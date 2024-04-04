Securing the cloud should be top of mind for IT professionals. Use of the cloud has exploded in recent years, making it a vulnerable target for threat actors. The latest BrightTALK summit "Securing the Cloud Ecosystem" showcased a set of diverse thought leaders sharing tips on how to securely manage migration to the cloud as well as how to protect sensitive data stored within it from increasingly insidious cyberattacks. Read some of the highlights from this informative event.

The summit opened with former penetration testing lead and frequent speaker Chiletam Ogbu. In her aptly named talk "Don't Let Your Cloud Dreams Turn Into Data Nightmares: Tips for Migration," Ogbu spoke of cloud migration best practices, encouraging companies to ask themselves why they want to migrate, what they want to migrate (services, data, apps) and how they plan to manage the operations (through SaaS, different providers, Azure, or from a central console). These questions can guide the migrating process and inform the type of cloud migration necessary -- full, hybrid-cloud, cloud-to-cloud or multi-cloud. She explained how several factors help determine a successful cloud migration, such as the quality of a cloud provider, ability to reduce error and curb misconfiguration, and cloud infrastructure maintenance. Ogbu also suggested executing each operation as code with clear transparency, followed by testing and validating this code. She concluded her talk by likening cloud migration to upgrading a fortress. "When the fortress -- in this case the apps and data -- are on shaky ground, they must migrate these valuable assets to a different landscape."

Don't Let Your Cloud Dreams Turn into Data Nightmares: Tips for Migration 31:02

Founder and CEO of Way2Protect and a former victim of identity theft, Sandra Estok focused on the human factor in cloud migration: "Like moving to a new house, moving to the cloud can mean the loss of valuable belongings if you're not careful." Human workers are one critical factor often overlooked by companies embarking on this transformation. Estok cited several surveys blaming human error for 74% of cyberattacks, according to Verizon's "2023 Data Breach Investigations Report;" 80% according to Harvard Business Review; and as high as 95%, according to IBM and the World Economic Forum. Human errors can take many forms, such as misconfigurations -- for example, leaving default settings -- overly broad use of user permissions, phishing attacks or process failures, like incomplete data mapping or poor cleanup after a user leaves the company.

The Human Equation in Cloud Migration: Balancing Risk and Security 55:52

Estok presented a self-styled approach "cyber self-defense" where companies practice being intentional and bring full awareness to the present moment they are using technology rather than mindlessly clicking through the steps. Cybercrime continues to rise even with more effective and sophisticated protections in place, she warned. Cybercriminals are constantly adapting and finding new ways to trick users and gain access into cloud environments. Companies must prepare their workers to be part of their security strategy. "A secure company is an adaptable company."