Protecting an expanding attack surface

Read time 2min 00sec
Roland Daccache, systems engineering manager, CrowdStrike META.
Roland Daccache, systems engineering manager, CrowdStrike META.

As an increasing number of systems and instances are moved to off-premises locations, the attack surface expands and the organisation faces more risks.

With the cloud, it is no longer about protecting physical data centres and servers alone. Having workloads, applications and data in the cloud brings the additional responsibility of securing virtual servers, remote applications, cloud workloads, containers as well as the networks that join these environments.

This is why cloud security is shaping up to be a major trend this year, says Roland Daccache, SE manager MEA at Crowdstrike. “As more and more assets are shipping to the cloud, there is a growing market for securing these workloads.”

Daccache notes the zero trust model is gaining momentum, as enterprises are realising that the old “castle-and-moat” approach to cyber security is ineffective, and there is a need to continuously validate access for every user and every login towards any business application, across any physical location.

Speaking of what he sees as the top threats facing businesses today, he says: “The two main risks I foresee for this year are, firstly, the proliferation of ransomware and cyber extortion attacks, which means we cannot keep using antiquated technologies such as traditional anti-malware to stop them.”

Secondly, he cites the expansion of cyber attacks to the cloud, where the main culprit would be misconfigurations and misconceptions about cloud security by IT teams who would need to expand their skills in that area.

Offering businesses one piece of advice regarding cyber security, Daccache recommends that companies take a more wholistic view of cyber security, starting with identifying their entire digital footprint and attack surface, including SaaS solutions, cloud assets and suchlike.

Next, he suggests redistributing budget by spending less on network security solutions such as firewalls and proxies, and more on modern attack prevention in areas like identity protection, cloud security, endpoint detection and response and threat intelligence.

Daccache was speaking at the recent ITWeb Security Summit 2021, where he presented a keynote address on demystifying, simplifying and adopting a zero trust architecture.

See also