In the age of digital transformation, and with the needs of the IT industry constantly growing, organizations are being tasked with adapting existing business processes and cultures towards new market dynamics. To meet this new demand, cloud-based services are being widely adopted due to their increased capabilities such as accessibility, flexibility, and capacity in comparison to traditional computing and storage methods.
With this digital transformation, new challenges for cybersecurity and resilience have emerged. In fact, concerns about cloud security issues may occasionally prevent firms from utilizing the cloud's many advantages.
How to select a Cloud Service Provider
When selecting a Cloud Service Provider (CSP), security teams must consider and understand what level and sensitivity of data shall be stored in the cloud and whether such data shall be subject to specific regulations such as PCI-DSS and GDPR. Organisations should also analyse SOC2 reports and certifications held by the provider, which provide a level of assurance on the service provider’s operations, security and resilience.
Whether making use of a Public, Private, or Hybrid cloud, both the cloud service provider and the client are accountable for cloud security. The level of responsibility applied to each party depends greatly on the service model adopted; Infrastructure as a Service (IaaS), Software as a Service (SaaS), or Platform as a Service (PaaS).
Six key initiatives to maintain cloud security
Whilst major CSPs provide a vast array of cloud security features and services, it is imperative that organisations maintain control and properly implement core security practices to facilitate secure cloud environments. We have outlined six key initiatives that can maintain security posture by minimizing risk, facilitating digital trust, and providing resilience within a cloud environment:
1. Identity and access management with role-based least privileges, multi-factor authentication, and strong, complex password policies.
2. Zero-trust across cloud networks through micro-segmentation equipped with behavioral-based intrusion prevention system, limiting attacker movement and ensuring least privilege at network level.
3. Posture, configuration, and patch management among virtual servers, including ongoing auditing of misconfigurations and addressing remediating activities.
4. Inspecting and limiting traffic to and from web application firewalls (WAF) and updating rules based on network traffic behaviour.
5. Data encryption at rest and in transit, as well as good data storage practices both locally and on-cloud.
6. AI-based anomaly detection algorithms and real-time threat detection models, triggering manual or automated remediation workflows.
To strenghtent the financial sector's resilience, the EU has established the upcoming Digital Operational Resilience Act (DORA), which brings about a solid framework to ensure ongoing trust, understanding and transparency among service providers, regulators, and financial institutions.
The regulation places significance on ICT-related services such as cloud platforms, and their capabilities and responsibilities in maintaining resiliency through effective incident management, business continuity and disaster recovery preparedness. Cloud Service Providers must therefore work with organisations to enhance and maintain coordinated ICT incident reporting, digital operational resilience testing, third-party risk management, as well as direct oversight of critical ICT service providers.