aleksandar nakovski - stock.adob
Public Cloud Adoption Rises, But Health Security Concerns Remain
Research shows that public cloud adoption is correlated with a lower likelihood of suffering a data breach, but other health security concerns persist.
Organizations that host all their applications in the public cloud are less likely to experience a data breach or ransomware attack, according to a new report conducted by market research firm Vanson Bourne on behalf of Barracuda Networks. However, there are still health security concerns with the move to public cloud.
Researchers surveyed 750 IT decision makers from a variety of industries, including construction, energy, media, manufacturing, technology, and financial services. The results have implications for the healthcare sector as well, as cloud adoption increases across the industry.
Nearly a third of surveyed IT professionals reported that their organizations experienced a ransomware attack within the past 12 months, and almost half reported experiencing two or more. However, organizations with more applications hosted in the public cloud were less likely to suffer a data breach.
The findings imply that cloud adoption plays a role in preventing ransomware and data breaches.
The COVID-19 pandemic led to more employees across all sectors working remotely, which comes with its own set of cybersecurity challenges.
To overcome these security challenges, many organizations have implemented newer technologies to combat data breaches. Almost half of respondents had already deployed an SD-WAN solution, or software defined networking in a wide area network.
A secure SD-WAN allows organizations to route enterprise network traffic over the internet and enables end-to-end encryption from a local site to the cloud, mitigating potential vulnerabilities.
Over 40 percent of respondents reported implementing a Zero Trust Network Access (ZTNA) solution, which is a security architecture that does not assume that any user or system should automatically be trusted. Strong device authentication makes it extremely difficult for bad actors to break into a network.
Both SD-WAN and ZTNA are designed to support cloud environments, which explains why 73 percent of companies with all apps in the public cloud have deployed SD-WAN. Only 37 percent of companies with only a few apps in the public cloud have deployed SD-WAN.
The survey results show an unsurprising trend: the organizations with the most up-to-date and sophisticated security solutions are experiencing less cybersecurity incidents.
The US Office of Management and Budget (OMB) and the Cybersecurity and Infrastructure Security Agency (CISA) recently announced plans to shift the entire federal government toward a zero trust architecture.
Other industries will likely follow. A report by the HHS Cybersecurity Program explained that “It is clear that the current perimeter-based security model that most healthcare organizations use will no longer be effective.”
“To stay ahead of these trends, healthcare organizations must continue to invest in the basics while making a fundamental shift from the castle-and-moat approach to a Zero Trust model.”
Adopting SD-WAN, Zero Trust, and storing data in the public cloud may be crucial to protecting sensitive data from cybercriminals.
However, it is important to note that the cloud is not immune to cyberattacks. Recent guidance from the Cloud Security Alliance (CSA) warned healthcare organizations about the threat of ransomware in the cloud.
“Due to the nature of public cloud, where the underlying infrastructure is secured and managed by the cloud service provider, many customers incorrectly assume that the threat of ransomware in the cloud is less than in a private data center,” the report stated.
“However, cloud services rely on the synchronization of data, and if ransomware encrypted data enters the synchronization process, data will run the risk of being propagated in the cloud. At this point, cloud applications become complicit in spreading the malware.”
As cloud adoption increases across all sectors, organizations must weigh the benefits and risks of cybersecurity solutions.