How India stacks up against other countries in public cloud security

A recent survey on public cloud security reveals how India fares in comparison with other geographies. Chester Wisniewski, Principal Research Scientist at Sophos explains key challenges CISOs might face and highlights five ways to tackle them.

cloud security ts

A recent global survey on ‘The State of Cloud Security 2020’ conducted by research specialist Vanson Bourne, and commissioned by Sophos, reveals that India – in comparison with 25 other countries – faced the highest number of cyberattacks in the last year.

The survey, undertaken by over 3,200 IT leaders, shows that India Inc. has bagged the none-too-flattering top rank in three out of six cloud security categories organizations were assessed on. Here’s a snapshot of how India fared:

  • Number 1 in public cloud security incidents
  • Number 1 in stolen cloud account credentials
  • Number 1 in cryptojacking attacks on the public cloud
  • Number 2 in ransomware attacks on public clouds
  • Number 2 in public cloud data leaks
  • Number 4 in number of malware attacks on public clouds

Of the 227 Indian organizations that participated, 93 percent had faced a cyberattack in the last year, ahead only of Nigeria (86 percent) and the Philippines (82 percent). Italy appears to be the “safest” with respect to public cloud security, with “just” 45 percent of organizations surveyed there reporting a security incident.

Interestingly, despite reporting the highest number of cyberattacks, 92 percent of Indian IT leaders said their organizations had complete visibility of all cloud assets.

Why is public cloud security top priority for CISOs, and what are Indian organizations doing wrong?

The findings are disconcerting in the face of the rising adoption rate of public clouds in the Indian enterprise – a trend being driven by benefits like low capital expenditure, scalability and maximum uptime. IDC forecasts the spending on public clouds in India will cross USD 6.3 billion (about INR 4,700 crore) by 2022.

Chester Wisniewski. Sophos Sophos

“Although cloud providers and security vendors are doing their best to make it easy to collect, analyze and draw attention to the most important threats, the primary defence against modern ransomware requires humans in addition to tools.”

-- Chester Wisniewski, Principal Research Scientist, Sophos

So what explains the state of public cloud security in India? Are Indian companies fighting a harder battle in terms of scale and complexity of attacks?

Chester Wisniewski, Principal Research Scientist at Sophos doesn’t think so: “There’s no corresponding data to suggest that Indian organizations are being targeted more frequently or by more sophisticated adversaries. It certainly implies that security standards are below average,” he says.

Human-based vs tool-based security strategy 

While it’s true that the latest security defences are expensive and are often adopted first in the U.S. and Western Europe, Wisniewski believes this cannot be an excuse as most of the changes to defensive strategy are human-based and not tool-based.

“Although cloud providers and security vendors are doing their best to make it easy to collect, analyse and draw attention to the most important threats, the primary defence against modern ransomware requires humans in addition to tools,” he explains.

Furthermore, he adds that major cloud providers like Azure, Amazon and others offer a plethora of security controls – which is great, but also quite complicated, thereby leaving a lot of room for human error.

5 key cloud security takeaways for Indian CISOs

Emphasizing the importance of getting the basics right, Wisniewski shares his 5-point strategy for CISOs to secure their public clouds:

  1. Establish clear-cut support boundaries: The No. 1 challenge in using a public cloud service is understanding the demarcation line between the service provider’s responsibilities and your own. While CISOs don’t have to worry about hardware and scaling in the cloud, they are still responsible for securing the data and protecting the application and the operating system against attacks.

  2. Closely monitor systems: Auto-scaling of applications results in organizations not experiencing performance problems when under attack as they might with on-premises systems. This is why Wisniewski advises systems be monitored much more carefully. He adds that it’s important to use software and hardware firewalls, Web Application Firewalls (WAF) and other network devices or services in the public cloud, just as you would with on-premises systems.

  3. Watch out for cloud misconfiguration: The survey revealed the Achilles heel of public cloud security to be cloud misconfiguration: 66 percent of respondents said that the attacks their organizations faced exploited security gaps resulting from misconfiguration. Wisniewski says that using security monitoring tools ensures that all production systems match the expected configuration. This can go a long way towards stopping these configuration errors and preventing the dreaded accidental data exposure.

  4. Use threat hunting, active monitoring and data analysis: The Principal Scientist says that threat hunting, actively monitoring and analysing data coming from firewalls, security tools and operating systems are essential to stop advanced threats.

  5. Avoid mistakes when moving cloud instances: Wisniewski warns that most often mistakes are made when moving cloud instances from development to test to production. Here again, he reiterates the criticality of production systems matching the expected configuration.

Given the potential of the public cloud in India, there’s a lot riding on the security aspect of it. While public cloud adoption in the country is still in its infancy, Wisniewski observes that India has a lot of well-educated technologists, and if they work in the right manner and take the right measures, improvements in public cloud security can be seen in short order.

Copyright © 2020 IDG Communications, Inc.

The 10 most powerful cybersecurity companies