Industry Insights with Ashish Khanna

Cloud Data Security & Resilience , Cloud Security , Security Operations

How Advances in Cloud Security Help Future-Proof Resilience

Embracing Zero Trust and AI in Cloud Security
How Advances in Cloud Security Help Future-Proof Resilience
Image: Shutterstock

Zero trust, artificial-intelligence-driven security and automation tools are reshaping how organizations maintain uptime, even during a cyberattack. These advances underscore how the future of enterprise resilience is increasingly tied to advancements in cloud security.

See Also: How to Take the Complexity Out of Cybersecurity

Industry analysts estimate half of all workloads now run on cloud services, and that figure could be as high as 75% when specific software as a service, platform as a service, infrastructure as a service and hybrid cloud services are added in.

As businesses increasingly rely on cloud-based services, the volume and frequency of cyberattacks have also surged. According to CrowdStrike’s Counter Adversary Operations report, cloud intrusions have increased by 75%, with adversaries leveraging identity-based techniques to persist and escalate privileges.

Separately, IBM’s 2024 Cost of a Data Breach Report found the global average cost of a data breach rose to $4.88 million, with breaches involving public clouds among the most expensive, averaging $5.17 million per incident.

For organizations worldwide, this should serve as a clear warning that you're only as strong as your weakest link - and increasingly that weak link could be related to the cloud.

Emerging Cloud Security Advances

Enterprise resilience increasingly relies on cloud security advances, with zero trust and AI-driven automation reshaping how organizations secure operations and maintain resiliency.

Zero trust is gaining traction as organizations see the need for more robust security. The zero trust model requires continuous verification of users and devices, regardless of their location inside or outside the network. Guided by the mantra “never trust, always verify,” zero trust frameworks can help organizations secure access points and help minimize the potential for unauthorized access, lowering breach risks.

At the same time, AI and automation are transforming cloud security by enhancing threat detection and incident response capabilities. AI-powered security tools can quickly analyze vast amounts of data, identifying patterns and anomalies that may indicate a security breach in near real time.

While AI technology can also be leveraged by malicious actors to cultivate AI-powered threats, it’s clear that AI is well-positioned to help identify patterns and anomalies in large datasets that would be impossible for humans to detect in real time. This can lead to quicker detection of threats and faster incident response. This can also help organizations take proactive measures to prevent security incidents rather than just reacting to them.

Automation often involves the use of AI to handle routine security tasks such as patch management, vulnerability scanning and compliance monitoring to help relieve the burden on overworked security teams. By leveraging automated tools, organizations can consistently complete time-consuming tasks with less potential for manual errors.

Additional Advances to Aid Resiliency

In response to rising zero-day threats, Verizon's cybersecurity capabilities have evolved to address those vulnerabilities, demonstrating the need to use more than one type of security control to protect operations. Verizon relies on a defense-in-depth strategy and is continuously working to integrate its security controls. For example, combining cloud security posture management, cloud access security brokers, identity and access management systems, cloud workload protection platforms, encryption and key management can help organizations achieve comprehensive cloud security protection.

Cloud security advances such as secure internet gateways, or SIGs; data loss prevention, or DLP; and enhanced threat intelligence feeds can also significantly improve an organization's security posture. SIGs provide secure access to the internet, blocking malicious traffic and preventing data breaches. DLP solutions protect sensitive data by monitoring and controlling its movement across the network. Enhanced intelligence feeds provide real-time intelligence to help organizations stay ahead of threats.

Best Practice Advice to Aid Resiliency

Chief information security officers play a pivotal role in strengthening cloud security to maintain economic stability and ongoing operational resilience. They must stay abreast of emerging threats and technological advances to ensure their organizations are well-protected.

They need to deploy robust security measures, invest in advanced tools and foster a security-conscious culture. In fact, one of the most effective ways to improve cloud security involves training employees to recognize and respond to phishing and social engineering attacks. CISOs and security leaders should focus on providing comprehensive, tailored programs specific to individual roles within their organizations. Conducting regular vulnerability assessments, deploying comprehensive incident response plans and continuously monitoring critical cloud applications can also help to strengthen security and resiliency.

No matter whether organizations are working to secure data, perimeters, edge devices, applications, or their ability to detect and respond to threats, Verizon stands ready to help.

It brings the expertise organizations need to help future-proof cloud security. By adopting advances such as zero trust, AI and automation, businesses can lower risks and help better protect their operations. For more in-depth insights on enhancing cloud security and ensuring resilience, read Verizon’s latest insights here.



About the Author

Ashish Khanna

Ashish Khanna

Senior Director - Security Consulting Services, Verizon

In his current role at Verizon, Khanna manages complex strategic initiatives, focusing on security services management delivery across a broad range of industries and technology sectors. He has more than 23 years of experience in customer-facing roles in the cybersecurity industry, spanning engineering, solution architecture and service delivery.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.