The impact of the pandemic will be felt long after yearend. In 2020, executives quickly managed the closures of offices for non-essential workers and the onslaught of work-from-home strategies that disrupted organizations everywhere. Executives have experienced unprecedented challenges and they have been asked to meet these challenges at a rapid pace all while keeping their business safe, secure, and engaged. Recently, CIOs, CTOs, CISOs, and technology executives joined forces to help reimagine the future of business.
On December 10th, Brendan Hannigan, CEO and Co-founder of Sonrai Security, joined an executive panel at the New York Financial Services CIO Virtual Summit where technology executives shared their past and current experiences in managing crisis. Leaders discussed the approaches they took to cloud security. Many financial organizations are choosing to operate their own global network backbones and have direct connections to cloud services. Many are now looking to add to security services to their clouds that are easy to scale as demand changes and easy to manage for a large number of users.
With so many organizations permanently shifting to remote work arrangements, cloud computing has seen a significant spike in demand. In many ways, the cloud is the perfect platform for this time of uncertainty. Capacity is easy to adjust, allowing organizations to scale their network infrastructure to meet their needs at any given moment.
Keeping those clouds secure, however, is a different challenge executive are facing. Public cloud computing services make an enticing target for cybercriminals looking to disrupt services or compromise data. And the rapid pace of change and lack of employee education may create some costly human errors.
When organizations adopt cloud computing platforms, they often fail to put proper IT governance policies in place to ensure that those resources are being used in the most efficient and secure way. Since cloud resources are so easy to provision, employees and entire departments can set up virtual servers and storage that may go unused or abandoned entirely. These dormant assets may be segregated from other areas of the network or contain no data, but their existence can create a serious security threat if no one knows to account for them. Some of these assets may contain latent security risks due to improper configurations, and at the very least, they create another potential attack vector for hackers to exploit. The rapid shift to remote work has caused many companies to adopt cloud computing solutions without putting much thought into how they’re managed, which increases the likelihood that remote employees may inadvertently be creating security risks as they contribute to cloud sprawl.
As leadership launch fully into the cloud and agile, they are quickly realizing traditional data center and network management tools are stuck in the past. They are finding practitioner-focused cloud provider tooling is also not up to the task. Markedly different identity and data models exist within AWS, Azure, GCP, and other cloud providers.
They understand that making use of cloud computing means making sure they have the right cloud security solutions in place to protect essential data and applications at all times. After listening to the New York Financial Services CIO Virtual Summit it was clear that risk mitigation is a top goal for 2021.