Our site uses cookies to make it work and to help us give you the best possible user experience. By using our site, you agree to our use of cookies. To find out more about cookies and how you can disable them, please read our Cookies statement
You can manage your cookie settings by turning cookies on and off.
Click on the different cookie  headings to find out more about the types of cookies we use on this site and to change your settings. Please be aware that if you choose to turn off  cookies, certain areas of our site may not work and your browsing experience may be impacted.

For further information on how we use cookies, please see our cookies statement.

Strictly Necessary Cookies

These cookies are essential for the technical operation of and proper functioning of our site  and enable you to register and login, to easily move around our site, and to access secure areas. Without these cookies our site won't function properly.  

These cookies are required

Marketing Cookies

These cookies allow us to advertise our products to you and allow us to pass this information on to our trusted third parties so that they can advertise our products to you on our behalf. All information these cookies collect is aggregated and therefore anonymous. No personal information is shared to third parties. Any personal information collected while using our website could be used for direct marketing from Dimension Data only.

Performance Cookies

Performance cookies allow us to collect aggregated and anonymous data on how our site is used, such as the number of visitors to our site, how you navigate around and the time spent on our site and also to identify any errors in functionality. These cookies also help us to improve the way our site works by ensuring that you can find what you’re looking for easily, to better understand what you are interested in and to measure the effectiveness of the content of our site. 

Intelligent Business Steps to Ensuring True Cloud Security and Resilience

05 October 2021

Complex business ecosystems are at risk of security vulnerabilities and have to consider investing into smart solutions and adopting intelligent tactics to survive the threat landscape, explains Neal Botje, Principal Practice Head: Cloud Security at Dimension Data.

Recent cyberattacks have turned business attention to the rising dangers of cybercrime and unexpected vulnerabilities within and without the business. Threat actors are targeting specific verticals and vulnerabilities, and they are targeting the same companies over and over again, often multiple times a month.  The onslaught is relentless. However, organisations need to use these lessons and insights to better prepare for what lies on the threat horizon to ensure that they are not caught in compromising positions.  

For companies balancing the complexities of compliance and risk mitigation and governance regulation this is a challenge that they have to navigate with resilience and caution to ensure they can not only survive, but thrive.

According to the NTT Ltd. 2021 Global Threat Intelligence Report (GTIR), the finance, manufacturing and healthcare industries experienced the vast majority of attacks in 2020. Manufacturing increased from 7% to 22%, healthcare from 7% to 17%, and finance from 15% to 23%. These attacks were broken down across web application, application specific, and network manipulation for these sectors, and the numbers show a sharply defined focus on cloud and application attacks. In healthcare these were broken down into web application (62%), application specific (36%), and network manipulation (1%). For manufacturing it was web application (27%), application specific (50%), and reconnaissance (19%). And for finance it was web application (16%), application specific (68%), and distributed denial of service (DD0oS) (8%).

These verticals stand to benefit from robust and flexible cloud security that helps them to manage their posture more effectively, and to achieve true security and business resilience. But this doesn’t mean that the other markets can rest on their proverbial laurels. The future of resilience for all organisations lies in how cloud security can adapt and deliver relevant business agility.

There are three security steps an organisation should consider as they move towards true cloud security and resilience:

1: Recognise the true weight of the threat landscape

The 2021 GTIR unpacked the threats across numerous sectors and found several key findings that shape the security landscape today. The first is that miners and Trojans are replacing spyware as the most common malware family – this threat actor is evolving and becoming increasingly diverse with a rise in multi-function malware. In addition, cryptocurrency miners now represent 41% of malware detected in 2020. Coin miners accounted for 74% of all malware in Europe, the Middle East and Africa.

The pandemic continues to leave a mark as it encourages advanced persistent threat (APT) groups to increase their espionage, sabotage and cybercriminal operations. This is further driven by the increase in flexible working conditions with remote and work from home access points that are highlighting the risks of web and application attacks. As companies move virtual, attacks move along with them and there has been a marked increase in application specific and web application attacks.  Finally, the new normal defined by the world as the post-pandemic way of work is actually more accurately defined by the post-compliance and regulation way of work. Data privacy and protection regulation is global, and restrictions and compliance requirements are increasing. Companies are under pressure to comply and obey to avoid paying hefty, and very real, financial and reputational fines.

2: Focus on building resilience through security and technology

Organisations need to continuously adapt to market changes and to evolving customer expectations with approaches that are flexible and agile to ensure business continuity. They need to proactively tackle security and resilience by design, focusing on tools and technologies that help them to refine their operating models, fully realise the potential of their data, and effectively mitigate risk. Security and threat intelligence tools are critical in the digital world and proactive resilience is focused on meeting industry-specific objectives and requirements.

Staying ahead of the threats is one thing, ensuring that the business is resilient enough to cope with an active threat is another. Secure by design ensures that security is embedded into the business and into its resilience outlook and strategic goals. This translates to – securing infrastructure in intelligent ways so your business can remain focused on value and transformation. It’s the smart way to ensure that the organisation remains firm in its customer engagements and digital investments without compromise.

3: Empower the business

Throughout the security conversation, most decision makers are concerned that the endless loops of security will close down productivity and opportunity. This is a very relevant narrative. Companies want to know how they can empower themselves to make informed decisions without losing sight of their security posture or compromising on regulation or resilience. 

There’s a cycle that businesses can follow to ensure security and resilience within cloud investment. First, position security and resilience as strategic within the business, then prioritise people and processes as you embrace 'secure by design'. Then, adopt existing cybersecurity frameworks and standards and prioritise continuous monitoring to ensure these remain up to date and relevant. Finally, return back to positioning these as key strategic parts of business strategy, and repeat. A cycle of intelligent thinking that empowers the business in rethinking its approaches in ways that get the right results. 

The result is reduced risk of data breaches or reputational damage, the ability to leverage security as an enabler for the business, and an architecture that can scale without introducing risk. This mature cloud and security posture allows for continued transformation, secure DevOps processes and applications, improved compliance, and the ability to create business value by aligning security to strategy.