The Asia-Pacific region, including India, continued to see the highest number of cyberattacks for the second consecutive year in 2022, accounting for 31% of all incidents remediated worldwide, per IBM Security X-Force Threat Intelligence Index Report 2023. The increasing adoption of the cloud has resulted in more opportunities for cyberattacks. As the government infrastructure and corporate cloud environments are the most targeted by cybercriminals due to the valuable data and services they hold, malicious actors employ various techniques, such as phishing and ransomware, to exploit vulnerabilities in cloud security.
Monisha Oberoi, Asia Pacific Security Services Leader, IBM Consulting, says, “It is crucial for governments and organisations to prioritise robust security and adopt a proactive and multi-layered approach to cybersecurity. This includes implementing strong access controls, regularly patching and updating systems, conducting security awareness training for employees, performing comprehensive risk assessments and leveraging advanced threat intelligence and analytics.”
She adds, “Additionally, collaboration between the public and private sectors is crucial, especially in the domains of sharing threat intelligence, best practices, and establishing a collective defence posture against cyber threats. By working together, organizations and government entities can strengthen the overall cybersecurity and better protect critical infrastructure and the private sector against cyberattacks.”
The key factors contributing to the rising prevalence of cyberattacks in cloud environments include sheer scale and complexity of cloud environments, misconfigurations and inadequate security controls, and evolving nature of cyber threats and the emergence of sophisticated attack techniques leveraging technologies like Generative AI, contribute to the rising prevalence of cyberattacks, to name a few.
Speaking on the checks and balances organisations should implement to secure themselves from cloud attacks, Oberoi explains enforce strong authentication methods, such Multi-Factor Authentication (MFA), to protect against unauthorized access to cloud resources is a must. Companies should also encrypt sensitive data at rest and in transit. Organizations should also implement SIEM solutions to monitor cloud environments and detect potential security incidents. SIEM tools aggregate and analyze logs and events from various sources to provide real-time threat visibility.
Other actions include the deployment of Intrusion Detection and Prevention Systems (IDPS) solutions to detect and prevent malicious activities in cloud environments. IDPS tools can identify and block known attack patterns, providing an additional layer of defence.
Another widely suggested action is conducting regular security assessments and penetration tests to identify vulnerabilities in the cloud infrastructure. These tests simulate real-world attack scenarios and help organisations identify and remediate weaknesses proactively.
Companies should also acknowledge that cloud security is a shared responsibility between the cloud service provider and the organisation. Organisations should collaborate closely with their cloud providers to understand and implement appropriate security controls and best practices.