Popular cloud storage firm Dropbox and social networking website LinkedIn recently informed all users who had not changed their password since 2012 to change it as hackers have gained access to millions of email addresses and passwords. This indicates how vulnerable our data is to cyber attack even in the cloud. And this is what US-based cyber security firm Forcepoint is saying: Moving data to cloud is no solution for security, and companies that are moving to cloud just to park their security worries need to be realistic because with the adoption of cloud, the surface of attacks is also increasing.
According to the Forcepoint 2017 Cyber Security Prediction report, organisations think they get inherent security just by migrating to the cloud. But moving data offsite doesn’t absolve organisations of their responsibility to secure it and best practices still matter. It warns that the end result of a rush to cloud computing without proper security considerations may mean a decreased security posture for many companies in 2017.
“Organisations migrating their already vulnerable environments to the cloud will find limited security benefits without proper preparation as the underlying foundation that runs virtual machines may be increasingly come
under attack,” said Surendra Singh, country director– India and Saarc, Forcepoint, adding that security is a
collective effort of cloud providers who should ensure proper screening of data that move into the cloud, security
vendors who need to simplify the security process, and customers who should follow the best practices.
“The security challenges rising from the rapid integration of the digital and physical in 2017 will be felt globally, as these spheres become increasingly reliant on one another,” said Kris Lamb, vice president of Forcepoint threat
protection R&D and security labs.
According to the report, rise of voice-activated Artificial Intelligence (AI) to access web, data and apps will open up creative new attack vectors and data privacy concerns. Also, there could be rise of corporate incentivised insider threat which may clash with customer data, corporate profit and other performance goals, forcing businesses to re-evaluate their corporate environments and growth strategies.
“With AI, more and more information is given in a digital form. And as it gets digitised, it becomes vulnerable to
external attack. As artificial intelligence becomes mainstream, the security challenges will grow manifold; therefore, right in the beginning, we have to track it and mitigate the issue,” said Singh.
Indian executives of Forcepoint said India also needs to step up its regulations on data protection. They said that the cyber security guidelines from Reserve Bank of India and Securities and Exchanges Board of India (Sebi) are not enough. They suggested that just as companies inform Sebi about change in management, they should report about cyber breach so that the same could be shared with customers immediately.