How Secure Is Data When It Is Stored in Cloud?

How secure is data when it is stored in cloud?

If the last two years has taught us anything, it’s that we should be prepared for the unexpected. 

The global pandemic has changed the way that we live our lives and the way that we work. Offices closed across the world as workforces went remote. Modern technology and adaptability allowed for business continuity; however, it led to the rise in cyberattacks. 

According to Inside Out Security, cyberattacks went up by 148 per cent in 2021. A huge number of these attacks happened in the Middle East.

Why the Middle East is a prime target?

The region has great wealth, a dynamic approach to modern politics and huge investments have been made in technology. Unfortunately, these great attributes also make cyber attacks fruitful for IT criminals. These statistics reported by IRONSCALES, a cyber security company, make for noteworthy reading:

– In the UAE and Saudi Arabia, the average data breach cost $3 million more that the global average of $3.86 million.

– The Middle East region was victim to 2.57 million phishing attacks over a 3-month period in 2020.  

The most common and successful (for the criminal) type of cyber attack is ransomware. This digital pandemic takes the form of malicious software that infiltrates data or computer systems, usually with an encryption. If the ransom goes unpaid, the data is lost. Typically taking the form of an innocent looking email, it takes is a distracted click on a link and ‘boom’; the company’s data is infiltrated.  56 per cent of victims pay the ransom, but only 15 per cent of those got their data back (Kapersky.com), costing an estimated $20 billion in 2021 (Varonis.com).  

An endeavour that is so lucrative, isn’t likely to go away, but it is likely to morph: 

“The ransomware landscape has fundamentally changed since it first became big news in the security community. We’ll most likely see fewer and fewer widespread campaigns targeting everyday users. Of course, that’s not to say users aren’t still vulnerable. However, the primary focus will likely continue to be on companies and large organizations, and that means ransomware attacks will continue to become more sophisticated and more destructive. It’s imperative that businesses adopt a holistic, comprehensive set of security practices to protect their data,” said Fedor Sinitsyn, security expert at Kaspersky in a statement.

The need for strategic recovery plans today

In 2021, the National News reported that the Middle East saw malware attacks go up by 17 per cent annually. Bearing the brunt of the sharp rise, Oman reported the biggest increase of 67per cent, Kuwait by 64 per cent, Bahrain by 45 per cent, Egypt 32 per cent and Qatar per cent. The UAE reported only a 7 per cent increase, even though it is the regions second largest economy. 

With such a huge number of cyberattacks, having security defences in place to mitigate the risk has never been more important.

Layers of security that reduce ransomware threats include:

• Next-gen firewalls
• Secure remote access systems
• Employee training
• Network detection
• Vulnerability management

These measures are not 100 per cent fail safe. If an attack does succeed then a disaster recovery plan is needed to limit the damage. 

But where does the cloud come in? 

Traditional on-premises data storage means in-house IT management teams, HVAC systems, storage resources and the capacity to expand as the business grows. On-premise data storage has good security parameters. However, remote working meant the need for offsite data storage solutions, so that files can be synced and accessed on multiple devises, anytime and anywhere. Without the Cloud, it would have been practically impossible for business to continue operating.

The cloud and ransomware

The Cloud has changed traditional Disaster Recovery.  Cloud recovery encapsulates the whole server, the operating system, apps, patches and data into a single virtual server. This is then backed up off-site. Copies are kept on other servers at different locations, always available, always monitored, synced, encrypted, updated and secured. This means that the fallout of a ransomware attack is substantially mitigated. 

The future of cloud security in the region

According to Forbes, by 2025 there will be 80 billion mobile devices connected to the Internet, generating 180 trillion gigabytes of data alone. Securely storing this data and having the capacity to retrieve it is vital. 

Necessity and trust in the cloud has seen a huge increase in public cloud use over the last 2 years.  According Gartner, as the MENA region transitions from oil based, to a data-driven economy, the cloud will play an integral role in its success.   

The Middle East may be one of the favoured targets of cyber riminals, but it is also a region that invests heavily in protecting its assets. In MENA region, spending on data centres has risen year-on–year. Statista projects that the end of 2022 will see $5.2 billion dollars spent, and Arizton projects a further $6.73 billion by 2027. 

The region also focuses on raising awareness, investing in innovative research and hosting global conferences. The largest cyber security conference in the world, @HACK took place in Riyadh recently and the upcoming LEAP event also takes place in Riyadh in February 2022. New innovations in cloud security and data recovery are likely to be key topics on the agenda.