Companies relatively new to cloud operations are striving to bolster one’s 360 degree security posture in a rapidly evolving landscape. Vrinda Khurjekar, senior director of AMER at Searce, highlights why that’s necessary and how enterprises can go about it.
The sky’s the limit for cloud migration as Gartner predicts that worldwide end user spending on public cloud services is forecast to grow upwards of 25% in 2023Opens a new window after a 20.4% increase in 2024, led by infrastructure as a service, platform as a service, and software as a service spending. Business owners love the increased scaling and operational efficiencies, decreased reliance on physical systems, the access to new technologies, and the subscription payment model.
In the last half decade of rapid mass cloud adoption, tech businesses enjoyed a newfound sense of cybersecurity, having dispensed with on premises perimeters to defend. However, in 2024, 45% of data breachesOpens a new window occurred in cloud services. With the coming ubiquity of enterprises increasingly turning to public cloud, multi cloud and hybrid cloud environments, securing platforms and data in the cloud will need to come of age swiftly to keep pace with the ever present cyber criminals.
A company applying traditional security measures left over from static environments to cloud environments is setting itself up for failure. Greenfield companies about to migrate or newly migrated to cloud services in particular could be victim to a set it and forget it approach to security, given that the move to cloud platforms requires a great deal of change management resources even before considering data security. We have observed that greenfield companies must go beyond the basics to secure the organization against the top cloud vulnerabilities, like inadequate identity access management security, insecure APIs and interfaces, misconfiguration and inadequate change control.