle in for a moment…it may seem like a surprising deviance, but as reported by our cloud security partner’s data source of 3,800+ customers. It is one of the many discoveries from their most recent report.
Companies of all sizes and across all industries have migrated to the cloud. While there are a variety of benefits that come with moving servers, data, and/or applications to the cloud, the cloud also comes with some inherent risks. Our security partner, Alert Logic, analyzed millions of customers’ security events gathered from around the world over an 18-month period to gain a better understanding of the general state of cloud security and the specific challenges that threaten companies.
One of the underlying implications presented in the report suggests that what makes the cloud vulnerable is derived in part from its value. Servers, data, and applications in the cloud are available from almost anywhere, which in turn renders them susceptible to outside attacks; applications and data in the cloud exist to be accessed, and are therefore exposed to potential breaches. The report will provide you with insights as to the vulnerabilities that could face your organizations in the cloud so that you can best plan how minimize your organization’s exposure while taking advantage of the things that make the cloud valuable.
Organizations need a solution designed to protect their assets without impeding the speed of business. Data and applications need to be safeguarded by multiple layers of security, while maintaining a high level of performance.
The Insights: Risk Mitigation & Data Security
Alert Logic co-founder and Senior Vice President of Products and Marketing, Misha Govshteyn, kicks off the Cloud Security Report with, “Why is the sky blue? What is the meaning of life? Why did the chicken cross the road? Is the public cloud really less secure than on-premises data centers? No one has answers to many of these eternal questions, but we can shed some light on that last one – we have no indication that public cloud is less secure. In fact, there is an increasing body of evidence to the contrary.”
Alert Logic’s Cloud Security Report is the result of a comprehensive analysis of more than 30 million security events gathered from nearly 4,000 customers around the world between August 2015 and January 2017, making it a current and relevant resource for organizations that are already leveraging the cloud or considering migrating to the cloud. Such organizations making their digital transformation need to address the question of which resources should be maintained on-premises as opposed to the cloud, or whether a hybrid solution that combines the two is more suitable. For the business workloads that have moved to the cloud, companies need to determine whether a public or private cloud is a better choice. To make any of these decisions effectively, business leaders need to have relevant information about the advantages and risks involved.
When it comes to securing cloud resources, you need to know your infrastructure’s weak spots and how attackers are targeting your cloud assets – CMS and eCommerce platforms, cloud-based databases, and web applications are all at risk. However, you may have limited security resources to work with—you may lack the budget, the manpower, or the time—and you need to understand where attackers are focusing their efforts so you can allocate those resources effectively to secure your IT environment as adeptly as possible. How you set up your IT security infrastructure needs to be forward thinking.
Your Network Security Prescription
Businesses need a partner that offers proactive, built-in security end-to-end, so that as they transform and migrate to the cloud, their applications, tools, and systems grow along with them, keeping them well protected and in tune with the latest best practices in the security field.
Ultimately, Alert Logic’s Cloud Security Report recommends that organizations accelerate migration to the public cloud; there’s increased recognition that the cloud is secure and that, fundamentally, the security of the cloud is specific to the organization that utilizes it. Moving to the public cloud offers a unique opportunity to reduce your attack surface and re-architect for better security. The benefits of public cloud are real, and the data-driven analysis can help you to focus your defenses so as to minimize data loss.
It’s a mistake to assume that public cloud is somehow impervious, but a lower risk is very different than no risk at all. The analysis by Alert Logic doesn’t conclusively prove that a public cloud is more secure than traditional or on-premises infrastructure, however, the dataset does provide compelling evidence that finds significantly lower rates of security incidents in public cloud environments.
Read the full Cloud Security Report to gain practical guidance on how to stay ahead of a growing number of cyber threats.