sb-au logo
Story image

Machine learning is key to securing corporate data in the cloud

03 Feb 2020

Article by Bitglass Australia's David Shephard.

As organisations move escalating volumes of data to the cloud, cybersecurity strategies need to be augmented with next-generation machine learning technologies in order to boost threat-protection capabilities.

The shift to digitalisation and increased use of cloud applications have raised cybersecurity stakes significantly by making it possible to access company data anytime and anywhere. 

A main purposes of using cloud applications is to give employees flexible access to corporate information in order to enhance productivity within the organisation. However, with data being so accessible, it also increases the risk of leakage. Since traditional cybersecurity tools are not built for this new cloud-first landscape, organisations must adopt modern solutions capable of securing data in the cloud.

Controlling end user devices through the use of agents does not deliver complete security due to the rise of bring your own device (BYOD) and mobile apps. Together, these features enable employees to access company applications from any location and through personal devices. Unsurprisingly, cyber criminals are using this multitude of devices in order to compromise company data.

While the Office of Australian Information Commissioner (OAIC) and the General Data Protection Regulation (GDPR) place significant obligations on organisations to protect  and report breaches of their data in the cloud, users often fail to insulate their personal devices from threats like malware.

When infected BYO devices access corporate applications, malware can spread quickly across an entire enterprise. While many public cloud providers offer basic capabilities to detect threats in the cloud, these are often limited in their effectiveness.

During a security study, the Bitglass Threat Research Team used ShurL0ckr, an unknown variant of the Gojdue ransomware, to test the built-in malware protections of Google Drive and Microsoft Office 365. Although these popular cloud tools were aware of Gojdue, neither was able to identify ShurL0ckr as malware.

In other words, the standard defence systems failed when faced with an unknown threat even though it was based on an existing, known threat.

Many similar anti-malware mechanisms are based on a reactive security approach in which files are scanned for signatures associated with known threats. This methodology is incapable of detecting unknown, or zero-day threats. As such, relying upon such mechanisms increases the likelihood that an enterprise will fall prey to a cyber attack.

Data hungry guardians of the cloud

In securing data in the cloud, companies now face a multi-faceted challenge that features flexible data access from large numbers of users and devices.

Complicating this situation further is the fact that hackers are growing in sophistication – their malware is evolving quickly and continuously. To address all these risk factors, enterprises require an agile, adaptive and robust protection strategy.

Already used in speech recognition software and ERP systems for data management, machine learning algorithms are now being leveraged in cloud security solutions in order to enable enhanced threat detection and real-time security.

Rather than searching for the signatures associated with known malware, machine learning performs an extensive property and behaviour analysis to detect threats and automatically apply predefined responses. 

If a file is classified as a potential threat, it can be blocked as it is uploaded to the cloud or downloaded to a device. This provides an integrated security approach for corporate data across every cloud application and device utilised throughout an enterprise in real time, reducing the possibility of infection and data theft.

Next-generation machine learning algorithms are ideal for today’s cloud-first world because large data volumes are the most important condition for their reliability. These ‘intelligent’ solutions are able to take in high volumes of data from high-traffic environments, acquiring the experience necessary to make the right decisions and take the appropriate actions in a variety of scenarios.

In other words, as these tools are presented with more and more information, their accuracy increases drastically.

This makes the use of machine learning the logical response to the growing amount of data and the ever-evolving threats found in the cloud. Machine learning solutions can help secure data, enabling organisations to securely adopt any cloud application, despite advanced malware, ill-advised user behaviours, and the endless number of unsafe devices.

These solutions offer a highly responsive approach that automates security and marks the next step in the enterprise digitalisation process.

Story image
Acronis appoints new APAC General Manager and launches Partners Programme
One of Morarji’s first objectives has been to launch the new Acronis Partner Programmes in APAC, in which the Acronis team will help channel partners and managed service providers (MSPs) expand their portfolios and deliver fast ROI.More
Link image
Take advantage of free multi-factor authentication as you work remotely
Cybersecurity is shaping up to be one of the most important areas to consider while working from home. Leverage biometrics and password authentication for free with RSA.More
Story image
Attivo Networks bolsters Google Cloud’s Managed Service for Microsoft Active Directory
“By detecting unsanctioned access to AD, security teams receive alerts early in the attack lifecycle, and the attacker is less likely to get the critical AD information they were seeking."More
Story image
80% of cyber threat landscape uses COVID-19 as leverage - report
A report released recently by Proofpoint reveals the extent to which cyber attackers are capitalising on fear and paranoia surrounding the pandemic, with instances of coronavirus-themed attacks increasing every day.More
Story image
Worrying gap in local consumer cybersecurity savvy
New research shows A/NZ consumers feel clued in, but there’s clear room for improvement in their education and tools.More
Story image
Guardicore Labs exposes brute force MS-SQL attack campaign
The cyber attack campaign uses password brute force to breach victim machines, deploys multiple backdoors and executes numerous malicious modules, such as multifunctional remote access tools (RATs) and cryptominers. More