The proliferation of threats
We all know that cloud computing can lead to faster innovation, flexible resources and economies of scale. But the Thales Global Data Threat Report also shows that it has increased the number of threats. 41 percent of these involve malware, 41 percent phishing and 32 percent ransomware. The targets of attacks are mostly SaaS applications, cloud storage and cloud infrastructure management. Human error is the leading cause of cloud leaks. These include user error and failed authentication systems.
Securing data assets in a dynamic environment
There is an increasing need to access and share data, including from customers. As a company expands, developers, third parties and employees work to provide new services for more consumers.To meet consumer demand, real-time access to data for authorized users is not a luxury. This requires not only accessibility, but also integrity as well as security of the data so that parties can only access data they are authorized to see.
Protecting against AI-based attacks is a step into the unknown
The fact that attackers are constantly looking for new ways to access sensitive information makes the latter all the more important. It is important to have such threats on your radar as an organization. You can expect not only well-known threats such as ransomware, but also the malicious use of generative AI. Malicious parties can use this, for example, to use deepfake to form false identities and eventually even commit fraud. This creates many challenges in the area of security and privacy of important data; as an organization, you have to continuously move with the developments in the market.
CISOs cannot afford to delay new initiatives
This constantly changing landscape of threats puts enormous pressure on the Chief Information Security Officer (CISO), who is responsible for information security. The key principle here is having clear goals. Moreover, CISOs must understand that companies cannot sacrifice security for speed. Thus, the idea is for IT and security teams to work together to ensure visibility and control. Data assets, which are growing faster than ever before, need to be proactively protected.
Taking advantage of data-centric security
To accomplish this goal, the CISO can take advantage of the benefits of data-centric security. This emphasizes protecting the data itself. It is good to know that, depending on the type of data, you can set certain requirements for security. Not an unnecessary luxury when working in the cloud. This is beneficial for compliance, operational efficiency and ultimately consumer trust.
Strong correlation
Complying with laws and regulations also helps for good security of your environment. If you have compliance in place, in practice it leads to fewer data leaks and breaches. The Thales DTR findings show a strong correlation between compliance performance and a smaller amount of leaks:
- 84 percent of organizations that failed a compliance audit reported ever having had a leak. 31 percent experienced a leak in the last 12 months.
- Of the organizations that passed compliance audits, only 21 percent ever experienced a leak, of which only 3 percent experienced a leak in the last 12 months.
Trust, security and privacy
Organizations' approach must be dynamic and proactive. Using security analysis systems, adhering to workflows as well as audit reporting ensure better cooperation between different departments. In this way, you strengthen joint activities to improve cybersecurity activities. This collaboration is key to ensuring trust and privacy. AI creates bots that are increasingly sophisticated. Your organization can be ably protected against all attacks if you regularly review your defense strategy and evolve with developments in the market. Think a little more about that data-centric security as protection against AI-based attacks. That way you are always prepared for an unexpected attack.
Author: Steven Maas
