Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cloud
    • Cloud
    • Cybersecurity
    • IT Management

    Top 5 Security Predictions for the Pace of Cloud

    By
    Greg Jensen
    -
    January 17, 2020
    Share
    Facebook
    Twitter
    Linkedin
      Cloud.Services

      As we look back across 2019, organizations saw a tremendous increase in not only the use of cloud for business, but the valuation of the data and applications hosted in the cloud.  According to Oracle and KPMG’s annual Cloud Threat Report for 2019, seven out of 10 respondents indicated they use more business-critical cloud services than in 2018. 

      Businesses have been utilizing cloud services in their business for years, but only recently have we seen growth in the use of cloud for business-critical data and services. While this is great for organizations that seek to reduce their costs and increase their capabilities for customers and employees, the fast-paced nature of some cloud initiatives is creating unnecessary risk combined with the real-world challenges of today’s business.  

      With the increase in cyber threats on the one hand, and the use of cloud for mission-critical applications and data storage on the other, I see the following five things playing out in the market this year.

      Prediction No. 1:  The Increasing frequency of incidents will drive change in the boardroom.

      With less than half of global companies sufficiently prepared for a cyberattack, according to PricewaterhouseCooper, business leaders are looking within the boardroom to better understand how cyber-risk, privacy and data protection is becoming a “distributed responsibility” for the c-suite. CEOs now play a central part in ensuring that the entire C-suite is playing a role in reducing risk and ensuring data/privacy protections. No longer is it solely the domain and responsibility of the CISO or the IT department.  In fact, more and more businesses are using BISOs (Business Information Security Officers) as a business focused leader with an eye for security and privacy within the line of business.

      Prediction No. 2: The top at-risk industries will see a disproportionate frequency in cyber-attacks.

      While other industries see more attacks on an annual basis, some industries are less prepared and have higher-value data–which increases their risk. Health care tops out the list, followed by manufacturing, finance, government and utilities. It is expected that the health-care industry will see a 4x increase in ransomware attacks from 2017 to 2020, according to Cybersecurity Ventures. Manufacturing risk is centered on compromised supply chains, while finance is dealing with increased cases of financial fraud and theft. The utilities industry invests less than 0.2 percent of its revenue in cybersecurity, putting the country at risk for infrastructure outages. Some industries are fighting back with increased investments in cyber resiliency programs. The U.S. now spends more on cybersecurity activities ($15 billion) than the overall defense spending of Norway and North Korea combined. 

      Prediction No. 3: Supply and demand shortages for cybersecurity positions will reach a critical mass.

      Oracle predicts there will be nearly 3 million unfilled security positions in 2020, and that number is climbing. Cybersecurity has held the title of zero-percent unemployment since 2011, according to Monster.com, and Oracle sees no change on the horizon. Some markets are ripe with talent, as seen in the D.C. area, where the cyber workforce is three-and-a-half times larger than the rest of the country combined. While this bodes well for the D.C.-based businesses, it also highlights the challenges outside of D.C. One of the many drivers of organizations shifting services to the cloud is to overcome this obvious talent shortfall. Complicating things further, cyber-analysts can earn up to three-and-a-half times more per year as “bug hunters” than as employees working to defend against the flaw. While many will struggle to fill their reqs with qualified staff, others will take advantage of cloud service providers to fill these gaps. 

      Prediction No. 4: Every employee will be personally attacked in an effort to exploit corporations.

      Ninety-one percent of cyberattacks in 2019 used a phishing attack on the front end of the attack chain, according to cybersecurity firm FireEye. Attackers target employees by scouring public career pages to understand reporting structures and roles, and then perform targeted phishing attacks (spear-phishing) to exploit application/data owners or even executive management. Attackers are finding numerous ways to exploit privileged users, and to exploit financial, HR and supply chain systems. This includes theft of credentials directly via cloned business services, or the repurposing of stolen consumer credentials.

      Prediction No. 5: Rate of cloud adoption will drive new strategic imperatives to mitigate risk.

      In war, you can’t easily defend the sky with ground troops. Same in IT, as cloud defense takes a different approach than on-prem data centers. Most businesses have shifted to cloud with only a bare foundation of security controls, such as identity management, and lack the overlapping layers of security that must be carried into the cloud. According to the Oracle and KPMG Cloud Threat Report, only 10% of organizations are able to collect, analyze and respond to the majority of their security event telemetry.  Ninety-three percent are dealing with cloud application use that is not in line with corporate guidelines and policies with regards to sensitive business data.

      Security teams are up against hundreds of cloud services that are either free or acquired via a credit card. These can be used to process sensitive business data–without the security and risk teams having any knowledge or awareness of them. This ability to deploy cloud faster than organizations can implement security and risk programs creates a strategic imperative around risk.

      These predictions highlight what many organizations will experience in 2020 when they focus only on secure strategies, and do not place more focus on developing a more security-minded culture.  

      Greg Jensen is a security and risk leader for Oracle Cloud with 25 years of experience in security. He is also the senior editor of the Oracle and KPMG Cloud Threat Report, and a contributing writer for Dark Reading and the Cloud Security Alliance. Jensen is a regular presenter at conferences such as RSA, Oracle OpenWorld and Cloud Security Days. He can be followed on LinkedIn or Twitter: @gregjensen10

      Greg Jensen
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×