The Next Big Challenge: Cloud Complexity

Cybersecurity remains an ever-growing concern in our digitized, post-pandemic world. While rapid digitization opens doors to ample benefits and business opportunities, companies also have to deal with an uptick in cybercrimes, as criminals and other threat actors raise their game, making cyber attacks more frequent and complex than ever before. Consequently, businesses have suffered serious losses resulting from ransomware attacks, data breaches, and theft of trade secrets. 

Just recently in July, the Cyber Security Agency of Singapore (CSA) cautioned about the increase in cybercrime in Singapore which accounted for 43% of all crime in 2020 with a record number of 16,117 cases, up from 9,349 cases in 2019. 

Ransomware cases were on the rise in 2020, with a total of 89 ransomware cases reported to the agency last year, a “sharp rise” of 154% from the 35 cases reported in 2019. It mainly affected the small and medium-sized enterprises (SMEs) from sectors such as manufacturing, retail, and healthcare.

In addition, our Asia Pacific region is facing a future with severe shortages in data, cloud, and cybersecurity talents. According to an Amazon Web Services (AWS) report titled ‘Unlocking APAC’s Digital Potential,’ up to 819 million workers in Asia Pacific will be applying digital skills by 2025, up from just 149 million today. The average employee will require seven new digital skills just to keep pace with emerging technology and technological advancements.

As businesses continue their relentless march towards digitization, they face the issue of conversion gaps resulting from moving their data center capabilities into the cloud, as well as negligence in the importance of cybersecurity. How do we define this problem, and more importantly, how do we solve it? 

Defining Disruption 

Cloud complexity is the result of the rapid acceleration of cloud migration and net-new development, without anticipating the complexity this brings to operations.    

According to Splunk’s State of Security 2021 report, there are two prime security challenges facing a cloud-native security world — 50% of respondents cited maintaining consistency of policies and their enforcement across data centers and cloud, while 42% cited the cost and complexity of using multiple security controls. Cloud complexity, driven by transient workloads, new software development models, and heterogeneous public cloud usage, looks to be the next great security challenge for many organizations. 

Cloud Complexity Demands Consistency 

These challenges around consistency, cost, and complexity are not unfamiliar. As businesses work towards keeping up with intensifying security challenges, navigating cloud complexity, with better analytics and a clearer view of your data, is essential.

Our key recommendations include modernizing the Security Operations Center (SOC) through a zero trust approach, security operations process automation, modern SIEM, and increased training and staffing. 

• Zero trust approach: Focused on users, assets, and resources rather than a network perimeter as zero trust minimizes security risks by rigorously authenticating its end users. The model is built on three principles: Verify all users, systems, and devices, provide the least privileged access, and assume you have been breached. 
  
  
• Security operations process automation: It’s efficient, and essential. Security Orchestration, Automation and Response (SOAR) and User and Entity Behavior Analytics (UEBA) identify and respond to attacks without human intervention, and faster than a live actor could manage.
  
  
• Modern SIEM: SIEM (or Security information and event management) systems offer full visibility into activity within companies’ networks, empowering them to respond to threats in real-time.
  
  
• Training and staffing: An expanding organization is prone to increasing threats, and the presence of a strong security team is crucial.  Businesses can improve the effectiveness of their SOC teams through automation and integrated data analytics tools, saving both time and money required to get the job done.
  
  

Collectively, strengthening an organization’s SOC builds a modern, more effective security operations center that can better address today’s constantly evolving threat landscape. 

Keen to find out more about how you can realize the power of your data with Splunk? Join us for .conf21 on October 18-21 in Las Vegas or October 19-20 virtually, to discover insights, ideas, and tools for managing cloud complexity. Register today!