The average total cost of a data breach in the US is $7.91 million (worldwide, the average is $3.86 million)
The average cost per lost or stolen record in the US is $233
The average global probability of a material breach in the next 24 months is 27.9%
Organizations that lost less than 1% of their customers due to a data breach saw an average total cost of $2.8 million. Exceed 4%, and that number jumps to $6 million.
The mean time to identify a breach incident was 197 days. Plus, another 69 days to contain it.
These findings point to a worrying trend: data breaches are getting more costly and severe by the year. Marriott’s mega breach of 500 million accounts is now estimated to cost the company as much as $1 billion. And it’s not alone: Google, Quora, Facebook, and other tech giants saw data breaches affecting millions last year, too. Indeed, data breaches remain the number one security threat on the Cloud Security Alliance’s Top Threats list.
So, how can you bolster cloud security and mitigate risks?
Six steps to better cloud security
The following list is by no means exhaustive, but it does cover some of the most common and preventable mistakes that are often overlooked:
1. Evaluate security control requirements
Determine what security controls your IaaS/PaaS program needs and what controls are available to you. What does access look like? Who has permission to access from an admin role perspective? Know where your data is and where it moves.
2. Understand security roles and responsibilities
It is imperative for your organization to understand the security posture that is provided by the cloud vendor “out of the box.” Unless you negotiate for additional control coverage, any gap will need to be covered by your security team. This needs to be performed prior to the commitment of any data to the cloud instance.
3. Check your firewall settings for every instance
Ensure you have the right types of firewall in place and that their settings are right. What ports do you have open or closed? Who has access to change the firewall settings? Make sure you start from zero trust and open up only what is needed for the work to get done.
4. Eliminate insecure or misconfigured APIs
Application programming interfaces (API) provide us with quality integration points into our cloud environments. First and foremost, if the API is not needed, disable it. Further, work with your cloud provider to understand what APIs are available for your environment and how they are configured. Ask your cloud provider for a review of the set of APIs that are included with your cloud deployment, providing the latest in security and vulnerability testing that has been performed on each.
5. Bolster cloud identity and access management (IDAM)
Single factor authentication is too low of a barrier for threat actors. It is time to move to two-factor authentication (2FA) for all your cloud identity and access. At a minimum, your administrative personnel with elevated access to your cloud environment should always employ 2FA. Extend this to your user base, dependent on the workloads and sensitivity of the data in your cloud environment.
6. Monitor data movement East and West, as well as North and South
It is common for data movement monitoring to take place on ingress and egress of an environment (North and South). Key to a cloud environment, due to its inherent shared hardware and software profile, is monitoring data movement across the environment. This has added importance to the tenet of understanding critical data flows, allowing for identifying anomalous behavior.
The right approach to cloud security
If there is one rule to cloud security, it is this: never trust anyone to run security for you. You may not have direct control of your data, but that does not relieve you of your responsibility and accountability when it comes to its security. This is especially true with SaaS vendors where the perception is that little can be done to improve security.
Your challenge, then, is to ensure the right security controls are in place. Become an auditor to your vendors and know everything about your data—what it is, where it sits, how it moves. Get access to all relevant logs and reports for every application. Take the lead on security by demanding contractual and configuration requirements at the negotiation stage with vendors.
Approaching providers with an auditor’s mindset is the first step to better cloud security. It is your responsibility to verify, audit, and maintain control of a cloud instance at all times.
What is technical debt costing you?
Take our five-minute Complexity Factor assessment to find out your CF score and remedial next steps.
David has over 20 years of experience with IT service delivery, with a track record in transformation and transition, IT cost optimization, sourcing, global operations, vendor management, strategy implementation, and data center migrations. He develops inventive opportunities for leveraging IT, in order to improve operational excellence and create competitive advantage.
Have a Question? Just Ask
Whether you're looking for practical advice or just plain curious, our experienced principals are here to help. Check back weekly as we publish the most interesting questions and answers right here.