New Cloud Threats require a new Approach to Defence


As companies hurry to embrace digital transformation projects, this year welcomes the rise of cloud adoption across businesses in all sectors. And although cloud applications have become revolutionary for businesses across the globe thanks to their efficiency and scalability, digital environments are now more complex. Many organisations now have less insight into their networks and data, causing a rise in vulnerabilities across all areas of the digital state.

Fundamentally, today’s problem for organisations is that security teams have historically adopted a fragmented approach for defending borderless, digital infrastructures. By spreading workloads across numerous cloud platforms such as Office 365, companies are unaware of where their data is, who has access or how it travels.

This problem has been worsened thanks to multiple cloud vendors. This is because each vendor has a role in the shared responsibility model for security. And although the products being used appeal to innovation and collaboration, they cannot provide cybersecurity with a holistic method.

Lack of visibility, however, is not the only problem. Other issues such as an unsecured cloud platform are technically legitimate. As a result, they may not be flagged up by native security solutions or traditional cyber defence tools as a vulnerability. And with poor exposure, the chances of noticing them are slim. Unfortunately, these kinds of issues make room for malware similar to the likes of “Xbash”, which arose two years ago.

Currently, Xbash attacks are automated, so its actions are predetermined by a cyber-criminal. However, if it were to use offensive AI in its attack methods, the malware could find a system and its vulnerabilities to then choose a successful method of attack.

The threat facing cloud computing from AI-powered attacks must be taken with caution, as the damage could spread across different areas of the business within seconds. This could affect companies on both a reputation and financial level.

Thousands of leading firms are now using an “immune system” approach to autonomously fight against cyber threats. With unsupervised machine learning, security systems can quickly spot foreign actors in their network, offering transparency of their digital estate. Defensive AI solutions can fight back, assessing the best course of action to stop an attacker.

In 2020, cyber-criminals will be embracing AI technology in their attack methods. This is why we should expect to see cloud-based offensives become quick and more powerful. AI is the best method for protecting our data and businesses.

Join us for ESRM 2020

Whitehall Media’s prestigious biannual 12th ESRM conference is set to discuss how enterprises are increasing awareness from the board down, adopting effective incidence response planning, adding threat analytics to their security response and investigating security events with robust incident forensics.