Enterprise security teams face unrelenting risks like phishing attacks, unpatched systems, and unauthorized Cloud applications. The best way to tackle those challenges, according to the Oracle and KPMG Cloud Threat Report 2019, is through cloud security automation including automated threat monitoring and patching of software vulnerabilities.
Cloud Security Automation
Alan Zeichick, Director of Strategic Communications for Oracle, wrote an article in Forbes about how cloud security automation is increasingly becoming the only effective way to tackle Cloud security threats. Research from Oracle and KPMG examined the threats that organizations are faced with and how automation can help combat them. The report, which came out in February, collected data from 450 cyber-security and IT professionals from private- and public-sector organizations throughout the United States, Canada, United Kingdom, Australia and Singapore.
Zeichick pointed out a few of the key takeaways from the research that Oracle and KPMG collected from these organizations. Some of the key findings from the Oracle-KPMG report include:
- 23 percent of respondents say their organizations don’t have the resources to manually patch their systems.
- 50 percent say that the use of unsanctioned Cloud applications resulted in unauthorized access to data.
- 48 percent say that unauthorized access introduced malware, 47 percent say that data was lost.
- 92 percent are concerned that individuals, departments, or lines of business within the organization are violating security policies around the use of Cloud applications.
- 69 percent of organizations stated that they are aware of a moderate or significant amount of unapproved Cloud applications, and another 15 percent stated that they were aware of a few of those apps in use.
These percentages indicate a need for the automation of rolling out patches and the need to set policies to limit the use of unapproved Cloud applications (and perhaps introduce technology to automatically detect or block such uses). The big picture conclusion that Ziechick came to was that “it’s more important than ever for businesses uses automation tools, in addition to human security analysts, to protect the business.”
Common Cloud Security Threats
The most common cyberattack is phishing emails. Other cyberattack methods include malware that moves through an organization and infects a server, employee misuse of privileged accounts, and “zero day” exploits that exploit previously unknown vulnerabilities in operating systems or applications.
According to the Oracle-KPMG report, 27 percent of organizations were attacked with email phishing in the past year. Phishing emails could either be generic messages that flood employee inboxes or personally targeted “spearphishing” messages. These emails contain malicious attachments or links and bait employees into clicking on them, which releases malware into their system. Messages in phishing emails are often disguised as important messages from coworkers or a boss, partners that the employee works with, or even their very own bank. If they don’t take the time to double-check that the message is legit, they can quickly get sucked into a phishing scheme.
How Cloud Security Automation Can Make A Difference
According to Brian Jensen, KPMG’s Risk Management Consultant and the Oracle-KPMG report coauthor, a typical large enterprise deals with 3.3 billion security events a month, but only 31 of those billions of events are real security evens or threats. It’s not realistic for organizations to find, recruit, hire, train and retain the number of security analysts that they would need to deal with this volume of alerts. This is where cloud security automation comes in.
The combination of intelligent automation and trained, skilled staff needs to be leveraged to architect a scalable solution to address Cloud security threats. Automation software can help with tedious, repetitive grunt-work like the installation and testing of patches or configuration changes. This frees up more time for the human team of IT and security analysts to focus on the more difficult problems in the organization.
In addition to cloud security automation, it’s important to train staff about the dangers of cyberattacks like phishing emails and more. You may also need to implement additional solutions to block phishing or spear-phishing emails and monitor systems for unusual behavior that might indicate that an employee’s account has been compromised. You cannot rely solely on automation. It is merely an additional line of defense to help your human team be better protected. Enforcing policies about the use of third-party Cloud services without IT approval is another helpful measure that you can take.
For more information about how automation can help organizations combat Cloud security threats, check out Alan Zeichick’s full Forbes article or the official Oracle and KPMG Cloud Threat Report, attached below. You can also explore the additional Quest resources about how automation and AI can influence the future of your organization, attached below.