Machine learning is key to securing corporate data in the cloud
FYI, this story is more than a year old
Article by Bitglass Australia's David Shephard.
As organisations move escalating volumes of data to the cloud, cybersecurity strategies need to be augmented with next-generation machine learning technologies in order to boost threat-protection capabilities.
The shift to digitalisation and increased use of cloud applications have raised cybersecurity stakes significantly by making it possible to access company data anytime and anywhere.
A main purposes of using cloud applications is to give employees flexible access to corporate information in order to enhance productivity within the organisation. However, with data being so accessible, it also increases the risk of leakage. Since traditional cybersecurity tools are not built for this new cloud-first landscape, organisations must adopt modern solutions capable of securing data in the cloud.
Controlling end user devices through the use of agents does not deliver complete security due to the rise of bring your own device (BYOD) and mobile apps. Together, these features enable employees to access company applications from any location and through personal devices. Unsurprisingly, cyber criminals are using this multitude of devices in order to compromise company data.
While the Office of Australian Information Commissioner (OAIC) and the General Data Protection Regulation (GDPR) place significant obligations on organisations to protect and report breaches of their data in the cloud, users often fail to insulate their personal devices from threats like malware.
When infected BYO devices access corporate applications, malware can spread quickly across an entire enterprise. While many public cloud providers offer basic capabilities to detect threats in the cloud, these are often limited in their effectiveness.
During a security study, the Bitglass Threat Research Team used ShurL0ckr, an unknown variant of the Gojdue ransomware, to test the built-in malware protections of Google Drive and Microsoft Office 365. Although these popular cloud tools were aware of Gojdue, neither was able to identify ShurL0ckr as malware.
In other words, the standard defence systems failed when faced with an unknown threat even though it was based on an existing, known threat.
Many similar anti-malware mechanisms are based on a reactive security approach in which files are scanned for signatures associated with known threats. This methodology is incapable of detecting unknown, or zero-day threats. As such, relying upon such mechanisms increases the likelihood that an enterprise will fall prey to a cyber attack.
Data hungry guardians of the cloud
In securing data in the cloud, companies now face a multi-faceted challenge that features flexible data access from large numbers of users and devices.
Complicating this situation further is the fact that hackers are growing in sophistication – their malware is evolving quickly and continuously. To address all these risk factors, enterprises require an agile, adaptive and robust protection strategy.
Already used in speech recognition software and ERP systems for data management, machine learning algorithms are now being leveraged in cloud security solutions in order to enable enhanced threat detection and real-time security.
Rather than searching for the signatures associated with known malware, machine learning performs an extensive property and behaviour analysis to detect threats and automatically apply predefined responses.
If a file is classified as a potential threat, it can be blocked as it is uploaded to the cloud or downloaded to a device. This provides an integrated security approach for corporate data across every cloud application and device utilised throughout an enterprise in real time, reducing the possibility of infection and data theft.
Next-generation machine learning algorithms are ideal for today’s cloud-first world because large data volumes are the most important condition for their reliability. These ‘intelligent’ solutions are able to take in high volumes of data from high-traffic environments, acquiring the experience necessary to make the right decisions and take the appropriate actions in a variety of scenarios.
In other words, as these tools are presented with more and more information, their accuracy increases drastically.
This makes the use of machine learning the logical response to the growing amount of data and the ever-evolving threats found in the cloud. Machine learning solutions can help secure data, enabling organisations to securely adopt any cloud application, despite advanced malware, ill-advised user behaviours, and the endless number of unsafe devices.
These solutions offer a highly responsive approach that automates security and marks the next step in the enterprise digitalisation process.