Monitor the cloud to build digital trust

With the advent of digital technology, companies have been asking customers to trust them in new and deeper ways. But that trust depends crucially on the available technologies being used with transparency, ethical practices, increased data privacy, and strengthened security.

Not coincidentally, increasing investments in cybersecurity (74%), information security (64%), and consumer privacy (60%) are the top priorities for business leaders to demonstrate a commitment to building digital trust, according to a recent PwC survey of 311 executives from mid-to-large US companies.

More than half of them (53%) strongly agree that innovation can be more effective than regulation in building stakeholder trust.  That’s why nearly half (49%) have made significant changes in the last 12 months to the way their companies operate.

The top two focus areas for building trust are related to cybersecurity – cloud security (64%) and data protection and privacy (63%) – followed by corporate responsibility to society and the environment (58%) and responsible technology development and use (55%).

Cloud adoption can present great opportunities to help deliver new trusted public-facing services while greatly improving data use and decision-making, cost efficiency, workforce productivity, scalability, and more. But working in the cloud will likely not exempt government organizations from data privacy and security concerns and needs.

Now is the time to help ensure that key cloud services are properly managed and monitored by IT, risk, and cybersecurity professionals who seek to understand today’s emerging threats and regulatory requirements.

Learning from cloud incidents is key to surviving in the new reality. Here are four important lessons to consider, according to KPMG.

1 – Incident response in cloud applications must be automatic to be effective. Otherwise, it is too late. You must block and contain attacks to buy incident responders time.

2 – Security and incident response officers should work together to simulate various breaches and establish sensible automatic reactions and responses.

3 – Analysts should focus on the early stages of an attack if they can. Even the smartest attackers look around before they strike. This stage provides an early warning that something is wrong.

4 – And, of course, give preference to multi-factor authentication. It is better than relying solely on legacy passwords.

Whether the enterprise uses the cloud to gain the benefits of a scalable infrastructure (IaaS), to run software (SaaS), or to create an agile platform (PaaS) for its developers, monitoring is a critical component of security and management. Typically relying on automated solutions, cloud security monitoring oversees virtual and physical servers to continuously assess and measure data, application, or infrastructure behavior for potential security threats.