I may be overstating a bit, but it seems like we can’t go a week without some breach or ransom attack hitting the news cycles. It’s even more frustrating when these incidents affect the lives of the rank and file, such as long gas lines—or no gas.
Although it’s easy to play Monday-morning quarterback, the common pattern is that companies are using security technology that’s less than effective, and perhaps the security talent on the ground is the same. Just saying.
The uptick in attacks is changing some hearts and minds. Some of France’s most sensitive state and corporate data can now be stored in public clouds, specifically Google and Microsoft, if licensed to French companies, the government said recently. This is an about-face from the French government’s previous trust in only local systems.
French Finance Minister Bruno Le Maire and two other ministers laid out part of a strategic plan. They referred to “U.S. technological superiority” in the field in contrast to previous calls from European politicians for fully homegrown alternatives.
Public cloud security is typically the best path because that is where the R&D dollars are being spent, both by the hyperscalers themselves, as well as a huge number of third-party providers that have been banking on the rise of public cloud computing. These third-party security providers are becoming more important as multicloud and cross-cloud security become more popular.
Another factor is that data in the cloud is fully managed and monitored. Hackers must work through many layers to finally get at the data, and their actions are likely to trip a warning if CPU and I/O consumption is out of whack, for example. Also, connecting IPs from areas that are known for these types of attacks is monitored. You’ll have to get through the cloud itself, then work on penetrating other layers as well. Therefore, hackers seek easier prey, such as older on-premises systems that are likely to be neglected.
Moreover, those who use public clouds are uber-paranoid and encrypt everything in flight and at rest. This typically comes without a substantial hit in performance and cost. Most of those moving to public clouds also adopt identity management. This provides intracloud and cross-cloud security that can also include traditional on-premises systems in the mix.
Of course, security depends on the talent of those who set it up. Public cloud providers often point to the notion of “shared responsibility.” The short version is that the cloud providers provide the tools, but protecting your data is your responsibility.
I’ve been beating this dead horse for years. The public cloud crossed the best-security chasm years ago, but it’s taken until now for larger companies and governments to get on board. I guess a little fear is a good motivator.