Connect with us

Expert Speak

What is Good Cloud Migration Security?



Written by Jonathan Nguyen-Duy, Vice President, Global Field CISO at Fortinet

Cloud adoption continues to be important for many organizations as they transform how they do business in today’s digital world. While there are many benefits associated with cloud adoption, the security implications of moving to the cloud cannot be ignored if organizations are to fully embrace it.

What is Cloud Migration?
Cloud migration is the process of transferring an organization’s data and apps from on-premises servers to a cloud infrastructure. A cloud infrastructure enables organizations to access data storage requirements and computing capabilities when they are needed.

Rather than creating on-premises IT infrastructures or leasing data-center space, organizations can rent cloud infrastructure and their required computing capabilities via third-party providers. This can mean cost savings to an organization’s operating budget due to lower spending on energy bills, IT personnel, hardware, servers, and software that are needed for a physical data center.

Other key benefits of cloud migration are agility and flexibility. Cloud infrastructures are highly agile and flexible because they are self-managed and allow users to spin up new services and make changes in a matter of minutes. This permits organizations to be more focused on business and bottom-line issues rather than being bogged down in IT matters.

Cloud platform and infrastructure works through an abstraction process, such as virtualization. The goal is to separate resources from the physical hardware they are typically installed on and put them into the cloud. These virtual resources are provisioned into cloud environments using tools like automation and management software, enabling users to access the resources when they need them from wherever they are working.

Three Types of Cloud Architecture
When we talk about cloud infrastructure, we’re referring to the tools that are used to build a cloud environment. When we talk about cloud architecture, we’re referring to the design or blueprint of specifically how the various technologies for creating a cloud computing environment will be connected. There are three types of cloud architecture:

  1. Public
  2. Private

Public cloud architecture uses third-party cloud providers to make cloud resources available to multiple customers via the internet. These providers operate multi-tenant environments that lower the cost of data storage and computing power for customers. Public clouds can have a drawback: privacy issues for organizations that handle sensitive data or personally identifiable information (PII).

In a private cloud architecture approach, cloud infrastructure is only accessed by the organization. The private cloud architecture can be built, developed, and maintained by a company’s own IT teams or delivered by external providers. Private clouds as their name imply address the drawback of the public cloud issue with privacy.

hybrid cloud model is considered the best of both public and private architectures. The hybrid approach allows private and public cloud infrastructures to interact within a connected but separate system. This is ideal for organizations that handle sensitive information and PII, allowing them to store their critical data in private clouds and while keeping less sensitive data in public clouds. With a hybrid cloud architecture, organizations can maintain their private environments while accessing all the benefits of public cloud services for other computing tasks and storage.

Three Types of Cloud Migration
There are three main types of cloud migration:

  1. On-premises to the cloud
  2. Cloud-to-cloud migration
  3. Reverse cloud migration.

When moving data that is being hosted by on-premises servers to the cloud, you will be typically using a technique that’s called “lift and shift.” This is the transfer (or “rehosting”) of an exact copy of your current environment without making extensive changes.

This is the fastest and simplest way for an organization to start taking advantage of the cloud. As for moving data between clouds, say public and private ones, it will be done most likely because you want to keep it more secure. On the rare occasion where data becomes no longer important or obsolete, a reverse cloud migration may be employed to free up space and archive it on a local storage device.

To save time and expenses, cloud migration experts recommend some procedural tasks be performed before migrating data. The tasks include doing an audit and deciding what data and applications to retire and what ones to retain and migrate to the cloud.

What Are The Security Risks That Come With Cloud Migration?
There are several security-related challenges that organizations must overcome in the process, including compliance breaches and malware. Because the cloud is ever-evolving, some vendors will handle the changes well and some won’t. If a cloud provider goes out of business or has a dramatic overhaul, any enterprise using its services might be exposed to risk because of the upheaval.

Another cloud migration risk involves its reliance on the internet, meaning “any cloud solution is only as solid or reliable as the network connection it is built on.” It’s difficult for an enterprise and its users to accept downtime when apps and services aren’t accessible. Cloud infrastructures must have dependable connections and networks that are supported by service level agreements (SLAs).

A cloud migration security strategy must also consider that data controls are transferred from the organization to a cloud service provider. For the strategy to be effective, there must get buy-in from enterprise leaders. They need to accept the trade-off of getting cloud computing benefits while having less or limited control over access to applications, data, and any server-based tools.

Recently, a cloud survey showed some of the concerns about cloud migration from IT leaders mentioning a lack of visibility, high cost, lack of control, and lack of security as the biggest unforeseen factors that slow or stop cloud adoption.

Best Practices For Creating A Cloud Migration Security Strategy
The key components of a strong cloud migration security strategy, should include:

  • Enabling access control
    • Cloud migration security solutions need to offer access control across the cloud infrastructures, enabling them to secure applications and provide access management and connectivity between data centers and the cloud.
  • Applying automation to avoid misconfigurations
    • A viable strategy for cloud migration has to incorporate security with continuous evaluation of configurations across regions and public cloud types while dynamically analyzing activity in the public cloud infrastructure to identify potentially malicious activities. Organizations should look for highly accurate and automatic solutions powered by on-device machine learning capabilities, as well as the flexibility of form factors from containers to virtual machines to SaaS.
  • Prioritizing visibility across the cloud environment
    • Organizations need a single-pane-of-glass to gain visibility and enforce consistent security policies throughout the entire cloud infrastructure to effectively manage risk. Cloud migration security solutions need to provide visibility across the cloud infrastructures, allowing administrators to see both inline security, as well as cloud configuration security to build a comprehensive view of risk.
  • Establishing who is responsible for what
    • Assigning responsibility to the cloud migration tasks is necessary for keeping the procedure secure.
  • Protecting connectivity
    • Cloud strategies are only as successful as the networking and security that connect and protect the cloud computing – whether private, public or hybrid.  As organizations deploy cloud infrastructures and shift toward multi-cloud, secure connectivity across these various environments is critical to delivering better user experience and business outcomes.
    • Networking, security and computing all have to work together, so consider how to optimize access and security from the outset, and not as an afterthought to cloud adoption.

Cyber Security

The Evolution of Cybersecurity in Banking



By Ricardo Ferreira, EMEA Field CISO at Fortinet

Changes in the banking sector associated with new digital initiatives have ushered in unprecedented cybersecurity risks. As highlighted in recent reports, key activities in the financial ecosystem can be disrupted by cyber incidents, so risk management and secure network protocols are paramount. With cybercriminals relentlessly pursuing financial gain, data breaches have become more frequent and sophisticated, underscoring vulnerabilities in the banking sector.

Regulatory approaches, such as EU DORA, G7, and reports from other central banks and regulators, emphasize the critical importance of cyber resilience in the banking sector. These regulations are reactive measures to past threats and proactive strategies designed to anticipate and mitigate future risks. Characterized by continuous digitization, increased third-party dependencies, and geopolitical tensions, the evolving cyber threat landscape demands a robust response from financial institutions.

Central Bank Digital Currencies (CBDCs) add another layer of complexity. As CBDCs gain traction, they present both opportunities for financial inclusion and challenges in terms of cybersecurity. In this competitive landscape, where traditional banks, financial technology disruptors, and digital-native challenger banks strive for market share, delivering a seamless digital experience is crucial. However, institutions must not lose sight of potential vulnerabilities as they race to innovate. Embracing digital technologies is essential, but so is ensuring that these technologies are safeguarded against ever-evolving threats.

As banks and financial services providers continue to grow and innovate, a holistic approach to cybersecurity informed by the latest regulatory insights and threat intelligence will be crucial to ensure sustainable and secure progress.

Cybersecurity in Banking
In the rapidly evolving digital landscape of banking, cybersecurity teams are at the forefront of a complex battle. The financial sector is particularly vulnerable to cyber threats, including significant data breaches. The financial sector is a favourite target for attacks seeking financial gain, trade secrets, or service disruptions that bring publicity to social or political causes. In fact, financial and cybercrimes are now top global policy concerns, according to a new INTERPOL report.

Depending on the severity of the attack and the specific bank in question, a single successful breach can lead to serious damage to the brand. According to the European Union Agency for Cybersecurity (ENISA), more than 10 terabytes of data are stolen monthly, and more than 60% of organizations may have paid ransom demands. Another report states that 2022 was the biggest year ever for crypto hacking.

As digitization becomes an even greater necessity across the banking industry and security risks increase, executive teams need to ensure the resiliency of their business operations, compliance with government and industry regulations, and the effectiveness of their cybersecurity infrastructure to protect the expanding attack surface.

Financial services providers must defend against an onslaught of data breaches, ransomware, malware, phishing, and social engineering attacks growing in sophistication, frequency, and intensity. The challenges of fending off threats increase as the attack surface expands in breadth and complexity. In its 2023 Global Cyber Risk Outlook, Moody’s states that regulators and insurers are taking actions to reduce financial exposure to cyberattacks, and at the same time, demand for cyber insurance will outweigh supply.

To remain competitive and resilient in this environment, financial institutions must continue to innovate and ensure that those innovations are secure. This dual mandate becomes even more challenging given the expanding attack surface, driven by the rise of digital banking, fintech disruptors, and the introduction of CBDCs and the modernization of their core systems. Key cybersecurity imperatives for banking include:

  1. Visibility. Maintaining comprehensive network visibility is paramount with the proliferation of mobile banking, IoT integrations, and cloud deployments. As the cyber threat landscape becomes more intricate, having clear oversight of all network activities is crucial to prevent data breaches and manage cybersecurity risks.
  2. Automation and operational efficiency. The era of siloed security solutions is fading. Modern cybersecurity demands integrated solutions that can automate tasks, reducing the need for manual configurations and constant monitoring. Implementing “policy as code” can further streamline this process, ensuring that security policies are consistently and automatically enforced across a secure network.
  3. Flexibility. The diverse IT architectures, spanning multi-cloud and on-premises deployments, necessitate agile security controls and policies. As financial institutions navigate the complexities of digital transformation, their security solutions, including policy as code practices, must be adaptable, ensuring that security policies align seamlessly with infrastructure changes.
  4. Compliance reporting. Regulatory compliance is not just a checkbox exercise. With central banks and other supervising authorities emphasizing cyber-resilience regulations, security teams must strike a balance between adhering to these regulations and proactively defending against cyber threats. Utilizing policy as code can also aid in ensuring compliance by codifying and automating policy checks.

Lastly, the human element cannot be overlooked. Beyond state-of-the-art technology, financial institutions need skilled professionals who can harness the potential of new platforms and systems. The limited availability of specialists in niche areas and a potential knowledge gap in understanding intricate products, processes, and systems pose additional challenges.

As the banking sector continues its digital journey, a holistic, informed, and agile approach to cybersecurity, adopting and succeeding at digital initiatives to converge network and security, reskilling the workforce, and driving automation will be the linchpins of success. Ensuring a secure network and effective risk management in the face of potential data breaches and evolving threats is paramount.

Cybersecurity Regulatory Impacts
Although the banking sector is a beacon of financial stability, it is increasingly grappling with dual challenges: ensuring robust cybersecurity and adhering to evolving regulations. As financial institutions strive to meet customer demands and counteract cybersecurity risks, they are simultaneously navigating a labyrinth of stringent data privacy and security regulations. These regulatory measures, coupled with the expanding digital landscape, have inevitably escalated operating costs, particularly in the realms of compliance for both retail and corporate banks.

The imperative for heightened security and compliance in banking is underscored by the need to protect sensitive personal data, maintain transactional integrity, and safeguard the health of national and global economies. Yet, a recent International Monetary Fund (IMF) survey paints a concerning picture of the regulatory landscape. Covering 51 countries, the survey revealed:

  1. 56% of central banks or supervisory authorities lack a dedicated national cyber strategy for the financial sector.
  2. 42% lack specific cybersecurity or technology risk-management regulation, and a staggering 68% do not have a specialized risk unit within their supervisory department.
  3. 64% have not mandated testing or provided guidance on cybersecurity measures.
  4. 54% do not possess a dedicated regime for reporting cyber incidents.
  5. 48% are without specific regulations addressing cybercrime.

While these statistics might paint a bleak picture, it’s essential to view regulatory and security requirements not as hindrances but as catalysts for innovation and risk management. For example, McKinsey highlights the potential of data analytics in banking, suggesting that it can lead to risk-reduction savings valued at up to $1 billion annually for some large banks. These savings encompass reduced fines, enhanced compliance reporting accuracy, improved management of sensitive data, and the mitigation of various other risks.

As the banking sector continues its digital evolution, striking a balance between innovation, cybersecurity risks, and regulatory compliance will be pivotal. Embracing this triad can unlock unprecedented opportunities, ensuring a secure, compliant, and forward-looking financial landscape.

Cybersecurity Risk Management for Banks
Cyber-risk management in today’s banking landscape extends beyond technical measures to encompass a holistic, organization-wide approach. However, many institutions grapple with limited tools to gauge cybersecurity risks, especially when integrating new digital partners and technologies.

Recent regulations emphasize operational resilience, advocating for a globally aligned risk management framework. This international convergence seeks to standardize practices, reducing fragmentation. A notable aspect of these regulations is the scrutiny of third-party providers, given their growing significance in the financial ecosystem.

While banks are traditionally cautious in IT vendor selection, the rise of innovative startups offers a number of promising solutions. Yet, this openness must be balanced with due diligence, especially when third-party relationships can introduce cybersecurity vulnerabilities. As banks evolve digitally, a harmonized approach to risk management that considers global regulations and third-party integrations is essential for a secure and progressive banking sector.

Banking Cybersecurity Challenges 
Historically, banks have operated as siloed entities. Distinct departments, each with unique objectives, often rely on separate systems. This fragmented approach has inhibited growth, restricted scalability, and diminished customer satisfaction. Traditional banks, particularly, have garnered a reputation for cumbersome processes, especially when customers seek new services or support.

Implementing a unified platform that centralizes data and bridges the gap among various systems can effectively counteract the challenges posed by these silos. However, information silos also amplify cybersecurity risks, data breaches, and compliance concerns beyond operational inefficiencies, which are all pressing issues in today’s banking landscape.

The integrity of the IT infrastructure and the vast amount of data it houses remain a paramount concern in banks’ digital transformation journey. Addressing technical debt is crucial. This debt is often a byproduct of historical underspending and the juxtaposition of modern technologies atop outdated infrastructure. To navigate these challenges, banks should establish dedicated units or expert teams focused on innovating and ensuring that their offerings remain competitive. Assigning clear responsibilities for these innovation projects is pivotal.

Gone are the days when IT security in banking was a linear affair. Today’s banking ecosystem comprises tens or even hundreds of thousands of interconnected devices ranging from computers to Internet-of-Things (IoT) integrations. And when the proliferation of social, cloud, and mobile channels is factored in, the potential attack surface for data breaches and cybersecurity risks magnifies exponentially. The pressing question remains. How can banks ensure a secure network amid such vast complexity?

Although the need for financial organizations to embark on digital initiatives is essential, it accentuates the need for scalable security and compliance solutions. As banks evolve, the scalability offered by Software-as-a-Service (SaaS) solutions becomes indispensable, especially in the retail banking sector. Organizations must ensure that risk management remains agile and responsive to the ever-expanding digital landscape.

Secure Networking Solutions for Financial Organizations
Whether an organization has cutting-edge or legacy technology, infrastructure vulnerabilities can become prime targets for cybercriminals. As these adversaries relentlessly exploit weaknesses, financial institutions face the potential for significant financial losses, operational downtime, brand damage, and regulatory fines. Financial leaders must prioritize the resilience and overall health of their institutions.

Financial institutions should consider converging networking and security into a single secure networking solution to address these challenges. They can apply consistent threat intelligence and security services by consolidating disparate point products into an integrated cybersecurity platform.

Key features of an ideal security solution include:

  • Visibility: Comprehensive oversight across the entire digital attack surface
  • Advanced protection: Defense mechanisms against threats that are growing in volume and sophistication
  • Intelligent integration: Seamless integration within a smart IT architecture
  • Automation: Leveraging technology to address the shortage of skilled human talent
  • Simplified compliance: Streamlined processes to ensure adherence to data privacy regulations
Continue Reading

Cyber Security

How to Enjoy Threads and Keep High Levels of Privacy and Security



Recently Threads released a new Web version allowing users to finally search for content and use other features from any of their desktop devices. For those who still use Threads, Kaspersky experts have compiled a list of tips on how to do it securely, protect personal data, and avoid scammers.

Kaspersky experts have previously discovered phishing pages imitating the web version of the social network and collecting users’ logins and passwords, as well as offers of a so-called “Threads Coin” promising to “connect users to the Metaverse,” which was fake and sold for cryptocurrency on the Web. It is important for users to always be on alert when exploring new social media platforms.

  1. What is important to know regarding security settings in Threads:
    • Threads offers a Security Checkup. This feature shows key security-related data about Threads, Instagram or Facebook accounts.  It reflects currently connected email addresses, mobile phone numbers, the last time the password was changed and whether two-factor authentication (2FA) is on or not.
    • Users should not forget to set up 2FA. Threads is connected to the Instagram profile and uses the same logging details, so users should remember: one password gives access to two accounts! It’s always more secure to use 2FA as a security layer that protects accounts from unauthorized access. Modern reliable password managers can also generate and store unique one-time passwords for 2FA, that’s why one doesn’t need to install and use a separate solution for authentication.
    • It’s impossible to delete the Threads account alone – the connected Instagram profile will be deleted as well, which means that all data will be concealed from other users of the social network.
    • To do this, users need to go to Settings -> Account -> Deactivate profile and press Deactivate Threads profile.
  1. As for privacy, a user can limit who can contact them by muting, restricting or blocking someone.  In all these cases, none of the contacts will be notified of these actions.
    • If you don’t want to see someone’s post, you can mute the user. In case you don’t want to receive notifications of someone’s actions such as likes, replies, and so on, you can restrict the user. If you block a user, they won’t be able to find your profile or account – the list of blocked users is shared between Threads and Instagram.
    • To mute, restrict or block someone, go to their profile, click on the three dots in the upper right corner and select the action.
  1. To strengthen the privacy level in your Threads account, the following tips can be useful:
    • You can monitor and set up, who can mention you in posts with ‘@’ symbol.
    • Threads is trying to fight against offensive language, so users can filter offensive language in responses to their posts. The platform offers several tools, like automatic filtering with built-in lists or manually adding specific phrases and words.

“The emergence of a new social network has rapidly created a desire to explore something new and share text, images, and videos while interacting with billions of other people. At the same time, before registering everyone using Threads needs to set aside a few minutes to study the new tools this social interaction provides. We recommend you first pay attention to the ability to delete the account (surprisingly, not all social networks make it easy to do this) and the level of account protection (2FA, privacy settings). Familiarize yourself with the Privacy Policy of the social network to understand what happens to all your posts and photos after they are published, and how easy it will be to delete them,” comments Anna Larkina, Web content analyst expert at Kaspersky. “It is always worth remembering that data leaks, account hacks, marketing collection and analysis of user data, which is not always harmless, are common today. To minimize the risk of becoming a victim of another precedent and not increase your already large-scale digital footprint, you need to study the terms of a new service before signing up for it.”

Continue Reading

Expert Speak

Achieving a Successful Continuous Threat Exposure Management Program



Written by Lydia Zhang, the President and Co-founder of Ridge Security

If your organization is concerned about increasing and expanding cyber threats, you are not alone. While many enterprises recognize the need to create a multi-layered security posture, this article explores the importance of Continuous Threat Exposure Management (CTEM) and how it can help proactively manage risks and bolster defences against growing cyber threats.

CTEM is a cybersecurity program that goes beyond simply responding to threats. It leverages proactive attack testing and simulation to identify and mitigate vulnerabilities before real attackers exploit them. Organizations can prioritize and allocate resources more effectively by continuously monitoring and evaluating security risks. This systematic approach allows for a more robust defence in the face of a rapidly expanding attack surface.

Primary Benefits of Implementing a CTEM Program
Let’s take a closer look at some of the key advantages of implementing CTEM. By continuously scanning and monitoring your digital infrastructure, you can proactively stay one step ahead of cyber threats. CTEM prioritizes threats based on their potential impact and likelihood of occurrence. This way, resources can be efficiently allocated to tackle the most significant risks first. By following an iterative approach, CTEM allows you to learn from each assessment and adapt defences accordingly. You can implement effective remediation measures and continuously improve your security posture by generating actionable insights from real-time threat data.

This data-driven approach ensures decisions are made based on the latest threat intelligence. This empowers security teams to make more targeted and effective remediation efforts by leveraging real-time data. To maximize the effectiveness of a CTEM program it must be aligned with the organization’s business objectives. This also helps achieve adaptability and continuous protection against the ever-evolving threat landscape. By incorporating your strategic business goals into the CTEM program, you can ensure that it works hand-in-hand with your overall cybersecurity strategy.

The Lifecycle Process of an Effective CTEM Program
A successful CTEM program follows a comprehensive lifecycle process. Let’s break it down into key steps. In the initial phase, the security team identifies and analyzes the infrastructure assets to be included in the program. This analysis encompasses both internal and external attack surfaces, including on-premises and multi-cloud infrastructures.

Each asset’s risk profile is evaluated, covering explicit vulnerabilities and weaknesses like misconfigurations. Understanding the potential impact of vulnerabilities on business operations is essential. Gaps in the security infrastructure are identified, such as logging and detection gaps, and missing, fragmented, meaningless detection rules.

Cybersecurity capabilities, such as automated pen-testing, controlled attack simulation, and adversary emulation, are carried out within DevOps and production environments. These activities verify cybersecurity weak points and assess the effectiveness of your remediation efforts. Automation plays a crucial role in the CTEM process. It enables organizations to continuously identify, prioritize, validate, and address vulnerabilities and threats. By leveraging automation, you can stay ahead of the evolving threat landscape and constantly improve your security posture.

How to Tell If Your CTEM Program Is Working
Once you have a CTEM program, how do you know if it’s making a difference? There are some key indicators that can help measure the success of your CTEM program.

The first and most obvious sign of a successful CTEM program is decreased security risks. You want to see fewer vulnerabilities popping up, and when they do, you want faster resolutions. You also want to see a drop in successful attacks or breaches. In this cyber game of cat and mouse — your CTEM program should be the cat!

An effective CTEM program will see an improvement in your ability to detect bad actors trying to disrupt systems. It’s not just about quantity; you also want to see the increased complexity of threats detected. After all, cybercriminals are constantly evolving, so your CTEM program needs to keep up!

Time is of the essence when it comes to cybersecurity. A successful CTEM program should help you reduce the time between discovering and fixing a threat. The quicker you respond, the less damage, so keep an eye on how fast you’re remedying those vulnerabilities.

Automated pen-testing, workflow segmentation and Breach and Attack Simulation are ways of measuring how well your security controls are performing. You want to see those controls becoming more effective over time. It’s training your defences to be stronger and smarter.

Compliance is essential if you’re in an industry with regulatory requirements. A successful CTEM program should help you meet and maintain those compliance standards. So, pay attention to any decrease in compliance violations or issues. It’s a good sign that your program is on the right track.

Now that you know how to assess the success of your CTEM program, keep an eye on these indicators, and remember, it’s all about reducing risks, improving threat detection, responding faster, enhancing security controls, staying compliant, and protecting what matters most to your business.

Continue Reading

Follow Us


Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.