Google, Microsoft ramp up cloud security as cyberattacks increase | #malware | #ransomware | #education | #technology | #infosec



A sign at the Amazon.com, Inc. BHM1 fulfillment center is seen on March 29, 2021 in Bessemer, Alabama.

Patrick T. Fallon | AFP | Getty Images

When cybersecurity company Mandiant announced in early March that it had entered into a definitive agreement to be acquired by Google in a transaction valued at about $5.4 billion, it marked the latest sign that security expertise and capabilities have become critical for effective cloud service operations.

All three of the biggest public cloud providers — Amazon Web Services (AWS), Microsoft Azure and Google Cloud — have made acquisitions in the cybersecurity space over the past year — and it’s quite possible others will follow as these companies look to shore up their data protection efforts.

Mandiant, which will become part of Google Cloud at the close of the acquisition, provides threat intelligence services and its more than 600 consultants respond to thousands of security breaches each year. It leverages research from more than 300 intelligence analysts to help organizations defend against threats.

Google Cloud has been building cloud-native security into the foundation of its technology as it tries to block threats such as malware, phishing attempts and other cybersecurity attacks. The company says the acquisition of Mandiant underscores its commitment to advancing its security offerings to better protect and advise customers for both on-premises and cloud environments.

Microsoft made two key acquisitions of its own in 2021 to bolster the security of its Azure cloud service. First, it acquired CloudKnox Security, a provider of cloud infrastructure entitlement management (CIEM) technology, as part of an effort to offer unified privileged access and cloud entitlement management to customers across their multi-cloud and hybrid cloud environments.

Another key security acquisition for Microsoft was RiskIQ, a provider of threat intelligence and attack surface management. The company’s offerings are designed to help organizations assess the security of their entire attack surface, including cloud services from Microsoft, AWS and other clouds, as well as on-premises and supply chain systems. They can identify and remediate vulnerable IT components before attackers can capitalize on them.

AWS, for its part, acquired Wickr, a company that offers an encrypted messaging platform used by companies and government agencies. The deal, terms of which were not disclosed, gives AWS advanced security features for messaging, voice and video calling, file sharing, and collaboration.

Leveraging the cloud

All of these transactions make sense, given the ongoing growth of the cloud and the increase in cyber threats. Research firm Gartner has said the pandemic and the surge in digital services are making cloud services the “centerpiece of new digital experiences.”

Public cloud spending worldwide increased by 23% in 2021, driven by increased digital services to replace person-to-person services and the migration of existing IT assets to the cloud to enable better availability, says Peter Firstbrook, research vice president at Gartner.

Examples of how companies are leveraging the cloud include increasing robotic processing automation (RPA) for service and support, adding new cloud storefronts, migrating existing services to the cloud to support newly remote workers, and using collaboration tools and desktop as a service.

“Most of these migrations were already happening, but the pandemic accelerated the migration to cloud in many organizations,” Firstbrook says.

The firm predicts that global cloud revenue will total $474 billion this year, up from $408 billion in 2021. Gartner analysts estimate that cloud revenue will surpass non-cloud revenue for relevant enterprise IT markets over the next few years. By 2025, the firm predicts more than 95% of new digital workloads will be deployed on cloud-native platforms, up from just 30% in 2021.

In a newly released report identifying the top security and risk management trends for 2022, the firm notes that organizations worldwide are facing sophisticated ransomware, attacks on digital supply chains and deeply embedded vulnerabilities.

The Russian invasion of Ukraine has not illustrated significant new cybersecurity attacker tradecraft, Firstbrook says. “Denial-of-service attacks and wiper malware were observed, but these were easily contained and none caused the collateral damage that NotPetya did,” he says. “There may be more that we don’t know yet.”

The U.S. government has issued a warning that Russia might increase attacks on U.S. companies, Firstbrook says, “however so far I have not seen evidence of significant new attacks or attack tradecraft. IT organizations that follow best practices guidance are well positioned to mitigate attacks regardless of the source.”

Longer term, a prolonged Russian recession might drive more people into cybercrime, “which could drive an increase in international ransomware attacks,” Firsbrook says. “Concurrently, we anticipate that Russia will stop cooperating with the international community to arrest Russian nationals accused of international cybercrime.”

In the meantime, the increase in hybrid work because of the pandemic accelerated the move to the cloud, challenging cybersecurity executives to secure an increasingly distributed enterprise while at the same time dealing with a shortage of skilled security staff.

Enterprise attack surfaces are expanding, the report says, and risks associated with the use of cloud applications, complex digital supply chains and other aspects of technology have brought organizations’ exposed surfaces outside of a set of controllable assets. As a result, they need to look beyond traditional approaches to security monitoring, detection and response to manage a wider set of security exposures.

In a clear indication that cybersecurity threats aren’t going away anytime soon, the Cloud Security Alliance (CSA) earlier this month launched a countdown to April 14, 2030, the date by which CSA estimates a quantum computer will be able to break present-day cybersecurity infrastructure.

The alliance, an organization that defines standards, certifications and best practices for cloud computing security, says its website will feature a Year to Quantum (Y2Q) countdown clock to serve as a reminder of the need to find and implement new security solutions.



Source link