Capital One bank in the US was recently targeted by a single hacker who managed to access the personal details of over 100 million customers, despite the bank having all the security you might expect of a large customer-focused organisation. The hacker was a former employee of Amazon Web Services (AWS), which hosted the bank database. They broke in by exploiting a poorly configured firewall, no doubt using some of their inside knowledge.
Once again we are watching as a major brand faces a data disaster. Capital One should be able to absorb the millions of dollars in fines and customer compensation, but for a smaller organisation this type of data breach could be the end. European fines are much higher than those in the US thanks to the European Union GDPR regulation, but why should companies be more focused on this question of data security now?
Because of cloud computing. A recent report in CIO suggested that 96% of companies are now using cloud computing. This means that almost every new database will be in the cloud. Justin Fier, the director of cyberintelligence at Darktrace recently suggested that the general approach to securing networks – mainly with firewalls – has not yet woken up to the fact that everything is now in the cloud.
Network security managers have spent years designing their systems with the concept of what is inside the organisation, what is outside, and how to protect network entry points. Now we are seeing a complete shift away from this structure to the cloud. Companies such as Microsoft and Amazon are offering cloud services that allow their customers to access unlimited storage and computing power.
But this also means that your personal customer data will be outside the organisation and physically located on a service managed by another company. Companies like Amazon have developed a reputation for security and are probably better at securing their systems than any old internal system you previously had, but what happens when a current or former employee goes rogue and hacks into the database they used to manage?
As Justin Fier suggests, there are some new approaches to data management and network security that are essential:
- Better network oversight; your development and support team can probably create and use new servers instantly meaning that the security team often has no real oversight on the network that is really being used. Give them better tools that allow them to manage what is really out there on the network.
- Look for malware; Capital One only ever found out about the hack, three months after it happened, because stolen data was seen online. Be proactive and seek out malware and other tricks that hackers will use to break in.
- Explore Artificial Intelligence (AI); you often can’t prevent an insider launching an attack so create some digital oversight. Use an AI system to monitor all network activity so you can be alerted when any unusual activity takes place – and ensure that nobody can turn off this AI police officer.
The bottom line is that cloud computing offers too many advantages and opportunities for companies to avoid it. With an adoption rate that is now almost universal there is no going back, but we certainly need to consider how best to change and adjust network security for the cloud computing era.
The border or the organisation is no longer the office itself. People and their skills are sourced from suppliers and databases will be located in the cloud. Both people and data now move in and out of the central organisation in a porous way. Protecting this environment is the challenge we face today. Questions about a cloud security strategy should be amongst the first things any executive should be asking any potential IT partner and if the supplier fails to have any intelligent answers then why would you work together?