Build Confidence in the UK’s Cloud Security Landscape

Posted:

The cloud is actually getting more secure by the day, but with myths plaguing the minds of IT decision-makers across the globe, many are reluctant to make the move, having been haunted by the tales that proclaim cloud is considerably less secure than on premises infrastructure.

In actual fact, you might be surprised to hear that on-premises instillations actually experience around 69% more security incidents per customer than enterprises relying strictly on public cloud services. Bet you didn’t know that!

On our mission to expose the myths for what they really are, we’ve hit the road with Alert Logic and AWS to help host their Cloud Security Series. At the events, which took place in Manchester and London on the 20th and 21st September, Alert Logic shared with us recent findings from their latest security report. If you missed the event, don’t fret, because here are some of their key findings:

Organisations in different sectors fall victim to very similar attacks

Attackers don’t hesitate to learn from each other and apply successful tools, tactics, and procedures to get the job done, defenders must do the same. Alert Logic have noted vast similarities across Financial, health, IT, manufacturing and retail industries. SQL incidents represented the lion’s share of issues, followed by remote code execution-related activities and events related to Open Vulnerability Assessment System scans.

Hybrid networks with proportions scattered among public clouds, private clouds, and on-premises systems, are at greatest risk

Data collected by Alert Logic shows a remarkable 141% higher rate of incidents per customer for hybrid installations. On-premises installations experienced about 69% more security incidents per customer than did for enterprises relying strictly on public cloud services, while hosted private cloud entities saw about 51% more.

 Attacker’s aren’t always heading straight for the target

While major attacks do tend to make headline news, most attackers are now on the hunt for a chain of vulnerabilities to launch stealthy, resilient attacks via lateral movement, giving them the ability to exploit vulnerabilities in less-critical assets then make their way to your true target.

The cloud is more secure than on-Premises infrastructure!!

Alert Logic’s Cloud Security report highlights that there is absolutely no indication that Public Cloud is any less secure, in fact, there is an increasing body of evidence to the contrary. They have observed that across the industry, security incident rates in public cloud environments are lower than they are on-premises (!!!). The variations in threat activity are not as important as where the infrastructure is located. Anything that can be possibly accessed from outside, whether enterprise or cloud, has equal chances of being attacked, because attacks are opportunistic in nature.

To conclude then, systems built without the same rigor around security won’t be as secure, whether they are cloud or on premises. So, the best advice I can give is to stop believing the cloud security myths – believing every word you hear is only holding you back and if anything, you’re more at risk now than you will be when you move to cloud.

So now we’ve established the cloud is far more secure than you first thought, it’s time to start thinking about migrating.

Migrating to the cloud can be extremely complex so you should partner with a Cloud Services Provider with the knowledge and skills to deliver a well-defined and executed security strategy with the right enabling technology.

As the UK’s #1 Cloud Services Provider, and as a key Alert Logic Partner, ANS are in the best position to deliver an application centric approach to security, leveraging next generation technologies.

So whether you need help in migrating your applications to the cloud safely and securely, or if you’re already using the cloud, but want to find out if your resources and data are compliant, then speak to us. Alternatively, to find out more about ANS’ partnership with Alert Logic, click here.