Cyber Attacks Demonstrate Why The Cloud Is Safer

Uploaded on 2017-07-21 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Computer systems from the Ukraine to the United States were affected by the Petya cyber-attack. It’s similar to the recent WannaCry ransomware attack. 

The WannaCry ransomware took advantage of vulnerabilities in the older versions of Windows that allowed the infection to spread. All someone needed to do was click a malicious link and, bang! they were infected. That is, if they hadn’t installed the patches and updates.

These attacks are a reminder of why the cloud is a safer place to do your computing.

The parade of attacks in recent years have forced enterprise IT to become more diligent about holistic security. These attacks are successful when security is not holistic, such as when patches and fixes are not applied.

But the generalised security fears have also caused many IT organisations to delay the adoption of new technologies, such as cloud computing. There’s a sense that something new, especially something managed by others, will make things more vulnerable.

Actually, the opposite is true.

Using the public cloud makes you less likely to get attacked and breached. The layers of security in the cloud are more than a deterrent for most attacks. The cloud providers proactively monitor these clouds, and they quickly spot and quickly block them. And they automatically apply operating system, application, and service patches and fixes are automatically behind the scenes.

Extremely few IT organisations do the same. The cost of security is just too much for most enterprises to bear, and most can’t keep up with all that needs to be done to keep their systems and users secure enough from WannaCry, Petya, and other malware that shut down systems.

Enterprises should not run in place when these attacks occur, but instead do a “look in the mirror” assessment around the state of systems and security. You’re likely to find deep issues that can’t be solved overnight. From there, you’ll need to plan the “to be” state of things, including how data, processes, PCs, mobile devices, IoT devices, and other elements are going to be secure.

As you undertake that effort, you’ll find that using the cloud is becoming the best fit for security. It may be counterintuitive to those who equate hands-on control with effective control, but it’s simply true.

The cloud has had outages, yes, just like enterprise IT systems. But no major cloud provider has fallen victim to all the malware attacks of the last few years. What does that tell you?

Infoworld

You Might Also Read: 

Eight Steps For Cloud Security:

Directors Report June 2017: Cloud Security Analysed For Management (£):

 

« Ukraine Accuses Russia Of Ransomware Attack
Russia Suspected As Hackers Breach Power Plant Systems »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

SecPoint

SecPoint

SecPoint provides products to secure & protect your network from remote and local attacks.

ACIS Professional Center

ACIS Professional Center

ACIS provides training and consulting services in the area of information technology, cybersecurity, IT Governance, IT Service management, information security and business continuity management.

Reed Smith LLP

Reed Smith LLP

Reed Smith LLP is an international law firm with offices in the USA, Europe, Middle East and Asia. Practice areas include Information Technology, Privacy & Data Security.

Certification Europe

Certification Europe

Certification Europe (now Amtivo Ireland) is an accredited certification body which provides ISO management system certification, including ISO 27001.

Alarum Technologies

Alarum Technologies

Alarum Technologies (formerly Safe-T) is a global provider of cyber security and privacy solutions to consumers and enterprises.

Jscrambler

Jscrambler

Jscrambler addresses all your JavaScript and Web application protection needs.

QOMPLX

QOMPLX

QOMPLX integrate, contextualize, and analyze data from virtually any source to help you identify operational risk and inefficiencies throughout the enterprise.

Logic Supply

Logic Supply

Logic Supply is a global industrial PC company focused on hardware for the IoT edge. We design highly-configurable computers engineered for reliability.

3Lines Venture Capital

3Lines Venture Capital

3Lines Venture Capital invests in exceptional founders and startups working on broad disruptive themes of Future of Work, AI enabled enterprises, and Industry 4.0.

Sentor Managed Security Services

Sentor Managed Security Services

Sentor Managed Security Services is a cybersecurity company that enables organizations to exist in a digitally connected world.

CyberArmor

CyberArmor

Cyber Armor defend everyday IT and OT systems, from government agencies to critical infrastructure, from system integrators to small industries.

Prism Infosec

Prism Infosec

Prism Infosec is an award-winning independent cyber security consultancy, CREST STAR, NCSC CHECK member, CAA ASSURE audit provider and PCI Qualified Security Assessor.

Akto

Akto

Akto, the plug & play API security platform. Discover your APIs, run tests and find business logic vulnerabilities at ludicrous speed.

S2W

S2W

S2W is a data intelligence company specialized in cyber threat intelligence, brand/digital abuse, and blockchain.

3DOT Solutions

3DOT Solutions

3DOT Solutions is an established UK cybersecurity consultancy focused on delivering end-to-end cyber security solutions for private and public sector customers.

Sariya Information Technology

Sariya Information Technology

Sariya Co. Ltd. is a leading provider of value-added digital services and solutions, founded in 2002 in Saudi Arabia as a part of Al Kuhaimi Group.