Oracle BrandVoice: Automation Is Key To Warding Off Cloud Security Threats, New Oracle-KPMG Research Study Reveals

Oracle BrandVoice: Automation Is Key To Warding Off Cloud Security Threats, New Oracle-KPMG Research Study Reveals

Phishing attacks, unpatched systems, and unauthorized cloud applications are creating unrelenting risk for enterprise security teams. Automation of threat monitoring and patching of software vulnerabilities is often the best way—and increasingly the only effective way—to tackle those challenges.  iStockphotoThat’s one of the key conclusions from a research project jointly conducted by Oracle and KPMG. The…

” innerhtml=”

Phishing attacks, unpatched systems, and unauthorized cloud applications are creating unrelenting risk for enterprise security teams. Automation of threat monitoring and patching of software vulnerabilities is often the best way—and increasingly the only effective way—to tackle those challenges.

iStockphoto

That’s one of the key conclusions from a research project jointly conducted by Oracle and KPMG. The Oracle and KPMG Cloud Threat Report 2019, released in February, examines many threats facing organizations. The data comes from 450 cybersecurity and IT professionals from private- and public-sector organizations in the United States, Canada, United Kingdom, Australia, and Singapore.

Key findings from the Oracle and KPMG study include:

23%of respondents say their organizations don’t have the resources to manually patch all their systems. This calls out the need for automation in rolling out patches.

50%say that use of unsanctioned cloud applications resulted in unauthorized access to data; 48%say that unauthorized access introduced malware, and 47%say that data was lost. This points to the need to set policies to limit the use of unapproved cloud applications—and perhaps to introduce technology to automatically detect or block such uses.

92%are concerned that individuals, departments, or lines of business within the organization are violating security policies when it comes to the use of cloud applications. This may mean using unsanctioned cloud applications, or in using sanctioned cloud applications in a way that’s not sanctioned.

69%of organizations stated that they are aware of a moderate or significant amount of unapproved cloud applications, with another 15%stating they are aware of a few such apps in use. The appeal of cloud applications is tremendous, and employees aren’t going to let security policies or approval processes slow their adoption of them.

The big picture conclusion: It’s more important than ever that businesses use automation tools, in addition to human security analysts, to protect the business. The study also showed that it’s essential for CISOs to become more aware of the uses of cloud computing within their organizations, and that all parties in the business—including IT teams—need a better understanding of the shared security model for cloud computing.

Phishing Attacks Are Top Risk

The single most common cyberattack vector: Phishing emails, either generic ones that flooded employees’ inboxes, or personally targeted “spearphishing” messages aimed at, say, a CFO or IT technician. In the Oracle-KPMG study, 27%of organizations were attacked with email phishing with malicious attachments or links in the past year.

The next most common attack vectors: malware that moved laterally through the organization and infected a server (cited by 23%of respondents); misuse of privileged accounts by an employee (19%); and “zero day” exploits that exploited previously unknown vulnerabilities in operating systems or applications (18%).

When employees open a phishing email and click on a link, or open an attachment, many bad things can happen, but one of the nastiest is when the hacker installs malware or sends the employee to a faked-up web page to steal login credentials.

istockphoto

“Email is the number-one attack vector,” says Greg Jensen, senior director of cloud security at Oracle and coauthor of the Oracle and KPMG Cloud Threat Report2019 “Employees have these human tendencies where they are drawn to look at an email, like moths to a flame, if it says ‘important’ or if it appears to originate from a known executive, I’m going to click it.” Or if it appears to be formatted to be from a trusted partner with a request to provide information.

As the report explains, these techniques, and other more sophisticated phishing attacks, can let the attacker gain access to cloud infrastructure services, or software-as-a-service. For example, perhaps the phished employee is a software developer, cloud administrator, or application release engineer. Armed with that employee’s credentials, “hackers can access cloud infrastructure management consoles, provision new services such as compute instances, and begin to move laterally across the affected company’s cloud infrastructure,” the report says.

The best way to stop phishing is to prevent the malicious message from getting to the recipient. Security software can help in this regard, such as by using advanced email security solutions that use artificial intelligence and machine learning to inspect email content—including addresses, message text, links, and attachments—to detect malware, links to malicious web sites, and business email compromises. So can machine-learning powered monitoring software that looks for out-of-the-ordinary behavior. If your US-based CFO logs onto your procurement system from the Ukraine in the middle of the night, your system can flag that as an anomaly that might point to a stolen credential.

Not Knowing the Shared Security Model

In an organization’s data center, the IT and security teams are responsible for all aspects of security. In the cloud, however, there’s a shared responsibility security model (SRSM) that includes both the cloud service provider and the enterprise customer.

Unfortunately, sometimes business units that implement cloud applications and infrastructure aren’t aware that the enterprise shares responsibility for securing those cloud applications, such as vetting the vendor, monitoring security alerts, patching the portions of the cloud they are responsible for, and ensuring that user authentication is strong and synchronized with existing on-premises credentials-management systems. This leads to situations where the CISO team isn’t involved with vendor selection, third-party security audits, and other activities that normally take place when onboarding a cloud service provider.

The shared responsibility security model for any particular cloud service explains the division of labor between the cloud service provider and the customer. For example, says the report, while some cloud service providers offer specific cloud security options such as data masking, it may be the responsibility of the customer to determine if it’s appropriate to apply and manage those controls. Ultimately, it’s the consumer of cloud service’s responsibility to ensure their organization is protected.

“Organizations are being compromised because someone signed up for an unsanctioned cloud service, and they falsely believe that the cloud service provider will address of all the security requirements,” says KPMG risk-management consultant and report coauthor Brian Jensen (no relation to Oracle’s Jensen).

Automation Can Make a Difference

The number of alerts and incidents coming into a typical enterprise security team is too much to handle—and when alerts of anomalous end-user behavior are included (as they should be), the problem is likely to grow quickly.

A typical large enterprise deals with 3.3 billion events per month, “yet only 31 of those events are actually real security events or threats,” KPMG’s Jensen says. “That’s truly a needle in a haystack—or worse.”

An enterprise can’t hire its way out of this mess, because it’s not feasible to find, recruit, hire, train, and retain so many security analysts. “The challenge will not be addressed with manpower alone, what is needed is intelligent automation and trained skilled staff to architect a scalable solution that addresses the unique cloud risk use cases,” KPMG’s Jensen says.

Another looming risk comes from unpatched systems. When vulnerabilities are found in operating systems, applications, or device firmware (such as in Internet of Things implementations), it can take too long for IT staff, working with the security team, to install and test the required patches or configuration changes.

The answer is to let software do the tedious, repetitive grunt-work while human IT and security analysts focus on solving more difficult problems. Patching vulnerable hardware or software is among the most high-impact steps a cybersecurity team can take. Automated patching is used by 43%of organizations, the report finds, with 50%of larger organizations (1,000 or more employees) using it. A further 46%of all organizations plan to implement automated patching over the next 12 to 24 months.

The research shows a clear strategic intent to leverage automation for database patching. About one-quarter (24%) of respondents have fully or mostly automated patching their database servers, and another 18%have somewhat automated their database patching. However, what the report details are clear differentiators in the levels of automation that have been used over the years, and what truly impactful forms of automation.

The Imperative for Cloud Security

How can organizations protect the increasing number of business-critical cloud services? Make sure that employees are trained about various forms of social engineering attacks, such as phishing—and because the hackers keep getting trickier, realize that training isn’t enough. So, it’s important to implement solutions to block phishing and spearphishing emails from reaching employees, and continually monitor systems for signs of out-of-the-ordinary behavior that might signal an email compromise.

Organizations also need to enforce policies about the use of third-party cloud services without the full engagement and approval of IT and/or the security teams. Everyone needs to understand the specific shared responsibility security model for each cloud service, and as much as possible, use automation to handle tedious, repetitive tasks such as doing triage on security alerts, and applying patches and fixes to address vulnerabilities.

The 2019 threat report offers additional research information, as well as prescriptive ideas for addressing these and other enterprise security challenges as you transition to the business-critical cloud.

“>< div _ ngcontent-c14 ="" innerhtml ="

Phishing attacks, unpatched systems, and unapproved cloud applications are developing unrelenting threat for enterprise security groups. Automation of risk tracking and patching of software vulnerabilities is often the very best method– and progressively the just efficient method– to take on those challenges.

iStockphoto

That is among the essential conclusions from a research job jointly performed by Oracle and KPMG. The Oracle and KPMG Cloud Risk Report2019, released in February, examines many threats dealing with organizations. The information comes from450 cybersecurity and IT specialists from private- and public-sector organizations in the United States, Canada, United Kingdom, Australia, and Singapore.

Secret findings from the Oracle and KPMG study consist of:

23%of respondents say their organizations do not have the resources to manually spot all their systems. This calls out the need for automation in presenting spots.

50%say that use of unsanctioned cloud applications led to unapproved access to data;48%say that unapproved access introduced malware, and47%say that data was lost. This points to the requirement to set policies to restrict the use of unapproved cloud applications– and possibly to present technology to instantly discover or block such uses.

92%are worried that individuals, departments, or line of work within the organization are breaching security policies when it concerns the usage of cloud applications. This might imply utilizing unauthorized cloud applications, or in using approved cloud applications in such a way that’s not approved.

69%of organizations stated that they understand a moderate or considerable quantity of unapproved cloud applications, with another 15%stating they understand a few such apps in usage. The appeal of cloud applications is remarkable, and workers aren’t going to let security policies or approval processes slow their adoption of them.

The huge image conclusion: It’s more crucial than ever that businesses use automation tools, in addition to human security experts, to safeguard the service. The study likewise revealed that it’s essential for CISOs to end up being more familiar with making uses of cloud computing within their organizations, and that all celebrations in business– including IT groups– require a better understanding of the shared security design for cloud computing.

Phishing Attacks Are Top Threat

The single most common cyberattack vector: Phishing e-mails, either generic ones that flooded workers’ inboxes, or personally targeted” spearphishing” messages targeted at, state, a CFO or IT technician. In the Oracle-KPMG research study, 27%of organizations were assaulted with email phishing with harmful accessories or links in the previous year.

The next most typical attack vectors: malware that moved laterally through the organization and infected a server( mentioned by23%of participants); misuse of fortunate accounts by an employee(19%); and” absolutely no day” exploits that exploited formerly unknown vulnerabilities in running systems or applications(18%).

When employees open a phishing e-mail and click on a link, or open an accessory, many bad things can take place, however one of the nastiest is when the hacker installs malware or sends the employee to a faked-up web page to take login qualifications.

istockphoto

” Email is the number-one attack vector,” says Greg Jensen, senior director of cloud security at Oracle and coauthor of the Oracle and KPMG Cloud Threat Report2019″ Employees have these human tendencies where they are drawn to look at an e-mail, like moths to a flame, if it states’ essential ‘or if it appears to originate from a recognized executive, I’m going to click it.” Or if it seems formatted to be from a relied on partner with a request to provide info.

As the report discusses, these strategies, and other more advanced phishing attacks, can let the assaulter gain access to cloud infrastructure services, or software-as-a-service. For instance, maybe the phished staff member is a software designer, cloud administrator, or application release engineer. Armed with that worker’s qualifications,” hackers can access cloud infrastructure management consoles, provision brand-new services such as calculate instances, and start to move laterally across the affected company’s cloud facilities,” the report states.

The finest method to stop phishing is to avoid the harmful message from getting to the recipient. Security software application can help in this regard, such as by utilizing advanced e-mail security options that use expert system and artificial intelligence to inspect e-mail content– including addresses, message text, links, and attachments– to identify malware, links to destructive website, and company e-mail compromises. So can machine-learning powered monitoring software that searches for out-of-the-ordinary habits. If your US-based CFO logs onto your procurement system from the Ukraine in the middle of the night, your system can flag that as an abnormality that might point to a taken credential.

Not Knowing the Shared Security Design

In a company’s information center, the IT and security teams are accountable for all elements of security. In the cloud, however, there’s a shared responsibility security design( SRSM) that includes both the cloud provider and the enterprise consumer.

Regrettably, sometimes organisation units that carry out cloud applications and infrastructure aren’t mindful that the enterprise shares responsibility for securing those cloud applications, such as vetting the vendor, monitoring security notifies, patching the parts of the cloud they are accountable for, and guaranteeing that user authentication is strong and synchronized with existing on-premises credentials-management systems. This leads to scenarios where the CISO team isn’t included with vendor selection, third-party security audits, and other activities that usually happen when onboarding a cloud provider.

The shared duty security design for any particular cloud service describes the division of labor between the cloud company and the client. For instance, says the report, while some cloud service suppliers provide specific cloud security alternatives such as data masking, it may be the responsibility of the client to determine if it’s appropriate to use and manage those controls. Ultimately, it’s the customer of cloud service’s obligation to ensure their company is safeguarded.

“Organizations are being jeopardized due to the fact that somebody signed up for an unsanctioned cloud service, and they wrongly believe that the cloud provider will address of all the security requirements, “says KPMG risk-management specialist and report coauthor Brian Jensen( no relation to Oracle’s Jensen).

Automation Can Make a Distinction

The number of signals and occurrences coming into a normal business security team is too much to handle– and when notifies of anomalous end-user habits are included (as they ought to be), the issue is most likely to grow rapidly.

A common large enterprise handle 3.3 billion occasions each month,” yet just 31 of those events are in fact real security events or threats, “KPMG’s Jensen states.” That’s genuinely a needle in a haystack– or worse.”

An enterprise can’t employ its way out of this mess, since it’s not possible to discover, hire, work with, train, and keep a lot of security analysts.” The obstacle will not be addressed with manpower alone, what is needed is smart automation and qualified skilled staff to architect a scalable option that addresses the unique cloud threat use cases,” KPMG’s Jensen says.

Another looming danger comes from unpatched systems. When vulnerabilities are discovered in operating systems, applications, or device firmware( such as in Web of Things applications), it can take too wish for IT staff, working with the security group, to install and check the needed spots or configuration changes.

The response is to let software application do the tiresome, repeated grunt-work while human IT and security analysts concentrate on resolving harder issues. Covering vulnerable hardware or software is amongst the most high-impact steps a cybersecurity group can take. Automated patching is used by43%of organizations, the report discovers, with 50%of larger companies( 1,000 or more workers) utilizing it. A more 46%of all companies plan to carry out automated patching over the next12 to24 months.

The research study shows a clear tactical intent to take advantage of automation for database patching. About one-quarter(24%) of participants have completely or primarily automated covering their database servers, and another18%have somewhat automated their database patching. However, what the report information are clear differentiators in the levels of automation that have been utilized over the years, and what really impactful types of automation.

The Essential for Cloud Security

How can companies secure the increasing number of business-critical cloud services? Ensure that employees are trained about various kinds of social engineering attacks, such as phishing– and due to the fact that the hackers keep getting more difficult, understand that training isn’t enough. So, it is very important to implement options to obstruct phishing and spearphishing emails from reaching employees, and continuously screen systems for signs of out-of-the-ordinary behavior that may indicate an e-mail compromise.

Organizations also require to enforce policies about using third-party cloud services without the complete engagement and approval of IT and/or the security groups. Everyone needs to understand the particular shared obligation security model for each cloud service, and as much as possible, utilize automation to deal with tedious, recurring tasks such as doing triage on security signals, and applying patches and repairs to address vulnerabilities.

The 2019 risk report provides extra research information, in addition to prescriptive concepts for resolving these and other enterprise security obstacles as you transition to the business-critical cloud.

” >

Phishing attacks, unpatched systems, and unauthorized cloud applications are producing unrelenting threat for business security groups. Automation of hazard tracking and patching of software application vulnerabilities is typically the very best way– and increasingly the just efficient way– to take on those obstacles.

iStockphoto

That is among the key conclusions from a research study project jointly conducted by Oracle and KPMG. The Oracle and KPMG Cloud Threat Report2019, launched in February, takes a look at many hazards facing companies. The data originates from450 cybersecurity and IT experts from private- and public-sector organizations in the United States, Canada, United Kingdom, Australia, and Singapore.

Secret findings from the Oracle and KPMG research study consist of:

23 %of participants state their organizations do not have the resources to by hand spot all their systems. This calls out the need for automation in rolling out spots.

50 %state that usage of unsanctioned cloud applications led to unapproved access to data;48 %state that unapproved access introduced malware, and 47 %state that data was lost. This indicates the requirement to set policies to limit the use of unapproved cloud applications– and perhaps to introduce innovation to automatically detect or block such usages.

92 %are concerned that individuals, departments, or lines of service within the organization are violating security policies when it pertains to making use of cloud applications.
This may mean utilizing unsanctioned cloud applications, or in using approved cloud applications in a way that’s not sanctioned.

69 %of companies mentioned that they understand a moderate or substantial amount of unapproved cloud applications, with another 15 %stating they are aware of a few such apps in use. The appeal of cloud applications is remarkable, and employees aren’t going to let security policies or approval procedures slow their adoption of them.

The huge picture conclusion: It’s more crucial than ever that businesses utilize automation tools, in addition to human security experts, to protect the business. The study also showed that it’s necessary for CISOs to become more familiar with making uses of cloud computing within their companies, and that all parties in the service– including IT teams– need a much better understanding of the shared security design for cloud computing.

Phishing Attacks Are Top Threat

The single most common cyberattack vector: Phishing emails, either generic ones that flooded staff members’ inboxes, or personally targeted “spearphishing” messages targeted at, say, a CFO or IT professional. In the Oracle-KPMG study, 27 %of organizations were assaulted with e-mail phishing with harmful accessories or links in the previous year.

The next most common attack vectors: malware that moved laterally through the organization and infected a server (cited by 23 %of respondents); misuse of fortunate accounts by an employee (19 %); and “no day” exploits that exploited formerly unidentified vulnerabilities in operating systems or applications (18 %).

When workers open a phishing email and click a link, or open an attachment, numerous bad things can happen, but one of the nastiest is when the hacker sets up malware or sends the employee to a faked-up websites to take login credentials.

istockphoto

“Email is the number-one attack vector,” says Greg Jensen, senior director of cloud security at Oracle and coauthor of the Oracle and KPMG Cloud Threat Report2019 “Employees have these human tendencies where they are drawn to take a look at an email, like moths to a flame, if it says ‘crucial’ or if it appears to originate from a recognized executive, I’m going to click it.” Or if it appears to be formatted to be from a relied on partner with a request to supply information.

As the report describes, these techniques, and other more advanced phishing attacks, can let the assailant gain access to cloud infrastructure services, or software-as-a-service. For instance, maybe the phished employee is a software developer, cloud administrator, or application release engineer. Equipped with that employee’s credentials, “hackers can access cloud infrastructure management consoles, arrangement brand-new services such as calculate instances, and start to move laterally across the impacted business’s cloud facilities,” the report says.

The best method to stop phishing is to avoid the malicious message from getting to the recipient. Security software application can help in this regard, such as by utilizing innovative email security options that utilize expert system and artificial intelligence to check e-mail content– consisting of addresses, message text, links, and attachments– to identify malware, links to destructive web websites, and company e-mail compromises. So can machine-learning powered tracking software application that looks for out-of-the-ordinary habits. If your US-based CFO logs onto your procurement system from the Ukraine in the middle of the night, your system can flag that as an abnormality that may point to a stolen credential.

Not Understanding the Shared Security Model

In a company’s information center, the IT and security groups are accountable for all aspects of security. In the cloud, however, there’s a shared duty security model (SRSM) that includes both the cloud service supplier and the enterprise consumer.

Sadly, sometimes service systems that implement cloud applications and facilities aren’t aware that the business shares duty for securing those cloud applications, such as vetting the supplier, keeping track of security alerts, covering the parts of the cloud they are accountable for, and guaranteeing that user authentication is strong and integrated with existing on-premises credentials-management systems. This results in scenarios where the CISO team isn’t included with vendor selection, third-party security audits, and other activities that normally happen when onboarding a cloud company.

The shared obligation security design for any particular cloud service explains the division of labor in between the cloud provider and the client. For instance, states the report, while some cloud provider offer particular cloud security alternatives such as data masking, it might be the obligation of the customer to determine if it’s suitable to apply and handle those controls. Eventually, it’s the consumer of cloud service’s duty to ensure their organization is protected.

“Organizations are being compromised due to the fact that somebody registered for an unsanctioned cloud service, and they falsely believe that the cloud company will attend to of all the security requirements,” says KPMG risk-management expert and report coauthor Brian Jensen (no relation to Oracle’s Jensen).

Automation Can Make a Distinction

The variety of signals and incidents entering a typical business security group is too much to manage– and when notifies of anomalous end-user habits are consisted of (as they should be), the issue is most likely to grow rapidly.

A typical big enterprise handle 3.3 billion occasions per month, “yet just 31 of those occasions are actually genuine security events or risks,” KPMG’s Jensen states. “That’s genuinely a needle in a haystack– or even worse.”

A business can’t employ its escape of this mess, since it’s not feasible to find, recruit, employ, train, and maintain numerous security experts. “The difficulty will not be attended to with manpower alone, what is needed is intelligent automation and trained knowledgeable staff to architect a scalable option that resolves the distinct cloud danger use cases,” KPMG’s Jensen states.

Another looming risk comes from unpatched systems. When vulnerabilities are discovered in running systems, applications, or device firmware (such as in Internet of Things executions), it can take too wish for IT staff, working with the security team, to install and test the required spots or configuration modifications.

The answer is to let software do the laborious, recurring grunt-work while human IT and security experts concentrate on fixing harder issues. Patching vulnerable hardware or software is among the most high-impact steps a cybersecurity team can take. Automated patching is used by 43 %of organizations, the report finds, with 50 %of larger organizations (1, 000 or more staff members) utilizing it. A further 46 %of all companies prepare to implement automated patching over the next 12 to 24 months.

The research study shows a clear tactical intent to utilize automation for database patching About one-quarter (24 %) of participants have completely or primarily automated patching their database servers, and another 18 %have rather automated their database patching. Nevertheless, what the report information are clear differentiators in the levels of automation that have been used over the years, and what really impactful kinds of automation.

The Important for Cloud Security

How can companies secure the increasing variety of business-critical cloud services? Make certain that employees are trained about different types of social engineering attacks, such as phishing– and due to the fact that the hackers keep getting more difficult, recognize that training isn’t enough. So, it’s crucial to execute services to block phishing and spearphishing emails from reaching workers, and continually display systems for signs of out-of-the-ordinary behavior that might indicate an email compromise.

Organizations also require to impose policies about using third-party cloud services without the full engagement and approval of IT and/or the security groups. Everybody needs to understand the particular shared obligation security design for each cloud service, and as much as possible, use automation to deal with laborious, repeated tasks such as doing triage on security signals, and applying spots and fixes to deal with vulnerabilities.

The 2019 threat report offers additional research info, in addition to authoritative concepts for resolving these and other business security challenges as you transition to the business-critical cloud.

Read More .

Please follow and like us:

Leave a Reply

Your email address will not be published.

Enjoy this blog? Please spread the word :)