Technology Record - Issue 28: Spring 2023

INTERVIEW Combatting cybercrime with the cloud Tony Velleca explains how thinking like a hacker, implementing cloud-native extended detection and response, and partnering with managed security services providers helps businesses to protect their critical assets Corporations now store 60 per cent of their data in the private, public or hybrid cloud, according to a survey published by Statista in 2022. This figure has increased 30 per cent since 2015 as more enterprises shift their IT infrastructure and other critical assets from on-premises data centres to the cloud to capitalise on the productivity, efficiency, performance, accessibility and other benefits it offers. And this growth is set to continue in 2023 – Gartner, for example, forecasts that worldwide public cloud spending will rise 20.7 per cent from 2022 to hit $591.8 billion this year. Although migrating to the cloud is advantageous for many reasons, it can also introduce new security challenges, according to Tony Velleca, CEO of advanced managed detection and response service provider (MDR) CyberProof. “Chief information officers (CIOs) are driving cloud migrations, but they don’t typically consult with the chief information security officers (CISOs) to understand how this will impact the organisation’s security posture,” he says. “Often, this means they continue using the same legacy security solutions, which were only designed to protect assets stored in on-premises or local data centres and are therefore unable to safeguard anything stored in the cloud. This increases their exposure to attacks.” Businesses are also operating an increasing number of endpoints in the public cloud, which has further expanded the potential attack surface. “In the past, all of an enterprise’s critical assets were contained within their on-premises data centres or within their own IT network, so there were fewer gaps for hackers to breach,” says Velleca. “Today, we have a growing number of endpoints, including everything from computers and phones to connected internet of things (IoT) and operational technology devices, such as smart meters, self-driving cars, aircraft, sensors on equipment in hospitals or oil refineries, and more. Most of these endpoints are connected to applications that run in the public cloud, which has introduced new vulnerabilities and made it more difficult for businesses to secure their own assets.” Predicting that the number of cyberattacks will continue to rise as more organisations transition to the cloud and the number of endpoints grows exponentially, Velleca advises businesses to rapidly re-evaluate their security operations centres (SOCs). “Every organisation will inevitably be hacked at some point, so it’s vital that they can quickly block these attacks before they cause real operational, financial or reputational damage,” BY REBECCA GIBSON 68 “ Every organisation will inevitably be hacked at some point, so it’s vital that they can quickly block these attacks”