As I discussed in my previous posts, cloud offers businesses unprecedented benefits, from opportunities to differentiate themselves from the competition, to increased efficiency and ability to innovate, to significant cost reductions. But how secure is it?

In a recent global survey of 275 security executives from the banking sector, we discovered that:1

  • One out of every three focused and targeted cyber breach attempts is successful.
  • The typical financial services organization faces and average of 85 targeted breach attempts per year.
  • Two to three effective attacks occur per month.
  • The greatest security impact comes from internal breaches made by malicious insiders.
  • Only 64 percent of effective breaches are identified by internal security, while employees, law enforcement and “ethical” hackers (so-called “white hats”) find most of the rest.

Banks, in particular, are acutely aware of these threats and are spending to avoid them. Part of the challenge is prioritizing where to focus resources for effective protection.

The good news is, investments into public cloud today go far beyond what one enterprise can support on its own. In fact, public cloud is more secure than anything you could have imagined.

Security benefits of public cloud include:

  • Anonymity—in contrast to an attack on a single client’s data center, where the perpetrators would be aware of whose private information they were stealing, an attack on a cloud provider would leave the perpetrators with no way of knowing which organization the data belongs to. As a result, the perpetrators’ ability to monetize the stolen data would be extremely difficult.
  • Encryption—third-party cloud encryption services provide organizations with additional layers of data encryption for applications that cloud service providers do not control, thus keeping data secure at all times, wherever it is stored.
  • Strength in numbers—even in the case of a terrorist attack, not all data centers of a cloud provider would be affected.

The biggest risk comes in where an organization’s internal system shakes hands with the cloud.

To address these issues, risk and regulatory management can help companies control risks and ensure compliance with relevant regulations as their organizations transition into the cloud. In addition, application security services, such as data loss prevention or advanced threat management, ensure that regulatory and client obligations are met no matter what.

 

1. “Building Confidence – Solving Banking’s Cybersecurity Conundrum,” Accenture, March 2017. Access at: https://www.accenture.com/us-en/insight-building-confidence-cyber-security-conundrum-banking

 

Submit a Comment

Your email address will not be published. Required fields are marked *