Light Dark
November 24, 2014 By Rick M Robinson 2 min read
Cloud Security

Information technology (IT) and the ways businesses and other organizations use that technology are undergoing a transformative change. The cloud, along with mobile — the two are deeply intertwined — are changing the ways organizations manage their crucial information.

The requirements of information security are also undergoing dramatic changes. Staying ahead of threats is an ongoing challenge in the cloud and mobile era, while the threats themselves are ever more sophisticated. What can organizations do to protect themselves and their most valued data?

Moving Beyond the Myths

At a Web event in early November, Brendan Hannigan, general manager of IBM Security Systems, presented an overview of the new world of security threats and what organizations can do to protect themselves.

The first step in staying ahead of threats is letting go of security myths that remain pervasive. Firms continue to believe they are not infected; they are. Firms also believe that what they’ve already done is sufficient; it isn’t. They look for a magic bullet; there isn’t one. Or they believe that the whole company has to be put in a state of lockdown. It doesn’t.

The key to effective security is not wishful thinking on one hand and paranoia on the other. The key is deploying intelligence.

Staying Ahead of Threats

In everyday usage, “intelligence” means being smart. In a more technical sense, it means gaining information about threats. Both meanings apply to security intelligence.

Cybercriminals and other malicious hackers are relentless and sophisticated. However, they do not have magical powers. Their efforts to break into an organization’s information systems leave telltale traces. These signals can alert the security team to the attempted attacks and guide countermeasures to block the attack and safeguard priceless information.

A key first step in security intelligence is assessing an organization’s data and setting priorities. About 70 percent of the value of publicly traded corporations is embodied in intellectual property and other crucial data. Yet these “crown jewels” of information typically account for less than 2 percent of total data holdings. Not all data is created equal; the most critical data should be afforded the highest level of security protection.

Security In and Through the Cloud

Cloud computing has become a central feature in today’s information environment. Organizations look to the cloud for reduced costs and increased efficiency. Mobile technology relies on the cloud to connect devices and users. However, anxiety about cloud security remains widespread. This need not be the case. Tools for effective, integrated security across public, private and hybrid clouds are now readily available.

The essential components of cloud security are presented in a white paper that accompanied the Web presentation. These components are visibility, security intelligence and threat-aware identity and access management. Combined, they ensure organizations know who and what is going on in their cloud environments. By staying ahead of threats, organizations can ensure the cloud is a safe, secure environment.

 |  | 
Rick M Robinson

More from Cloud Security
November 1, 2023

What is data security posture management?

3 min read - Do you know where all your organization’s data resides across your hybrid cloud environment? Is it appropriately protected? How sure are you? 30%? 50%? It may not be enough. The Cost of a Data Breach Report 2023 revealed that 82% of breaches involved data in the cloud, and 39% of breached data was stored across multiple types of environments. If you have any doubt, your enterprise should consider acquiring a data security posture management (DSPM) solution. With the global average…

October 19, 2023

Endpoint security in the cloud: What you need to know

9 min read - Cloud security is a buzzword in the world of technology these days — but not without good reason. Endpoint security is now one of the major concerns for businesses across the world. With ever-increasing incidents of data thefts and security breaches, it has become essential for companies to use efficient endpoint security for all their endpoints to prevent any loss of data. Security breaches can lead to billions of dollars worth of loss, not to mention the negative press in…

October 3, 2023

The importance of Infrastructure as Code (IaC) when Securing cloud environments

4 min read - According to the 2023 Thales Data Threat Report, 55% of organizations experiencing a data breach have reported “human error” as the primary cause. This is further compounded by organizations now facing attacks from increasingly sophisticated cyber criminals with a wide range of automated tools. As organizations move more of their operations to the cloud, they must also become increasingly aware of the security risks and threats that come with it. It’s not enough anymore to simply have a set of…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature