The need to 'baseline' cyber-security and cloud services

2020 has been a tough year, and the impacts of COVID-19 are still running their course. 80% of businesses have seen a rise in cybercrime activity and attacks on Financial Services have been growing at 238%. Credential theft, human error and social attacks are responsible for 67% of all breaches, and almost half of us will avoid businesses that are victims of malicious cyberattacks.


The stats are alarming and organisations now take cybersecurity very seriously indeed. As digital and cloud services become ever more ingrained in our daily lives, we’ve examined the underlying technology challenges and issues facing businesses today.


It’s an increasingly hostile and evolving cyberthreat landscape, and enterprise IT environments are becoming ever more complex. The global lack of cybersecurity talent and the need to protect systems and data, now operating beyond traditional perimeters, is essential.


To date, many organisations have been reluctant to move away from on-premise, in-house technology systems to run their computing, data storage and cybersecurity protection. This is changing as market forces and advanced threats from cyberspace outstrip the commercial viability and security protection of in-house datacentre operations.


Cybercriminals continue to find new ways to breach defences. 75% of attacks now start through an email, and once an account has been compromised, hackers tend not to launch an immediate attack. They bide their time, monitoring emails and company activity to maximise the impact of the breach. Channel Island businesses have seen such attacks, with simulated and malicious messages, ostensibly from colleagues, being circulated internally with dangerous consequences.

Says Malcolm Mason, Sure’s Professional Services Consultant for Cloud and Data;


“Protecting valuable and sensitive data from a security breach is an arms race between cybercriminals and technology solutions providers. It’s mission critical to protect sensitive data and eliminate downtime in the event of an incident. The consequences of a malicious cyber-attack can threaten the very survival of a business."


The evolution of cloud services over recent years has led to increasing adoption levels by the business community. The difficulties running and maintaining legacy systems, along with a demand for simpler and more agile customer services, now makes the ‘do it  ourself in-house’ model both uneconomic and ill-advised.


Globally, there’s a technology skills shortage in cyber security, and because of this, highly secure enterprise and private cloud services that meet very stringent operational requirements are increasing in popularity.

But cloud services in isolation lack the advanced protection needed to meet today’s security challenges, and as cybercrime and security solutions evolve, organisations must be able to identify emerging gaps in their security.

This must include regulatory requirements, pro-active identification and eradication of on-going threats, and the continual improvement of defence mechanisms through a regular ‘baselining’ of protection levels across the entire organisation.


Long established fears of control loss and the sharing of ‘compute’ hardware with other organisations have gone away. Foundation platforms and business systems can now run on dedicated and isolated equipment in highly secure, island based datacentres, with IT departments remotely accessing and securely managing their own infrastructure.


There’s a commercial logic to managing core IT in this way. The physical hardware and networking on which services run is the very latest and best available. No Capex is required, and businesses pay only for the services they consume. Legal and regulatory requirements are another factor, with top-tier cloud infrastructures exceeding requirements, and enabling organisations to prove operational compliance.

The very latest global cyber security protection is integrated with those cloud services, using Gartner recognised, leading industry partners. Customers no longer need concern themselves about the threats from cyber space, and the lack of local expertise to protect against this.

Cloud based disaster recovery services continuously capture and track data changes, and should an incident occur, automated recovery and back-up takes over, ensuring no loss of service, whilst a rewind and restore of core systems, back to any point in time before the failure, takes place.


"Leading cloud services come with 24/7 back up and support."


Leading cloud services come with 24/7 back-up and support, negating the need for ‘in-house’ round the clock management and monitoring of services. IT leaders can sleep soundly in their beds knowing they’ve done all they can to protect their systems, intellectual property and operational performance.


Scalability is another head ache that has been removed. Such datacentres have ‘bucket-loads’ of resource and capacity, enabling businesses to scale up quickly when launching new services and managing peaks in demand.

Maintaining business stability and credibility is essential for business, and companies have been nervous of moving to cloud services too early. It seems that Enterprise and Private Cloud evolution has reached the point of acceptance, just as a perfect storm of malicious cyberattacks, customer demand for always on-services, and a lack of cyber-security human resources hits us.


Concludes Malcolm Mason; “Cloud’s coming of age is occurring at the very time when many legacy IT systems are about to utter their last breath. Mission critical, highly secure services are ready and waiting to pick up businesses workloads.”

 

Find out more about Sure's Offshore Data Centre and Cloud Services here