Latest ccse publications

If the past decade in enterprise IT was owned by cloud, then the next ten years will arguably be defined by our attempt to secure it.

The degree to which cloud has absorbed applications and data is well-documented. While companies are consolidating with hybrid deployments, according to some estimates, 91 percent of organisations have moved some portion of their workloads to the cloud.

As this new territory grows, so too does its attack surface. Organisations need to be armed and ready, yet many are getting into sloppy habits, particularly when it comes to basic data storage practices. Between June 2018 and May 2019 over 2.3 billion files were found on misconfigured or non-secured cloud storage technologies. As cyber security company Forcepoint has framed it, as more companies become “cloud smart,” a large number appear to remain “cloud dumb,” at least when it comes to security.

The oversight is partly because we naturally focus on the ways a new tool can make our lives easier without first considering its side-effects. True, it’s not only a matter of failing to get the basics right. Like with any new technology, it has taken time for us to grasp the multitude of ways that the cloud can leave companies exposed. Compounding this problem is the pace at which cyber hackers conjure up new means of attack.