Organizations that have embraced cloud computing may overlook the risks and challenges that they never had to deal with before.
Before the pandemic took root, some cloud-averse organizations had finetuned their legacy IT infrastructure and were complacent. Within a year, many have had to rush to cloud transformation to survive the battered economy.
Then came the upsurge in cybercrime as state-sponsored actors and desperate hackers took advantage of massive increase in attack surfaces as organizations and institutions started going on the Cloud in a big way.
However, as we have learned by now, latecomers to the Cloud—as well as organizations that were too focused on cloud benefits but not cloud risks—had overlooked the importance of cloud-native cybersecurity practices to keep the increased attack surfaces secure. Many paid the price when they suffered hackings, data breaches and run-ins with the data protection authorities.
What could we learn from this saga? DigiconAsia had the opportunity to dig the brains of David Sajoto, Vice President (Asia and Japan) of cloud-native network detection and response firm ExtraHop. He is a firm proponent of automating cloud security via AI and machine learning.
DigiconAsia: How does one go about trying to convince organizations that are wary of full dependence on the Cloud, to dispel their reluctance?
David Sajoto (DS): With the rise in remote-working in the current pandemic, there has been a greater acceptance of cloud computing, which has facilitated business continuity and collaboration via mobile access to corporate data via smartphones and devices.
Those organizations that are wary of the cyber risks of large-scale cloud migration can consider solutions that detect threats and network anomalies in real time. The use of machine learning can balance workloads between on-premises network sensor appliances and cloud-hosted services with complete visibility and intelligence.
Another reassuring benefit of today’s cloud solutions may help reluctant businesses to reconsider embracing cloud computing. AI and machine language features can now help such firms take a more proactive approach to business planning and operation to anticipate future requirements ahead of time. This ‘cloud scale AI’ combines AI and machine learning capabilities in cloud-based environments to provide insights to IT teams so that they can make intuitive and accurate decisions based on the rich data.
DigiconAsia: How do organizations in the region secure their cloud resources amid the lack of IT resources that have been diverted to handling the challenges of remote working?
DS: Market research firm Gartner has observed that with the shortage of skilled security practitioners, there has been a push for organizations to leverage security process automation. In addition, one trend report had revealed that IT teams in the Asia Pacific region and Japan can take about 94 days to identify and mitigate a breach, meaning that a significant amount of time elapses between the occurrence and discovery of a breach.
Although breaches are inevitable, the speed with which it takes to respond to one is often a greater concern. With the real-time network monitoring and visibility according by cloud-scale AI, IT teams can depend on the system to automate and augment human decision-making across a broad set of use cases, not only in cybersecurity but in operational efficiency and agility.
DigiconAsia: In 2019, a survey showed that cyber incidents in Singapore were largely due to internal factors, human error and system malfunctions/technical faults. Can AI-enhanced NDR eradicate such glitches? Why would AI or automation be less prone to errors?
DS: AI is a dynamic form of software that gets smarter as it analyzes more data, learns from experience, and becomes increasingly capable and autonomous. Given enough time, AI may be able to remember all its past glitches. However, as cyber criminals become more strategic, AI gets less time to catch up with the cyberattacks. With cloud-native network detection and response (NDR), there is unified visibility across all aspects of the network and IT operations, regardless of deployment model.
NDR also allows IT teams to detect and respond to actual threats in cloud environments or off-premises. When teams use AI-driven cloud NDR, their ability to respond to threats in real time is boosted, and with this comes a stronger security posture and vast improvements in operational efficiency and uptime.
However, organizations must not overlook the human element in analyzing such threats. The combined efforts of human and machine produce a greater effect than either could achieve alone.
DigiconAsia: To control active network threats and stop breaches, organizations incur costs that increase with company size. How can these costs be managed?
DS: The cost of security services increases when organizations possess large volumes of data based on a Software-as-a-Service (SaaS) consumption model.
Organizations need to assign a budget based on their security requirements. As cybersecurity risks increase alongside the amount of confidential and critical data, enterprises with tighter budgetary constraints should consider securing their network at an early stage.
Regardless of size, organizations should continue to identify potential loopholes of online vulnerability. They should start early to protect their business from the inside with complete visibility of devices, lateral movement, and anomalous behavior.
DigiconAsia: What is your ultimate advice for organizations that have embraced cloud computing, but have budgetary constraints and are inclined to make compromise in cloud security for the sake of immediate business needs?
DS: Without a doubt, organizations need to focus on establishing pathways to new revenue, improved customer experience, and new market opportunities through innovations.
However, regardless of the decisions that business leaders make, they need to remember that the goal is to be innovative but in a safe, sensible way. (Otherwise, the innovation that took so much effort will still end up not being sustainable.)
