Sunday, November 24, 2024
Sunday, November 24, 2024
- Advertisement -

Many organisations still do not have sufficient security for their cloud deployments

Email remains the top threat vector used to attack both government and businesses of all sizes

Must Read

- Advertisement -
- Advertisement -
  • Existing enterprise security stack, including security controls such as data loss protection, cannot scale to the cloud.
  • New controls to secure container-based workloads, lockdown cloud configurations and encrypt data in the cloud are still being deployed.

Many organisations still do not have sufficient security for their cloud deployments despite the widespread transition to cloud computing.

Many organisations have transferred their legacy applications to infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) platforms and have also expanded their use of software as a service (SaaS) to meet enterprise application requirements, resulting in a broad distribution of sensitive information across a variety of cloud platforms.

Mohammed Al-Moneer, Regional Director for the Middle East, Turkey and Africa at Infoblox, said that the existing enterprise security stack, including security controls such as data loss protection, cannot scale to the cloud and new controls to secure container-based workloads, lockdown cloud configurations and encrypt data in the cloud are still being deployed.

As of the end of 2020, he said that many organisations have still not implemented necessary cybersecurity to protect this far more distributed user base. 

Mohammed Al-Moneer, Regional Director for the Middle East, Turkey and Africa at Infoblox.

“Email, a vital and essential tool, remains the top threat vector used to attack both government and businesses of all sizes. Despite training and warnings, users continue to open suspicious emails, both in their business and personal accounts. They click on malicious email attachments and URLs and view websites not generally associated with business use,” he said.

According to Infoblox’s Quarterly Cyberthreat Intelligence Report for the fourth quarter of last year, Email, social media and collaborative software have created more vectors than ever for threat actors to target organisations while Infection from malware can result in the loss of sensitive data and open channels for threat actors to target more victims.

“Proprietary business information is at risk when workers use personal and business instances of applications such as Office 365 on the same machines, collaborate within clouds and connect to an ever-increasing number of SaaS clouds that are not work related and not sanctioned by their IT department,” Al-Moneer said.

However, he said that many cybersecurity procedures and security controls used within enterprise facilities cannot provide the same level of security for remote locations. 

Move to new controls needed

The on-premises legacy enterprise security stack will not work for remote workers without significant redesign, planning and a move to new security controls to support distributed infrastructure and cloud deployments, he said and added that Domain Name System (DNS) security can be configured to protect teleworkers but many organisations don’t yet have the additional protections and visibility that DNS security deployment would provide. 

“The same is true for expanded threat intelligence data – it can be tremendously useful, but only if you have it. The situation is further complicated by teleworkers who must use personal “untrusted” devices to access critical corporate resources and information,” he said. 

For all of these reasons and more, he said that cyber threats remain alive and well and the threat actors will innovate, adjust and sustain proven methods in 2021. 

“Rogue nation-states and organised crime will continue to build on their offensive capabilities. Accurate intelligence about timely, relevant threats enables an organisation to make thoughtful, targeted improvements to its defences and lower its risk,” he said.

Related posts:



Sign up to receive top stories every day

- Advertisement -

Latest News

Locad raises $9m to spread wings into UAE and Saudi Arabia

Locad new funding will also be used to enhance Locad's AI-driven smart logistics capabilities.

UAE stands at helm of tech-driven banking revolution in Mideast

UAE commands major portion of region’s $3.2tr banking assets and aims at establishing a global benchmark.

India takes regulatory action against WhatsApp and fines $25.4m

CCI directes WhatsApp to cease sharing of user data with other applications owned by Meta Platforms
- Advertisement -
- Advertisement -

More Articles

- Advertisement -