How the cloud is actually making cybersecurity better, not worse

mark-nunnikhoven-otg-rsa-2017

As cyberattacks continue to evolve and adapt to the efforts of cybersecurity teams, the possibility of full defense seems unattainable. But to some security experts, recognizing that fact and then building your strategy to handle the inevitable successful attack is the best way to go.

“That’s sort of the name of the game: Make it harder so that you get a better chance at protecting your data and at least being aware when you have been breached,” said Mark Nunnikhoven (pictured), vice president of cloud research at Trend Micro Inc.

Nunnikhoven spoke with Jeff Frick (@JeffFrick), co-host of theCUBE, SiliconANGLE’s mobile live streaming studio, in San Francisco at the RSA Conference, the information security industry’s biggest annual show. The executive offered his thoughts on cloud’s role in security, Internet of Things devices and the importance of sharing information.

“Cloud has enabled us to do a lot of things that we’ve been trying to do for a long time,” Nunnikhoven said. “We’ve talked about enabling granular security throughout the enterprise for years, and it’s always been hard because we’ve had a lot of different vendors, a lot of different systems. When we moved to cloud, it’s getting a lot more homogenized and everything’s accessible via an API [application programming interface].”

Nunnikhoven is seeing “a lot of maturity in that space, where people are embracing that fact, and starting to enable some things that we’ve been trying to do. Like solid identity and access management, that’s been really difficult in the enterprise. It’s far simpler in the cloud space.”

As for IoT threats such as botnets, Nunnikhoven said the devices themselves aren’t so much of a threat. Instead, it’s the data going in the back end that’s more of a danger to consumers. He said this is something seen with SaaS services as well, as “you lose the ability to apply the traditional controls that we’re used to, and now you’re relying on your service provider to do that for you. But it’s still your data.”

Defending together

With that reliance on providers for security measures, Nunnikhoven said that users and customers are having to strike a balance of leverage while also handling the unexpected data changes that may happen in either direction of their data streams.

And as cyberattackers continue retooling old spam and phishing techniques such as the “Nigerian prince” scam, Nunnikhoven speculated on ways to protect the more gullible people from getting duped. One idea he put forth would use a more proactive approach to filtering out spam and malware links, so that “it’s not even a question of clicking or not clicking” but of not seeing the bad link at all.

But aside from such hypothetical situations, Nunnikhoven felt that simply sharing information between security organizations was one of the most helpful measures they could take. “I think the more we talk, the better off we are,” he said. “We need to make sure that we’re making it easy for defenders.”

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s on-the-ground coverage of the RSA Conference 2017.

Photo by SiliconANGLE