Cloud Security Will Never Be the Same

Cloud Security Will Never Be the Same

Josif Cheresharov, Business Development Director at Daticum, provided expert advice featured in Digitalk’s Report, “Everything Goes to the Cloud.”

What do you think cloud security means in 2024?

Modern enterprise security strategies are closely tied to ensuring the proper configuration of cloud environments and infrastructure. According to Gartner, by 2025, 99% of cloud security breaches will be due to preventable human error, so the focus must be on identifying, assessing and remediating cloud misconfigurations.

To ensure security in the cloud, organizations are pursuing ISO 27017 and ISO 27018 certifications to guarantee a secure environment and data privacy. In addition, as part of the amendments to the Network and Information Security Directive, cloud and digital service providers are establishing procedures and implementing protocols for compliance and adherence to security and notification requirements in the event of cyber threats and incidents. Through these regulations and activities, regulators and cloud providers strive to provide a secure environment and infrastructure for businesses and users of their services.

What are the biggest risks for businesses associated with the cloud services they use?

We saw extremely diverse techniques for deploying ransomware in last year’s cyberattacks. These were complex actions designed to evade cloud defences within the specific cyberattack. However, users can adopt a number of key activities to prevent and detect risks in cloud environments through thorough risk assessment and the implementation of robust mechanisms, including security control automation. One example is the use of artificial intelligence to block attacks.

Daticum, one of the leading cloud service providers, helps companies stay prepared against cyber threats through its innovative cloud platform. We constantly consider and adapt to emerging threats, including regular audits, updating security protocols, and monitoring industry developments.

What are the best practices when it comes to cloud security?

I think these are the most important recommendations:

  1. Robust access management is a key to securing your cloud environment. Leading the way is the principle of least privilege, providing the minimum access required for each user or application. Multi-factor authentication for all users and the use of role-based access control.
  2. Encryption. Data must be encrypted at rest and in transit to protect sensitive information from unauthorized access. In addition, key management processes must be robust, ensuring that keys are changed regularly and stored securely.
  3. Implement security monitoring and intrusion detection systems. Continuous monitoring of your cloud environment can help identify potential threats and unusual activities. Deploy AI-assisted intrusion detection and real-time threat analysis systems.
  4. Regular vulnerability assessments and penetration tests. Regularly scheduled vulnerability assessments can identify potential weaknesses in cloud infrastructure. With penetration tests, you can simulate real-world attacks and assess your organization’s ability to defend against them.
  5. Create an enterprise cloud security strategy. Cloud service providers offer unique security features and tools that can be tailored to the needs of a specific organization.  However, this is a shared responsibility, and users must fulfil their part of the security protocols.

What will be the impact of artificial intelligence on this area?

In my opinion, the main applications are using applications with embedded AI algorithms to block cyber attacks and implementing AI-powered systems for intrusion detection or better monitoring, such as providing real-time threat analysis. Agent-based technologies offer many more advantages over agentless tools by leveraging the ability to interact directly with your environment and automate incident response.

The article is available in Bulgarian only. Download the full report.
Contact our experts and let them take care of your cyber security in the cloud!