{"id":45591,"date":"2022-09-26T09:54:14","date_gmt":"2022-09-26T13:54:14","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?post_type=emagazine&#038;p=45591"},"modified":"2022-09-26T09:54:14","modified_gmt":"2022-09-26T13:54:14","slug":"multicloud-security-complexity","status":"publish","type":"emagazine","link":"https:\/\/www.kaspersky.com\/blog\/secure-futures-magazine\/multicloud-security-complexity\/45591\/","title":{"rendered":"With complex data storage now the norm, how can business stay secure?"},"content":{"rendered":"<p>While <a href=\"https:\/\/www.kaspersky.com\/blog\/understanding-security-of-the-cloud\/\" target=\"_blank\" rel=\"noopener nofollow\">firms in every line of business are planning increased cloud use<\/a>, defending against the increased range of digital dangers needn\u2019t be time-consuming or expensive, even in a multicloud world.<\/p>\n<p>Almost <a href=\"https:\/\/www.flexera.com\/blog\/cloud\/cloud-computing-trends-2022-state-of-the-cloud-report\/\" target=\"_blank\" rel=\"noopener nofollow\">nine in ten companies use multicloud<\/a> \u2013 multiple cloud storage and processing providers \u2013 to power IT and store business-critical information. A whopping 80 percent use both public and private cloud.<\/p>\n<p>While these complex storage setups bring advantages, they make life harder for IT professionals. Recent Kaspersky research found <a href=\"https:\/\/go.kaspersky.com\/rs\/802-IJN-240\/images\/Kaspersky_IT%20Security%20Economics_report_2021.pdf\" target=\"_blank\" rel=\"noopener nofollow\">IT complexity is becoming a top challenge for businesses<\/a>, particularly securing these networked environments. How can leaders make sure it\u2019s all secure and manageable?<\/p>\n<h2>Defending growing data worlds<\/h2>\n<p>The number of employee and customer digital touchpoints that must be secured in the average enterprise is ballooning. Networks are getting more complex and the amount of data gathered skyrocketing. That data can be enormously valuable \u2013 if it doesn\u2019t get lost completely in the crowd of, well, more data.<\/p>\n\t\t\t\t\t<div class=\"c-promo-post\">\n\t\t\t\t\t\t<div class=\"o-row\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"o-col-12@sm\">\n\t\t\t\t\t\t\t<article class=\"c-card c-card--link c-card--hor@xs c-card--small@xs\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"c-card__figure c-card__figure--small@xs c-card__figure--medium@sm\">\n\t\t\t\t\t\t\t\t\t\t<a href=\"https:\/\/www.kaspersky.com\/blog\/secure-futures-magazine\/explaining-endpoint-detection-response\/43657\/\" class=\"c-card__figure-link\">\n\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"500\" height=\"500\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2022\/02\/11061314\/295_behind_the_screens_endpoint_security_header-500x500.jpg\" class=\"attachment-card-default size-card-default wp-post-image\" alt=\"\" data-src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2022\/02\/11061314\/295_behind_the_screens_endpoint_security_header-500x500.jpg\" data-srcset=\"\" srcset=\"\">\t\t\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"c-card__body  \">\n\t\t\t\t\t\t\t\t\t<header class=\"c-card__header\">\n\t\t\t\t\t\t\t\t\t\t<p class=\"c-card__headline\">Related article<\/p>\n\t\t\t\t\t\t\t\t\t\t<h3 class=\"c-card__title \">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"https:\/\/www.kaspersky.com\/blog\/secure-futures-magazine\/explaining-endpoint-detection-response\/43657\/\" class=\"c-card__link\" target=\"_blank\" rel=\"noopener nofollow\">\n\t\t\t\t\t\t\t\t\t\t\t\t<span>This balloon shows why businesses need better endpoint security<\/span>\n\t\t\t\t\t\t\t\t\t\t\t\t<svg class=\"o-icon o-svg-icon o-svg-right\"><use xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\" xlink:href=\"https:\/\/www.kaspersky.com\/blog\/wp-content\/plugins\/kaspersky-emagazine\/assets\/sprite\/icons.svg#icon-arrow-long\"><\/use><\/svg>\t\t\t\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t<\/h3>\n\t\t\t\t\t\t\t\t\t<\/header>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"c-card__desc \">\n\t\t\t\t\t\t\t\t\t\t\t<p>With increasing digitalization and more internet-connected devices in the workplace, businesses must step up their endpoint protection.<\/p>\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<footer class=\"c-card__footer\">\n\t\t\t\t\t\t\t\t\t\t<div class=\"c-card__list\">\n\t\t\t\t\t\t\t\t\t\t\t<ul class=\"c-list-labels js-has-reading-time\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<a class=\"c-list-labels__link\" href=\"https:\/\/www.kaspersky.com\/blog\/secure-futures-magazine\/category\/digital-transformation\/\" target=\"_blank\" rel=\"noopener nofollow\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<span>Digital transformation<\/span>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<li><span class=\"js-reading-time\"><\/span> min read<\/li>\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"u-hidden js-reading-content\">\n\t\t\t\t\t\t\t\t\t\t\t\t\tIt's not easy getting your head around endpoint protection for business. But with a toothpick and a balloon, Matt White, CEO of software-as-a-service platform XaaS Ltd, makes it simple.\r\n\r\nEvery organization's 'attack surface' has expanded like a balloon thanks to increasing digitalization and smart devices in the workplace. But cybercriminals, like a toothpick trying to pop that balloon, now have more ways of getting in and reducing your network to shreds. The reality is even more extreme, White says, with thousands of cybercriminal toothpicks trying to pop your balloon at once.\r\n\r\nThe toothpicks are also getting sharper, suggests Kaspersky Senior Security Researcher Noushin Shabab. \"Cybercriminals are now using AI and machine learning to make their attacks more sophisticated.\"\r\nWhat are endpoints, and why better protect them?\r\nToday, businesses' attack surfaces are bigger than ever because there are more 'endpoints' \u2013 any device connected to the network, from mobile phones to webcams to fridges. White says that's \"a total chaotic mess\" from a security perspective.\r\n\r\n\r\n\r\nEndpoints are cybercriminals' favorite way to get into networks. Market data analysis firm IDC's 2019 study found 70 percent of breaches started at an endpoint.\r\nWhat's the best way to protect endpoints?\r\nAntivirus software used to do much of the heavy lifting in business security, but White says the new threat landscape demands more robust security. \"Endpoint detection and response (EDR) is like antivirus on steroids. It doesn't just detect and identify. It isolates malicious code and repairs. Spending more on that kind of system is like an insurance policy \u2013 it may protect you from a lot more damage down the line.\"\r\n\r\nHe compares endpoint detection and response with a COVID-19 vaccination. \"You know you may still catch it, but you can make it far less serious by getting a vaccine upfront.\" Check what level of endpoint protection your business needs.\r\n\r\nWhite thinks the new cyber threat level demands a new way of working, too. \"It's not just plugging in the latest shiny box that's going to secure a network. Everyone has to work together \u2013 all parts of a company, regulators, financial authorities \u2013 to create collaboration. It's a team game.\"\r\n\r\nAnd that might be a good thing for business overall, as well as for business security.\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t<\/ul>\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t<\/footer>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t<\/article>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\n<p>Meanwhile, <a href=\"https:\/\/www.kaspersky.com\/about\/press-releases\/2022_share-of-high-severity-cybersecurity-incidents-facing-organizations-increases-by-half-in-a-year\" target=\"_blank\" rel=\"noopener nofollow\">high-severity cybersecurity incidents grew by half in just a year<\/a>. <a href=\"https:\/\/media.kasperskycontenthub.com\/wp-content\/uploads\/sites\/43\/2021\/09\/13085018\/Incident-Response-Analyst-Report-eng-2021.pdf\">Hackers keep finding new ways to breach defenses<\/a>.<\/p>\n<p>\u201cCloud and online IT complexity expand each year as the magnitude of cyberthreats grow,\u201d Tim Rosato, head of trend forecasting firm Silver Lion Group, told me in a phone interview. \u201cUser accounts, information and logins are also traveling across more cloud networks, apps and virtual desktop environments.\u201d<\/p>\n<blockquote><p>Thwarting potential compromise means thinking more proactively across more digital and online dimensions.<\/p>\n<cite><p>Tim Rosato, President, Silver Lion Group<\/p><\/cite><\/blockquote>\n<h2>New solutions for multicloud enterprise<\/h2>\n<p>This growing complexity has sent many companies the way of investing in automated endpoint detection and response (EDR) platforms. These proactively scan for and eliminate threats. They\u2019re also implementing more specialist security products for hybrid cloud with controls that let you centralize security. It\u2019s all about greater network visibility and faster threat response across online workloads, software development and third-party apps.<\/p>\n<p>\u201cWe live in a multicloud environment. Our research shows malicious actors can take advantage of any unprotected cloud, gaining unauthorized access to the whole infrastructure. New solutions can help protect assets and remediate different kinds of attacks\u201d, says Marc Rivero, senior security researcher at Kaspersky\u2019s Global Research and Analysis Team (GReAT.)<\/p>\n<p>New digital identity management tools also help identify and authenticate users as they travel across apps, networks and cloud providers. You\u2019ll also want to routinely scan code and applications, networked systems and connected devices for potential points of compromise, closing loopholes before they get used.<\/p>\n<blockquote><p>Consider investing in artificial intelligence (AI) and machine-learning tools. These establish baseline behavior for accounts and systems, meaning faster threat detection and response, and fewer false-positives.<\/p>\n<\/blockquote>\n<p>Simple actions can also lower odds of compromise further, like adopting <a href=\"https:\/\/www.kaspersky.com\/blog\/zero-trust-security\/36423\/\" target=\"_blank\" rel=\"noopener nofollow\">zero-trust security<\/a> and <a href=\"https:\/\/www.kaspersky.com\/blog\/secure-futures-magazine\/university-identity-theft-authentication\/43820\/\" target=\"_blank\" rel=\"noopener nofollow\">multi-factor authentication<\/a>. And you can\u2019t go past promoting security awareness regularly among staff, with training every three to six months. Back up data offline every 24 hours and test security teams\u2019 reaction times using exercises based on real-world cyber incidents.<\/p>\n<p>Data-mapping tools that track how information flows across your business, and which users have or control access to this data, can also strengthen your cloud defenses. They help you classify and cordon off data by sensitivity level, which may also be useful in regulatory compliance.<\/p>\n<p>Many clouds certainly don\u2019t make light work, but the growth of multicloud and hybrid cloud is here to stay. For enterprises, the challenge is making sure their security is up to scratch for this complex environment. The increasing adoption of solutions that use automation and AI, and those designed for convoluted cloud settings, show many are taking heed. But no matter how many clouds or endpoints, remember your people must be the heart of your cybersecurity strategy.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Nine in ten companies today use have data spread across many clouds. This growing complexity means business must adopt the best security solutions available.<\/p>\n","protected":false},"author":2662,"featured_media":45592,"template":"","coauthors":[4151],"class_list":{"0":"post-45591","1":"emagazine","2":"type-emagazine","3":"status-publish","4":"has-post-thumbnail","6":"emagazine-category-endpoint-security","7":"emagazine-category-enterprise-cybersecurity","8":"emagazine-category-safer-business","9":"emagazine-tag-cloud","10":"emagazine-tag-edr"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/secure-futures-magazine\/explaining-endpoint-detection-response\/43657\/"}],"acf":[],"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/emagazine\/45591","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/emagazine"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/emagazine"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2662"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/45592"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=45591"}],"wp:term":[{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/coauthors?post=45591"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}