Cloud usage drives cybersecurity spending, SANS 2020 report

The rapid migration to cloud-based technologies is the biggest disrupter worldwide of operations and a key driver when organisations plan their spending increases, according to the results of the latest SANS 2020 Cybersecurity Spending Survey.

“The SANS survey showed that rapid movement of corporate services and business applications to cloud-based technology is the biggest factor causing breakage in existing security architectures as well as driving most new security spending,” says John Pescatore, SANS Director of Emerging Security Trends. “Cloud monitoring and cloud security access controls were the top two spending areas, followed by spending to increase security staff skills to deal with new technologies, such as the cloud, and to keep up with changes in regulations as well as new threats.”

Slightly more than 50% of respondents ranked the increased use of public cloud infrastructure-as-a-service (IaaS) implementations as the biggest disrupter to security programs in the next 12 months. Based on that, 71% of respondents reported seeing a need to increase spending on cloud security monitoring, followed by cloud access security broker cloud-specific tools (53%), staff skills training (52%) and strong authentication (46%). 

Overall, 57% of respondents feel that out of people, process and technology, an increased investment in people would provide the biggest improvement to their overall security posture, followed distantly by process (19%) and technology (18%). 

“Managers see increased and refreshed skills in their existing staff as being significantly more critical than simply increasing headcount,” according to Barbara Filkins, SANS Analyst Program Research Director and author of the report. “The fact that respondents prioritise increasing staff skills significantly over increasing headcount to deal with ‘disruptive technologies,’ especially when faced with escalating privacy regulations—and fines—worldwide, is not surprising. Business use of IaaS and hybrid cloud requires re-architecting security controls and integrating with CI/CD methodologies.”

In a series of follow-up interviews with selected survey respondents, security managers recognise the need for “upskilling” to increase retention rates, which improves both effectiveness and efficiency. Increased skills around new technologies and new security techniques is also required to enable any use of security automation technologies, which were not highly cited for spending increases in 2020.

Strong authentication, the fourth most highly cited area of planned new spending, points to the recognition that the majority of damage from breaches and ransomware attacks in the past year were enabled by the use of reusable passwords that were easily captured via phishing attacks. CEOs and boards of directors are backing security teams in overcoming obstacles to implementing multifactor authentication.

The report can be downloaded from the SANS website

www.sans.org

[Column] Nixon Kanali: Moving to the cloud can help African business stay secure from cyber threats

A few years back I got the chance to attend the East African Cloud Summit organized by the University of Nairobi’s C4DLab in collaboration with Microsoft. The summit was on Cloud Computing and how it can be used to improve societal growth and transformation.

One of the panellists present during the summit was Dr.Bitange Ndemo, a former Permanent Secretary in the ministry of ICT who is currently heading a 10-member taskforce on blockchain and artificial intelligence in Kenya. Dr. Ndemo spoke widely on Cloud and why most African organisations and even SMEs are still scared of moving into Cloud. He said most of these companies feel unsafe with their data being in the Cloud since they believe that with the data being in the Cloud they will be sharing it with other people.

Dr.Ndemo also noted that most of these organizations lack information about the importance of moving to the cloud. I remember asking the panel what needs to be done to convince these organizations or SMEs that the cloud is an indeed a safe place store their data, and Dr.Ndemo joked that the only thing that can be done is pray for them. Well, one thing was clear though, more awareness and facts need to be given to these organisations. One thing they emphasized on is that moving into the Cloud is not about sharing, it’s about accessibility.

Moving to the cloud can help businesses secure from cybercrime threats. In an interview I once had with Kaspersky Lab Channel Sales Manager for East Africa, Bethwel Opil, on the State of cybersecurity in the country, it was evident that there were so many gaps to be filled. Most organizations are not investing in this sector. Its either they don’t have the personnel or don’t even care at all. The cloud could help them fill these gaps and stay secure from online threats.

With the threat of cyber-crime and insider fraud on the rise, Kenyan companies should be looking towards cloud applications as one means of improving the security of their IT environments. In their experience, Bethwel Opil said CIOs and/or CISOs are starting to understand how serious cybercrime is becoming in Kenya, and the realities around cybercrime and the impact it can have on a business – not only from a data loss point of view but also from a reputational one. Kenyan organizations are wrestling with the growing danger posed by threats such as malware, hackers, and theft of computing devices.

The cost of cybercrimes is mounting, Cloud computing improves IT security and security professionals and African organisations need as much help as possible. Cloud helps security operations respond quicker to threats helping organisations to focus on business risk as opposed to spending thousands of hours researching threats.

Cybercriminals are becoming very skilled and are placing a strong focus on the business market, given the financial gain it can offer them. Ransomware that targets businesses, for example, is becoming more widespread and more sophisticated. Cybersecurity is therefore not an issue that only IT people should take into consideration. The reality is that it concerns everyone – consumers, home users and their families, small businesses and large organisations, including governments.

Moving to the cloud should, therefore, be a top priority for African organisations.

Nixon Kanali is the Tech Editor for the African Business Communities

[Column] Christine Ambetsa: Data Security; embracing autonomy and intelligent machines

The National Cybersecurity Centre (NCC) detected over 3.8 million cyber threats between July and September 2018 according to the Communications Authority of Kenya’s first quarter sector statistics report for 2018/19.

CIOs are operating in a state of heightened awareness. Their mission-critical systems are increasingly under threat from constantly evolving viruses and hacks, making it tougher than ever to defend the lifeblood of their business – data.

The National Cybersecurity Centre (NCC) detected over 3.8 million cyber threats between July and September 2018 according to the Communications Authority of Kenya’s first quarter sector statistics report for 2018/19. The cyber threats detected varied from denial-of-service (DOS) including botnet and brute-force attacks that led to denial of computer services and illegal access to computer systems, online impersonation via social media accounts and domain names, malware including phishing attacks and online abuse including online fraud to name a few.

Unsurprisingly, nearly a third of Kenyan CIOs state that their key focus area is advanced security solutions, the second highest priority listed after disaster recovery and business continuity.¹

Security is hard

Simply put, security is hard. Much of it comes down to the way IT has evolved – as an open environment. For years, people and businesses have purchased disparate products, disparate servers, disparate operating systems and disparate databases and then connected them all together. The unintended and unfortunate result is that lots and lots of individual pathways have been opened up in the corporate system.

As a result, what’s sprung up around these corporate systems is a cyberspace battlefield, in which nobody is safe. Even IT professionals are combatants on that battlefield, tasked to make the right security choice every day, because if you don’t, you’re putting the future of the business at risk.

Adding even greater significance to the security mandate today is the advanced and persistent nature of today’s threats. Malicious actors are seemingly always one-step ahead and in order for enterprise security forces to do their job, they must exercise constant vigilance and innovation.

So how can businesses move forward with confidence and continue to build their data assets, while at the same time facing up to the barrage of security threats?

A new kind of defence

The answer is a new kind of defence; one that pits machine against machine so that organisations have a nearly impenetrable barrier to protect their data and their cloud.

Hackers are already wise to the power of letting machines do the work. Right now, for many organisations this battle takes the form of their malicious bots versus your people trying to defend from inside the business. But in this scenario of machine versus man, which do you think is faster? Who do you think will win?

To give your business a fighting chance in protecting its data, you need a defence system that’s completely automated, and even autonomous. With autonomous data management, database threats can be discovered automatically and then repaired. No human beings are involved. Patches are immediately applied while the database is running, which means you don’t need to wait around to find a window of downtime. This is essential for protecting your data on-premise and in the cloud.

Security in the cloud

The current state of cloud defence, in many cases, is just not good enough – not even close. The smartest technology companies are routinely penetrated, as we’ve seen in the unending stream of media stories about businesses having vast quantities of their data stolen. Even the most security-conscious government agencies are also vulnerable.

And because organisations don’t exist in isolation protection is needed both within the company and without. So, the cloud/s they run on also need robust cyber defences using the latest artificial intelligence and machine learning technologies; to find threats and kill them; to search and destroy. Again, the only way to win is to make the battle robots versus robots. It’s the only way to protect the cloud infrastructure without having both hands tied behind your back.

The good news is that the government intends to focus on emerging technologies such as blockchain, artificial intelligence, the Internet of Things (IoT), cloud solutions and data analytics; this pronounced focus will be a key driver for the local ICT market according to the IDC’s Kenya Enterprise ICT Market Outlook for 2018 and 2019.

Time to let machines take the lead

We’re already seeing some companies turning to use systems like the autonomous database for better protection – and without the additional overheads.

Take National Pharmacies, an Australian pharmacy chain, for instance. The company has to be able to move its data at speed for life-saving insights, but needs autonomous capabilities to keep protecting its database without human intervention; as it can’t risk loosening any security or privacy practices at any point.

So, with attacks becoming more frequent, and attackers getting smarter and businesses data more vulnerable, it’s time to let machines take the lead on the cybersecurity battlefield. In doing so, companies will then have at their disposal, the most advanced tools in order to fight – and win – against the most advanced threats.

Christine Ambetsa is the Regional Applications Sales Leader – East Africa at Oracle