All about Virtualization and Cloud Security | Recent Articles:

• A growing number of organizations are increasing their use of the cloud.

• These workloads, including databases, transactions, and analytics, are vital to business operations.

• Cloud workloads are different from regular endpoints which is why security teams need to deploy platforms specifically designed to protect these resources.

It’s no surprise that the cloud now dominates the modern IT infrastructure landscape. More and more workloads are shifting to cloud services, as organizations look to reap the benefits of the cloud computing model. The flip-side of this trend is that cyber criminals also see opportunity and are constantly looking for and finding new ways to exploit weaknesses in the cloud. That means cyber security leaders and teams need to focus on bolstering cloud workload security.

Businesses See the Cloud as Vital to Growth

The results of a survey by professional services firm PwC highlight that business leaders across the C-suite are seeing the cloud’s vital role in both defining and achieving their organization’s growth and operational ambitions, and they have high expectations for what the cloud can deliver for their organizations. A majority of executives in the survey (92%), say their companies are “all-in” on the cloud or have adopted it in many parts of the business.

Spending on Cloud Services Continues to Rise

Perhaps the best proof of cloud acceptance among organizations is that they are spending more on cloud services. An April 2021 report by research firm Gartner shows that worldwide end-user spending on public cloud services is forecast to grow 23% in 2021, totaling $332.3 billion. That’s up from $270 billion in 2020.

The events of 2020, namely the Covid-19 pandemic, allowed CIOs to overcome any reluctance to moving critical workloads from on-premises to the cloud, according to the report. In addition, emerging technologies such as virtualization, containerization, and edge computing are becoming more mainstream and driving additional cloud spending.

A number of key business workloads are suitable for cloud environments. These include database workloads to support a number of business processes; transactional workloads such as billing and order processing; batch workloads to support back-office operations; and analytic workloads to analyze data for business insights.

As more companies become aware of the economics of using the cloud, it’s likely that the workload shift away from on-premises systems will continue. Unfortunately, this also creates a growing number of targets for cyber criminals.

New Security Issues with Cloud Adoption

The security issues involved with the cloud are different from those associated with on-premises systems and endpoints. The cloud encompasses a more diverse and highly connected architecture, and much about it is out of an organization’s control. It’s also more dynamic, with machines being created, moved across servers and clouds, and deleted dynamically—sometimes existing just for a few seconds.

Many of the typical endpoint security tools available are not necessarily suited for cloud environments and some of the point solutions that evolved specifically for some of these environments are narrow in scope.

Importance of Cloud Workload Security Platforms

This is why adopting a dedicated cloud workload security platform is important. Such a platform should offer integration between on-premises and cloud services and provide the scalability, visibility, as well as advanced security designed to work within a dynamic cloud environment.

Vendors that can provide cloud and on-premises-based cloud workload security platforms can deliver comprehensive cloud workload protection and posture management to their customers, according to a Forrester Wave report from Forrester Research.

The report, which includes a detailed evaluation of cloud workload security providers, notes that “customer needs in securing workloads are changing. Old-school, on-premises security tooling [for example, security analytics/security information and event management, endpoint detection and response] no longer cut it.”

Organizations today have to monitor and control the proliferation of cloud workloads comprehensively across multiple tiers, Forrester says. When addressing cloud workload security, they should look for platforms that offer features for guest operating system native protection. “Many of the threats in workloads are still traditional changes to configuration files and network intrusions,” the report says.

Security teams need tools that offer memory integrity monitoring, host-based firewalls, and intrusion detection/prevention, and allow for scalable deployment of protection to a large number of workloads without interruption, the study says.

Learn more about how Bitdefender Gravityzone can help improve your security posture and protect mission-critical assets.

• Ransomware attacks are on the rise and costing companies millions of dollars, and enterprises need to take steps to protect themselves from these threats.
• Best practices for defending against ransomware include strengthening the overall security posture with stronger access controls such as strong endpoint protection, two-factor authentication, employee training, and data backups.

Ransomware is hitting organizations hard, and there seems to be no end in sight for these damaging attacks on enterprises of all sizes and across industry verticals. With major ransomware news breaking almost daily, enterprises are beginning to take the threat seriously due to the risk of financial losses, business downtime, loss of customers, bad publicity, and other unpleasant results.

• Ensuring data privacy is now a worldwide concern, with many countries adopting data protection laws
• Much work still needs to be done to ensure the privacy of information
• Tools and training are keys to success

• Ransomware, banking malware, unwanted applications, and Android attacks all rose significantly
• Pandemic-related incidents had a big impact
• Similar threats expected for this year, and cyber security teams need to have the right security tools in place

• Efforts have long been underway to create more advanced cryptography, and the market appears ready to deploy these solutions
• Promising new approaches include quantum key distribution, biometrics encryption, and homomorphic encryption

• More people are using wearable devices such as smartwatches, in part because of the work-from-home model
• These devices store growing volumes of personal data and in many cases are connected to corporate resources, presenting potential security risks

• Security for industrial infrastructures is likely to get more attention with the continuing growth of the Internet of Things
• The global industrial cyber security market is expected to grow 8% between 2020 and 2027, according to research by Fortune Business Insights
• Among the emerging market trends is the integration of industrial cyber security products with advanced cloud services, needed to monitor and analyze growing volumes of data

• Organizations’ concerns about cyber security, privacy, cloud, and technology resilience are fueled by changing business priorities, remote work, and accelerated deployment of new technologies, according to report.

• Financial services firms are major targets of cyber attacks
• A recent report describes six “extreme but plausible” future cyber threats finance firms need to be aware of when thinking about which industries are prime targets for cyber security breaches, financial services certainly comes to mind. 

• An overwhelming majority of business and technology executives worldwide plan to shift their cyber security strategies due to the pandemic, according to a new study.
• One of the most prominent trends has been an accelerated push to digital transformation, and this has had a big impact on cyber security.
• The role of the CISO has never been more critical to organizations’ survival and growth.

• Cyber criminals are changing their tactics to take advantage of emerging vulnerabilities, according to a new report.
• Five key factors are influencing the cyber threat landscape.
• By taking certain steps, organizations can build a more security and agile environment.

• Fewer organizations are taking steps to mitigate cyber security risks compared with a year ago, even though the level of concern about threats has increased during the pandemic, according to a survey of business leaders.
• Nearly one quarter of the respondents said their company had been a victim of a cyber event.
• Cyber security concerns appear to be driven by the impact of the pandemic on businesses’ operations and workforces.
• Enterprises should consider taking certain steps to help reduce risk during a time of ongoing uncertainty and remote workforces.