The last few years have seen the cloud develop from a cutting-edge advantage into a standard part of business strategy required for remaining competitive. Cloud adoption is now so widespread that it has been predicted that as much as 83 percent of all enterprise workloads will be in the cloud by 2020.

The rapid adoption has been fuelled by the cloud market’s increasing ability to deliver practically any business service. Organisations of all sizes can now access skills and resources that were previously restricted to the largest market leaders, enabling them to achieve new levels of efficiency and unlock entirely new business strategies. An increasing number of companies have taken a cloud-first approach, while many new firms are cloud-only. As a result, the worldwide public cloud services market is predicted to reach more than $206bn in 2019, a growth of 17.3 percent over 2018.

Growing rewards, growing risks

Although cloud adoption is delivering powerful rewards to those organisations leading the charge, it can also introduce many new risks without the right precautions. Indeed, cyber security has been cited as the leading concern for IT professionals when embracing the cloud.

Effectively managing and securing user accounts can present a particularly difficult challenge, especially in hybrid cloud set ups where there are likely to be overlapping systems and overlooked access points. Cybercriminals often exploit vulnerabilities in the cloud to attack in-house infrastructure and vice-versa, particularly via compromised user accounts. Privileged user accounts that have access to administrative powers pose the most serious threat, as attackers can exploit their capabilities in a number of highly damaging ways.

The cloud also generally adds an extra layer of complexity to the IT landscape at a time when many organisations are already struggling to keep their infrastructure secure. It’s common to find companies fighting a losing battle against issues such as keeping systems patched and effectively managing and securing user accounts.

A deepening skills crisis also means that it is difficult for organisations to find the security professionals they need to address these challenges. Experienced practitioners are increasingly expensive and difficult to recruit and retain.

Securing the cloud, through the cloud

Ironically, while cloud adoption is causing its share of security headaches, it has also emerged as a major solution to cyber threats. Just as the cloud market provides solutions for business functions like finance, HR and logistics, it can also deliver access to cybersecurity resources and expertise that would normally be too expensive for most companies.

While organisations will always need some in-house technical expertise, consuming security solutions through the cloud enables a business to greatly reduce the underlining requirements such as more specific knowledge of areas like SQL and IIS. This will free up resources and enable them to better focus on normal business priorities.

Cloud solutions mean that the business does not need to find individual experts for Operating Systems, databases and system backups, as third-party service providers can take care of everything they need. They can simply consume the services – they only need to learn how to use it versus installing and maintaining the solution.

Prioritising PAM

 While the cloud has opened up access to cyber skills and solutions, the cybersecurity challenge is so broad that many companies struggle to know how to prioritise spending on their defences. It has become increasingly accepted that it is impossible to guarantee security, so the best approach is to focus on investing in solutions that will cover as much ground as possible.

With that in mind, one of the most valuable areas to invest in is Privileged Access Management (PAM). Privileged accounts are also known as superusers and are used for essential functions that require a far greater array of powers and access than a normal account.

These accounts are highly prized by cybercriminals as they have the highest-level access privileges, enabling an attacker to infiltrate systems and edit data, install malware, and access critical systems across the network. The attacker can also use the privileged account to cover their tracks, allowing them to avoid detection for months or even years.

Due to the serious threat posed by the compromise of privileged accounts, leading analyst house Gartner has named PAM as the number one cybersecurity priority in its recent Top 10 Security Projects for 2019 report. PAM was also estimated to be the area of cybersecurity to see the second highest increase in spending this year.

PAM forms a part of the broader category of Identity and Access Management (IAM), and ensures automated control of user provisioning along with best security practices to protect all user identities. PAM can also be integrated with Security Information and Event Management (SIEM) solutions to create an inclusive picture of security events that involve privileged accounts, and provide clearer oversight for the IT and security teams.

Beyond security

Aside from reducing the risk of serious cyberattacks, PAM can also provide several powerful advantages for cloud-centric organisations. Securing privileged accounts means it is easier for users to access higher functions from remote locations – something that would usually be an invitation for compromise by cybercriminals. This means organisations can make even greater use of flexible working strategies, empowering their workforce to achieve more without conceding on security.

While the cloud will continue to present its share of security headaches along with the benefits, organisations can access powerful solutions such as PAM to balance out the risks, helping to drive growth and efficiency without exposing the company to serious security threats.

Previous articleFive cash management essentials banks cannot afford to ignore
Next articleThird-party support in the cloud
Joseph Carson has more than 25 years of experience in enterprise security, an InfoSec award winner, author of Privileged Account Management for Dummies and Cybersecurity for Dummies. Joseph is a Certified Information Systems Security Professional (CISSP), active member of the cyber security community frequently speaking at cyber security conferences globally, often being quoted and contributing to global cyber security publications. He is a cybersecurity advisor to several governments, critical infrastructure, financial, transportation and maritime industries.