Connect with us

TECHNOLOGY

Cloud data breaches and cloud complexity on the rise

Published

on

A graphic of a padlock representing cybersecurity.


45% of businesses have experienced a cloud-based data breach or failed audit in the past 12 months, up 5% from the previous year, raising even greater concerns regarding to protecting sensitive data from cybercriminals.

This is according to the 2022 Thales Cloud Security Report, conducted by 451 Research, part of S&P Global Market Intelligence.

Globally, cloud adoption and notably multicloud adoption, remains on the rise. In 2021, organisations worldwide were using an average amount of 110 software as a service (SaaS) applications, compared with just eight in 2015, showcasing a startlingly rapid increase. There has been a notable expansion in the use of multiple IaaS providers, with almost three-quarters (72%) of businesses using multiple IaaS providers, up from 57% the year before. The use of multiple providers has almost doubled in the last year, with one in five (20%) of respondents reporting using three or more providers.

Despite their increasing prevalence and use, businesses share common concerns about the increasing complexity of cloud services with the majority (51%) of IT professionals agreeing that it is more complex to manage privacy and data protection in the cloud. Additionally, the journey to the cloud is also becoming more complex, with the percentage of respondents reporting that they’re expecting to lift and shift, the simplest of migration tactics, dropping from 55% in 2021 to 24% currently.

Security challenges of multicloud complexity

With increasing complexity comes an even greater need for robust cybersecurity. When asked what percentage of their sensitive data is stored in the cloud, a solid majority (66%) said between 21-60%. However, only a quarter (25%) said they could fully classify all data.

Additionally, nearly a third (32%) of respondents admitted to having to issue a breach notification to a government agency, customer, partner or employees. This should be a cause for concern among enterprises with sensitive data, particularly in highly regulated industries.

Advertisement

Cyber-attacks also present an ongoing risk to cloud applications and data. Respondents reported an increasing prevalence of attacks, with a quarter (26%) citing an increase in malware, 25% in ransomware and one-fifth (19%) reporting seeing an increase in phishing/ whaling.

Protecting sensitive data

When it comes to securing data in multicloud environments, IT professionals view encryption as a critical security control. The majority of respondents cited encryption (59%) and key management (52%) as the security technologies they currently use to protect sensitive data in the cloud.

However, when asked what percentage of their data in the cloud is encrypted, only one in ten (11%) of respondents said between 81-100% is encrypted. Additionally, key management platform sprawl may be an issue for enterprises. Only 10% of respondents use one to two platforms, 90% use three or more, and almost one in five (17%) admitted using eight or more platforms.

Encryption should be a priority area for enterprises to focus on when it comes to securing data in the cloud. In fact, 40% of respondents stated that they were able to avoid the breach notification process because the stolen or leaked data was encrypted or tokenised, showcasing the tangible value of encryption platforms.

Additionally, it is encouraging to see signs enterprises embrace Zero Trust and investing accordingly. Nearly a third of respondents (29%) said they are already executing a Zero Trust strategy, a quarter (27%) said they are evaluating and planning one and, 23% said they are considering it. This is a positive result, but there is certainly still room to grow.

Sebastien Cano, senior VP for cloud protection and licensing activities at Thales, said: “The complexity of managing multicloud environments cannot be overstated. Additionally, the growing importance of data sovereignty is increasingly raising questions for CISOs and Data Protection Officers when considering their cloud strategy, governance, and risk management. The challenge is not only where the sensitive data resides geographically, but even who has access to sensitive data inside the organisation.

“There are various solutions such as encryption and key management. Last but not least, continuing to embrace a Zero Trust strategy will be essential in securing these complex environments, helping to ensure organisations can support their data and manage future challenges.”

Advertisement

Tags: , ,



Source link

TECHNOLOGY

How Businesses Can Automate Root Cause Analysis (RCA) With Machine Learning

Published

on

How Businesses Can Automate Root Cause Analysis (RCA) With Machine Learning


In the event of a severe incident for your business, you need to analyze what exactly changed (the root cause) to understand its impact.

Using machine learning for root cause analysis can help identify the event that caused the change quickly and easily.

Things can sometimes go wrong in your business’s daily operations. It can be a minor issue, such as a system outage lasting for a couple of minutes. Or it can be something severe as a cyberattack.

Generally, such events result from a chain of actions that eventually culminate in the event. Identifying the root cause is the best way to solve the issue. But manual root cause analysis takes time and often doesn’t provide the exact cause of a mishap. Using machine learning for root cause analysis can automate the process, helping identify the underlying cause quickly and with higher accuracy.

Power of Machine Learning for Root Cause Analysis

To understand why an issue occurred, you need to identify the root cause. But root cause analysis can often be complex and provide inaccurate results. Using machine learning for root cause analysis helps solve this issue.

ML_in_RCA.png

Log Analysis

Using machine learning for root cause analysis can help zero in on the exact location of the problem. You don’t have to scroll through infinite logs to identify which components were impacted and when. The machine learning program can automatically and quickly find the root cause by analyzing a given log data set. 

Moreover, the machine learning program can even predict future incidents as more and more data is available. The program compares real-time data with historical data to predict future outcomes and warns you of any unwanted incident beforehand. This will help improve your incident response, reduce downtime and improve productivity.

Advertisement

Benefits of Using Machine Learning for Root Cause Analysis

There are many benefits of using machine learning for root cause analysis. It can help teams take the right action at the right time, minimizing your losses. Some of the benefits are discussed below.

Reduces Costs

The cost of solving the issue is reduced as your teams don’t have to guess and work around blind spots. Machine learning tools locate the exact line of code responsible for a performance issue, and your team can start working on fixing it right away.

Saves Time

The time spent fixing the issue is significantly reduced as it helps solve business pain faster by locating the cause quickly and accurately.

Provides Long-Lasting Solutions

Machine learning tools provide a permanent solution for your problems and foster a productive and proactive approach.

Grows Your Business

Using machine learning for root cause analysis helps improve the efficiency and productivity of your organization, which eventually leads to business growth.

 

No system is perfect. Incidents will happen, no matter what. But what you do afterward is in your control. Root cause analysis should be done as soon as possible. Using machine learning for root cause analysis not only improves your incident response, but over time, it can also help prevent incidents from happening in the first place.



Source link

Advertisement
Continue Reading

DON'T MISS ANY IMPORTANT NEWS!
Subscribe To our Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

Trending

en_USEnglish