Experts suggest that cloud computing may provide the security that companies are searching for even as high-profile cybercrime such as data theft, ransomware and computer hacks seem to be occurring more frequently and with higher costs.
“Cloud computing improves IT security and security professionals need as much help as possible,” said Nick McQuire, vice president of enterprise research at CCS Insight.
“Cloud helps security operations respond quicker to threats and focus on business risk as opposed to spending countless hours researching threats and trouble-shooting aging on premises systems,” he said.
Cybercrime costs are mounting. Due to the costs of paying the ransom and related losses, such as value of lost data, the expense of improving infrastructure and repairing brand image, a company can incur a cost more than $713,000 on average from a single ransomware incident (where an attacker encrypts a computer or network until a ransom is paid), Research by Kaspersky Lab found. More than 12,000 machines in over 65 countries were hit by the recent “ExPetva” cyberattack.
“The average ransom demand we would estimate now is a little over $300. Not insignificant, but all the costs associated with cleaning up, restoring a back-up, making sure the network is functioning, can push that much higher,” David Emm, principal security researcher at Kaspersky Lab, said.
Many companies are not fully prepared to address this threat despite the cost of cybercrime. According to an online survey by security provider Webroot published on Tuesday, saying that they are completely ready to manage security and protect against threats were only 21 percent of 200 small- to medium-sized U.S. businesses surveyed.
According to Adam Nash, EMEA regional manager at Webroot, a gaping hole in the security of businesses is being left by the lack of concern about ransomware.
“Small- to medium-sized businesses can no longer afford to put security on the back burner and need to start engaging with the issues and trends affecting the industry,” he said in a press release.
Cloud computing can be safer for a company than investing in its own cybersecurity, suggests Philippe Very, professor of strategic management and head of faculty at EDHEC Business School.
Business models which cannot afford to be disrupted by data breaches is possessed by the dominant actors in the cloud computing space, such as Amazon, Microsoft, Google, IBM and Oracle, he said. this meant that the companies should be among the most secure companies in the world.
“If you sign a contract with Amazon, for instance, I would say you’ve signed a contract with a highly secured firm. This could be an incentive to invest more in the cloud, or transferring more company information systems to the cloud,” he said.
“It’s quite complex to prevent everything and be 100 percent secure. You cannot secure your information systems completely, but if you rely on cloud computing providers which are highly secured, it can be a good argument to contract with them.”
Very says the cloud computing providers can use this knowledge in their other businesses such as cloud computing, have high security around their core business and have good internal practices.
Because it can reduce costs, for many companies, cloud computing is already an attractive proposition.
“Companies are replacing investment with some kind of fee. This investment most of the time is difficult to scale and evaluate and you are always investing and investing and reinvesting in information systems. The main motivation for going to the cloud originally was not security, but this can become a key factor of success for cloud computing companies,” he said.
(Adapted from CNBC)