Organisations Need to Remain Vigilant in Today's Cyber Landscape
By Raymond GohOver the years, we have seen the cloud shift from hype to mainstream. The recent Nutanix Enterprise Cloud Index reveals hybrid cloud to be widespread in Singapore, with respondents reportedly intending to cut traditional infrastructure adoption from 42% to 17% over the next one to two years alone. Similarly, hybrid cloud adoption is expected to increase significantly from 18% to 46% during the same period.
Alarmingly, immature security practices and risky end-user employee behaviors are not improving with increased cloud adoption. The bulk of respondents also ranked data security and compliance as the top benefit of public cloud. Furthermore, the Cybersecurity Public Awareness Survey released last month read that although many Singaporeans are concerned about cybersecurity incidents, a significant proportion do not think that they would ever fall victim.
This is concerning because employee complacency could plague the cybersecurity efforts of organisations. Whilst public cloud platforms are typically more secure than their private counterparts, both organisations and their employees still need to remain vigilant.
Public cloud migration risks
Organisations often undermine the importance of building a proper cloud network. They think that simply picking up on the on-premises infrastructure will greatly improve their transition into the hyper-scale public cloud. Granted, the general infrastructure is similar, but the truth is that many basic components such as control planes, networking and security are different enough to cause issues to arise. Therefore, organisations may need to modify application designs and architecture to a certain degree before moving them to the cloud, which helps to lower the risk of incurring data leaks. Organisations may also consider specific expertise to assist in facilitating and managing such transitions in the cloud environment.
Productive management of cloud costings
With the ability to be highly flexible, public cloud is the perfect location to host workloads in a remote location and maximising the benefits of a pre-configured service. However, they can also be significantly less cost effective especially for static workloads with foreseeable infrastructure needs. Enterprises will be required to have visibility and awareness of where their data is, what is being done and what they are sharing. This follows heightened regulatory oversight at national and international levels, as well as the growing prevalence of data sovereignty and privacy challenges. To effectively manage cloud economics, organisations must not underestimate the importance of insight into every aspect of their processes, connectivity and data.
Emphasise the gravity of cybersecurity
The implementation and reinforcing of cybersecurity measures is not the sole responsibility of IT departments, but a cohesive responsibility across all departments. The best data recovery and protection software will be rendered moot if employees are unprepared or irresponsible. As such, organisations need to start stirring awareness and urgency on the topic amongst employees – the understanding that prevention is better than cure, and in so, a lot of work must go into ensuring the prevention of cyberattacks.
It is imperial for organisations to exercise an ongoing and sustained commitment in implementing relevant policies and procedures, as well as educating and training employees to prioritise cybersecurity. Business leaders at the management level are responsible for setting the tone in enforcing a corporate cyber-secure culture. Good cybersecurity habits should be institutionalised throughout organisations for employees to actualise them wherever they go. When deciding if data can be safely hosted in the public cloud, organisations need to understand their data and be educated on security measures undertaken by public clouds. They must determine the exact level of security needed by the applications and data being moved to the public cloud, while ensuring that the cloud vendor has the right features to meet security needs. The ideal cloud solution supplies an array of benefits to educated organisations and employees – from flexibility and document control to increased collaboration.
It’s only apparent that the organisational landscape is going through a transformation with the heightened adoption of cloud. Throughout this process, transparency, governance and corporate proactivity will be key in our data evolution.