Cloud ‘not a silver bullet’ for security
By 
Aly McDevitt2023-02-24T21:33:00
Shifting business to the cloud has its appeals. Platforms like Microsoft Azure, Amazon Web Services, and Google Cloud Platform offer economies of scale, enhanced security, and access to newer technologies like artificial intelligence and machine learning, capabilities smaller organizations might not have the resources to develop in-house. Much of the hype around the cloud revolves around these advantages, but there are disadvantages, too.
A panel of cybersecurity experts, joined by a chief compliance officer in the financial services industry, discussed the risks and opportunities associated with moving to the cloud at Compliance Week’s virtual Cyber Risk & Data Privacy Summit. Despite being users and proponents of the cloud, the panelists listed far more cons—or rather, caveats—than pros.
Outsourcing trust to a third party raises obvious security and privacy risks, especially when managed service providers are a known target for state-sponsored attackers, as seen with Chinese hacker group APT10. That’s just to start.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
PremiumToeing the ‘fine line’ of cloud security compliance
When organizations move their data or operations to the cloud, the compliance team has their work cut out and then some, experts discussed at CW’s Cyber Risk & Data Privacy Summit.
-
PremiumIBM report: Data breach costs at all-time high; AI helping detection
The global average cost of a data breach reached a new all-time high of $4.45 million in 2023, according to IBM’s annual report.
-
PremiumMindset matters for governance and compliance success in the cloud
Shifting your organizational structure to align with a capability-based operating model can help you focus on delivering outcomes for customers, instead of concentrating on different departments and processes.
More from Cybersecurity
-
News BriefU.K. says company boards need to worry more about cybersecurity risks
The U.K. government wants directors and boards of directors to become more actively involved in cybersecurity risks facing public and private companies, as the world faces “alarming” threats from criminal gangs and malicious nation-states. Though many organizations take cybersecurity seriously, the U.K. government says they do not place management of ...
-
PremiumNavigating compliance: A guide for small teams to tackle CMMC
Many small organizations within the Defense Industrial Base are struggling to meet the rigorous requirements validated through the Cybersecurity Maturity Model Certification, writes Thomas Graham, CISO at Redspin. If you haven’t been tracking it closely, CMMC was finalized in October, with an effective date of December 16, 2024.
-
PremiumFinancial crime in the shadows of the dark web
The dark web has been depicted as a long-standing hub for crimes, where illegal activities such as drug dealing, financial fraud, weapon sales, murder for hire, stolen credit cards, and ransomware gags are easily accessible to the public.