As organizations increasingly store and process data in the cloud, there is growing concern among administrators, data owners, and CISOs about potential misconfigurations or mishaps that could result in sensitive data leakage, especially to public cloud services outside the intended geographic region.
In 2019, Gartner predicted that by 2025, 90% of organizations that fail to control public cloud use will inadvertently share sensitive data. To better protect sensitive data, it is important to build robust solutions that leverage the full capabilities of cloud services.
Basic steps such as setting clear objectives for cloud adoption, adopting new security cultures, providing security awareness training, and implementing attack simulation exercises are crucial. Frameworks such as SABSA and NIST CSF should be in place to address data and security requirements, regulatory compliance, and threats.
Furthermore, implementing a data-centric approach through DevSecOps and utilizing processing environments like AWS Nitro Enclaves can enhance data protection. Leveraging Artificial Intelligence (AI) and Machine Learning (ML) can help automate decision-making and protect data more rapidly.
Cloud tools like Google BigQuery and AWS MACIE as well as automated monitoring solutions such as Azure Policy can aid in managing data in public clouds and mitigating exposure of sensitive data. Using zero-trust and IAM architecture, along with implementing regular security maintenance practices, can further enhance data protection.
Overall, the challenge for CISOs and security experts lies in embracing a business-driven approach, implementing cultural change, and adopting cloud data and security capabilities to succeed in protecting sensitive data in cloud services. Exploiting the rapid security innovation facilitated by cloud services is essential for successful cloud adoption.