How Businesses Can Better Protect Themselves from Cyber Threats in The Cloud

Unisys is a large global technology company, involved in building multiple cybersecurity solutions for enterprises and governments all over the world. Through their multiple solutions and varied customer base, Unisys has a unique perspective on the cybersecurity challenges facing businesses of all sizes today.

At the 2020 RSA conference in San Francisco, Expert Insights met with Unisys’ Chief Technical Officer Vishal Gupta, to talk through this unique security perspective, global cybersecurity threats and trends, and the best ways for organizations to keep themselves secure in the cloud.

Gupta has worked in cybersecurity for over ten years, and prior to joining Unisys was SVP at Symantec, which at the time was the world’s largest cybersecurity vendor. As CTO at Unisys, Gupta is in charge of all of their technology platforms and products, including security, as well as cloud compliance and AI.

The Shift to The Cloud

One of the major changes over the last few years has been the shift from on-premise enterprise infrastructure towards cloud-based technologies. There are often numerous benefits for organizations to use cloud-based technologies, including improved productivity, lower maintenance costs and less downtime.

However, the move to the cloud for enterprise applications and security tools have created new security tests for organizations to overcome. In Gupta’s experience the cloud has opened up three key areas where organizations are finding challenges.

“The first challenge is one of visibility,” Gupta says. “In the on-prem world, organizations had a lot of visibility and control, because their own IT departments were doing everything. Now, technologies are very distributed, but they still want visibility.”

This is especially true when it comes to managing data. Organizations need to ensure they know what information is being stored in which data centers and who is looking after and handling their data. This is a key challenge with cloud-based technologies.

“You can’t secure what you don’t know,” Gupta says. “So, visibility is king.”

The second issue Gupta commonly comes across is the need for organizations to implement best practices.  “One of the challenges of the cloud is that it’s so decentralized,” he says. “And there are so many kinds of configurations.”

What this means for organizations is that they can very quickly implement many security platforms, and they can very easily be misconfigured. This can mean organizations have security gaps in their infrastructure or miss events that they should be logging.

“Everybody has all these developers and IT people who are setting up things in the cloud,” Gupta says. “But the challenge is how do you do it from a security perspective, from an operations perspective, from a compliance perspective?”

Unisys introduced the CloudForte Navigator in a partnership with AWS and Azure to help enterprise customers deal with this issue of best practices, which is designed to help organizations build, operate and secure cloud systems.

The final challenge for organizations in the is how if important cloud accounts are compromised, cyber-criminals have access to much more data than they would have when technologies were hosted on-premise.  

“If an attacker is able to compromise one cloud account, they can pretty much go anywhere and get anything. The challenge for organizations is, how do you micro-segment so that even if you get an exposure, you don’t end up losing a lot of different records?” Gupta says.

Gupta uses the example of a major financial institution, which recently had a devasting attack in which a web application firewall was breached, which led to the personal information of 100 million customers being exposed.   

Unisys has a number of container and isolation solutions designed to protect against this kind of threat. Gupta argues that micro-segmentation, or the ability for organizations to breakdown the attack surface of their organization into multiple smaller pieces, is hugely important for organizations moving to the cloud.

Credential Theft and Biometrics

One of the other big cloud threats that organizations are being exposed to is credential theft, Gupta says. This is leading to an increasing challenge around how we validate identities and manage access to important accounts.

Gupta argues that moving to the cloud have made the authentication and identity challenge more prevalent in two distinct ways. The first is that cloud-based accounts now have access to so much more information, increasing the value of account compromise for attackers.

“As we saw in a recent breach involving a major banking institution,” Gupta says, “Somebody can literally access terabytes of data, all your companies’ customers and all of their data. The impact can be massive.”

The second issue Gupta outlines is that it’s much harder to know where attacks are from, and it’s harder for organizations to discover compromised accounts in the cloud. Because of this, the security risks become much more acute.

Gupta argues this is leading to the use of biometrics becoming an increasingly important security tool, as a way to help organizations better manage identity and access.

“The use of biometrics is becoming more and more important,” he tells me. “How else can we get incontrovertible evidence that you are who you say you are? Because credentials are so easy to steal.”

Unisys recently deployed a biometric security system that allows users to use their FaceID or fingerprint to validate their identity. Gupta says the key challenges around this technology is ensuring it’s easy to use, encompasses multiple layers of security, and is fast to validate, in order to not impact the productivity of an organization.

The Cloud Is Not Less Secure Than On-Premise

Despite the challenges that are emerging from the move to cloud-technologies, Gupta says that the cloud is not more, or less secure than the on-premise perimeter. Rather, it’s the approach to the cloud that causes difficulties for organizations.

“One of the things people are realizing is that the cloud is not inherently more secure or less secure than on-prem, it’s just different,” Gupta says. “It’s now a shared responsibility model. Organizations have to understand what they’re responsible for, and what the cloud provider is responsible for.”

Gupta argues that organizations are starting to understand that the cloud providers have to be responsible for their infrastructure, but at the same time organizations have to be responsible for their workloads.

Organizations are also more often looking for a more holistic, or hybrid approach, Gupta says. “More and more, organizations are not looking for just one solution that works only on-prem or only in the cloud,” he tells me. “Organizations want a holistic solution where they can form security policies, that will work across their infrastructure, whether that’s on-prem, in AWS, in Azure, in Google, or in their private data center.”

Gupta argues that increasingly, large organizations want flexibility, and the ability to move their workload to wherever makes the most sense for them.

Advice for Organizations Moving to the Cloud

Gupta’s advice for organizations in the cloud, or considering moving to the cloud, is threefold. His first advice is to remember the cloud is no more or less secure that on premise technologies.

“The cloud is no more or less secure, it’s just about making sure you follow best practices,” Gupta says, “Make sure you follow best practices from a cost, compliance, application modernization, and security perspective.”

“Secondly, look at biometrics. Account compromise is a risk, and implementing biometrics is a great way to minimize risk, without compromising on convenience for the user. Thirdly, organizations need to microsegment, and reduce their attack surface,” Gupta says.

“The cloud has a lot of a potential, it is fast, there’s lots of innovation available. But organizations need to move forward with confidence and the above three strategies will help them to do so.”

You can find out more about Unisys here: https://www.unisys.com/