Cyber Attacks Demonstrate Why The Cloud Is Safer

Uploaded on 2017-07-21 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Computer systems from the Ukraine to the United States were affected by the Petya cyber-attack. It’s similar to the recent WannaCry ransomware attack. 

The WannaCry ransomware took advantage of vulnerabilities in the older versions of Windows that allowed the infection to spread. All someone needed to do was click a malicious link and, bang! they were infected. That is, if they hadn’t installed the patches and updates.

These attacks are a reminder of why the cloud is a safer place to do your computing.

The parade of attacks in recent years have forced enterprise IT to become more diligent about holistic security. These attacks are successful when security is not holistic, such as when patches and fixes are not applied.

But the generalised security fears have also caused many IT organisations to delay the adoption of new technologies, such as cloud computing. There’s a sense that something new, especially something managed by others, will make things more vulnerable.

Actually, the opposite is true.

Using the public cloud makes you less likely to get attacked and breached. The layers of security in the cloud are more than a deterrent for most attacks. The cloud providers proactively monitor these clouds, and they quickly spot and quickly block them. And they automatically apply operating system, application, and service patches and fixes are automatically behind the scenes.

Extremely few IT organisations do the same. The cost of security is just too much for most enterprises to bear, and most can’t keep up with all that needs to be done to keep their systems and users secure enough from WannaCry, Petya, and other malware that shut down systems.

Enterprises should not run in place when these attacks occur, but instead do a “look in the mirror” assessment around the state of systems and security. You’re likely to find deep issues that can’t be solved overnight. From there, you’ll need to plan the “to be” state of things, including how data, processes, PCs, mobile devices, IoT devices, and other elements are going to be secure.

As you undertake that effort, you’ll find that using the cloud is becoming the best fit for security. It may be counterintuitive to those who equate hands-on control with effective control, but it’s simply true.

The cloud has had outages, yes, just like enterprise IT systems. But no major cloud provider has fallen victim to all the malware attacks of the last few years. What does that tell you?

Infoworld

You Might Also Read: 

Eight Steps For Cloud Security:

Directors Report June 2017: Cloud Security Analysed For Management (£):

 

« Ukraine Accuses Russia Of Ransomware Attack
Russia Suspected As Hackers Breach Power Plant Systems »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Securosis

Securosis

Securosis is an information security research and advisory firm dedicated to improving the practice of information security.

Defense Advanced Research Projects Agency (DARPA)

Defense Advanced Research Projects Agency (DARPA)

DARPA's mission is to develop breakthrough technologies for national security. The Information Innovation Office undertakes cyber security activities.

Cybonet

Cybonet

Cybonet provides easy to deploy, flexible and scalable security solutions that empower organizations of all sizes to actively safeguard their networks in the face of today’s evolving threats.

UM Labs

UM Labs

UM Labs is a developer of security products for Voice over IP (VoIP), protecting SIP trunk connections, safeguarding mobile phone communications and enabling BYOD.

California Cybersecurity Institute (CCI) - Cal poly

California Cybersecurity Institute (CCI) - Cal poly

The CCI provides a hands-on research and learning environment to explore new cyber technologies and train and test tactics alongside law enforcement and cyberforensics experts.

Certis

Certis

Certis is a leading advanced integrated security organisation that develops and delivers multi-disciplinary security and integrated services.

CSIRT GOV - Poland

CSIRT GOV - Poland

Computer Security Incident Response Team CSIRT GOV, run by the Head of the Internal Security Agency, acts as the national CSIRT responsible for coordinating the response to computer incidents.

KOVRR

KOVRR

Kovrr financially quantifies cyber risk on demand. Our technology enables decision makers to seamlessly drive actionable cyber risk management decisions.

Micro Strategies Inc.

Micro Strategies Inc.

Micro Strategies provides IT solutions that help businesses tackle digital transformation in style.

Cube 5

Cube 5

The Cube 5 incubator, located at the Horst Görtz Institute for IT Security (HGI), supports IT security startups and people interested in starting a business in IT security.

NeuVector

NeuVector

NeuVector, the leader in Full Lifecycle Container Security, delivers uncompromising end-to-end security from DevOps vulnerability protection to complete protection in production.

SecureStack

SecureStack

SecureStack helps software developers find security & scalability gaps in their web applications and offers ways to fix those gaps without forcing those developers to become security experts.

Switchfast Technologies

Switchfast Technologies

Switchfast Technologies is an IT consulting and managed services provider, offering IT support and consulting to Chicagoland small businesses.

Antares NetlogiX

Antares NetlogiX

Antares Netlogix are a leading Austrian service provider for IT security, critical infrastructures and managed security services.

c0c0n

c0c0n

c0c0n is the longest running conferences in the area of Information Security and Hacking, in India.

SafeLiShare

SafeLiShare

SafeLiShare’s data security platform unifies encryption strategies for organizations with hybrid and multi-cloud infrastructures, ensuring data is secure regardless of its location.