World Cloud Security Day highlights rising cyber threats

World Cloud Security Day brings focus to the increasing importance of securing cloud environments amid rising cyber-threats.

Morey J. Haber, Chief Security Advisor at BeyondTrust, remarks on the significance of the day, saying, "World Cloud Security Day marks not just a date, but a reminder of how cloudy our digital skies can become. As organisations transform workflows with an increasing dependency on the cloud, their exposure to sophisticated cyber threats rises accordingly." Haber emphasises that cyber-attacks necessitate reshaping business culture with embedded vigilance beyond traditional corporate perimeters. He adds, "Breaches today are not surprises; they are indicative of gaps between rapid innovation and faults in secure-by-design maturity. Cloud Security Day compels us to confront uncomfortable truths regarding convenience, innovation, security, and privacy."

Alex Smith, Director of IT and Corporate Security at Censys, notes the synonymous nature of cloud security and general security, given the prevalence of cloud-hosted services. He highlights the need for enhanced visibility and awareness of digital environments, stating, "A lack of visibility can lead to misattributed internet-facing assets and outdated data, leaving exposures unsecured for days, weeks, sometimes years." He refers to a 2024 research study indicating significant global exposure of Industrial Control Systems, with a notable percentage in Asia, warning, "Threat actors taking advantage of these exposures can wreak havoc on unsuspecting populations with no forewarning."

Les Williamson, Managing Director for Australia and New Zealand at Check Point Software Technologies, underscores the necessity of a Zero Trust framework as foundational for cloud security. Williamson elaborates, "Ensuring that only authorised users can access resources is a fundamental part of Zero Trust," and stresses the importance of continuous authentication and verification methods like MFA. He further explains that Zero Trust, coupled with strict endpoint protection measures, forms a comprehensive protection strategy against unauthorised access.

Williamson also touches on the potential of AI-powered solutions in enhancing security frameworks. "The time it takes to identify a breach can have a major impact on the corresponding damage," he notes, illustrating the role of AI in reducing detection times and associated costs, citing the IBM 2024 Cost of a Data Breach Report.

Ezzeldin Hussein, Senior Director of Solutions Engineering at SentinelOne, speaks to the foundational role of cloud security in digital trust. He stresses its necessity for innovation and resilience, noting, "Cloud security is not just about protection; it's about trust, resilience, and enabling innovation." He advocates for a Zero Trust mindset and the use of AI-driven threat detection, urging collaboration towards stronger cloud security practices.

Mathieu Chevalier, Principal Security Architect at Genetec, addresses the transition to cloud solutions in physical security. He recommends several strategies for strengthening cloud security, including adopting a zero-trust model, regular updates and system patching, implementing granular access control, ensuring data sovereignty, and collaboration with trusted partners for ongoing threat monitoring.