There still exists the misconception that cloud security is solely the responsibility of the cloud service provider: Virag … – ETCIO South East Asia

4 minutes, 24 seconds Read

There still exists the misconception that cloud security is solely the responsibility of the cloud service provider: Virag Thakkar, Thai Union Group PCL, ETCIO SEA

In the background of World Cloud Security Day this month, we caught up with Virag Thakkar, the Global Head-Cyber Security for Thai Union Group PCL on mitigating cloud security risks in 2024.

Shweta Modgil

  • Updated On Apr 15, 2024 at 05:00 AM IST

image

As more and more organisations move to the cloud, cloud security is fast becoming a critical element of cloud computing and gradually, the world is growing more aware of its importance. Since 2019, World Cloud Security Day has been celebrated on 3rd April every year as a way to raise awareness about the importance and techniques of securing data and information stored in the cloud. In this light, we caught up with Virag Thakkar, the Global Head-Cyber Security for Thai Union Group PCL. Virag comes with over 20 years of leadership experience in Cyber & Information Security covering audit compliance, privacy frameworks, risk management and establishing Security Operations.

How do you see cloud security scenarios panning out in JAPAC as more and more organisations take their most sensitive data to the cloud? Which industries do you think will be more susceptible to these risks?

continued below

As more and more sensitive data is shifted towards the cloud, securing the same is getting more complex. On top of it, with AI coming into foray, the threat landscape is changing very rapidly than ever before. There is an increased “attack surface” as more organisation shift towards digital adoption. The transformation journey brings misconfigurations and data hygiene, into more focus.In the last few years or should I say even decade, the concept of financial and healthcare inclusivity across the JAPAC region has put those industries in a more focused and susceptible position. Government entities with huge data banks are also very much at risk.

What do you feel is one thing organisations tend to do wrong when it comes to cloud security?

There still exists the misconception that cloud security is solely the responsibility of the cloud service provider (CSP). While CSPs offer robust security features, securing data is a shared responsibility. Identity & Access Management, right configuration and data hygiene needs to be embedded within the culture of digital practices. By not taking ownership of their security responsibilities in the cloud, organisations leave themselves exposed to potential breaches.

What are the kinds of surges being witnessed in adversaries leveraging stolen identity credentials to exploit gaps in cloud environments?

Stolen identity due to multi factor authentication and weaker encryption algorithm remains the biggest challenges. Inspite of increase in awareness campaigns, the human link remains the weakest.

There’s a significant increase in the volume of attacks due to exploited credentials. Dark web is no longer unknown and it’s very easy to access and buy identities easily. Also, criminals are getting smarter and are targeting high value identities /users which grants them more privileges in the cloud environment.

With adversaries turning their sights to the cloud through valid credentials – creating a challenge for defenders looking to differentiate between normal and malicious user behavior, what are some steps companies can take to mitigate and manage cloud intrusions?

As stated earlier, organisations need to strengthen their landscape. This needs to be done by focusing on two areas.

Authentication & Authorisation: Zero trust as principle and least privilege should be implemented as best practice. Further, multi factor authentication (MFA) and strong encryption algorithms should be mandatory for all identities and sensitive data. Contextual authentication systems also need to be looked into. E.g.MFA for logins from unrecognised devices or locations or privilege access only during incident / relevant service requests.

Monitoring & Analytics: User & Entity behavior analytics (UEBA) plays a significant role in monitoring and identifying anomalies in cloud environments. All sessions need to be logged and monitored, especially for unusual data transfers. Also Cloud Workload Protection Platform (CWPP) platforms can help in intrusion detection, vulnerability management for cloud based environments.

Make sure to have an appropriate incident plan in place to respond in case of a security incident. This includes steps for identifying the breach, containing the damage, eradicating the threat, and recovering from the attack and these should be tested using table top exercises.

If you had to give just one big advice to organisations to mitigate cloud security risks in 2024, what would that be?

My one piece of advice would be to have a proactive and shared responsibility approach towards cloud security. The risk cannot be transferred to CSP.

Focus on education within your organisation not only at the end user level but identifying the skill gaps within the digital technology teams. This will help reduce misconfiguration related risk, rolling out best practices related to IAM & incident responses.

By taking a proactive approach and ownership of their security posture in the cloud, organisations can significantly reduce their risk of falling victim to attacks that exploit stolen credentials, misconfigurations, or other vulnerabilities.

  • Published On Apr 15, 2024 at 05:00 AM IST

Most Read in Cloud Computing

This post was originally published on the 3rd party site mentioned in the title of this this site

Similar Posts