Improving Network Security and Efficiency with the Cloud

Cloud computing technology providers are rapidly improving the effectiveness and efficiency of network security, and what we are seeing is just the beginning. If your business is not already taking advantage of cloud-based security solutions, chances are high you will benefit from this emerging market soon.

Similar to the innovations and efficiencies we have seen on the operational side from cloud-only providers (think Amazon, Google, LinkedIn and Salesforce), the cloud security market has become best of breed for, among other things, securing email and protecting against malicious Web traffic; for managing user account provisioning, identification and accesses; for continuously monitoring threat activities and patching vulnerabilities across a geographically dispersed and mobile workforce; for aggregating and analyzing huge volumes of security-related data; and, ultimately, for detecting, containing and mitigating incidents.

Strong, Flexible and Absorbent: Perhaps the best example of the benefits of cloud-based security is DDoS (Distributed Denial of Service) protection. Cyber attackers are flooding their targets with bad traffic at current rates of 200-400 gigabits per second. Companies simply cannot protect themselves against these high-volume attacks. Those that lease lower Internet bandwidth service are easily taken offline by a sustained attack no matter what they do. Meanwhile, companies with higher bandwidth pipes may opt to deploy local inline hardware for protection, but they still commonly succumb to attacks between one and 40 gigabits per second. Not surprisingly then, in a recent survey of the eCommerce industry, enterprises that rank DDoS as a high business risk routinely rely on a handful of cloud technology companies that deftly couple proprietary automated tools, remote 24/7 teams of managed security experts and a carefully conceived elastic cloud infrastructure.

Big Data Analytics. There was a time when the National Institute of Standards and Technology (NIST) warned systems administrators that their computer security logs, although valuable for reducing risk, were so voluminous that “the staff time and resources needed to perform the analyses and to manage the log information have to be taken into consideration.” Enter the cloud. The sheer amount of storage, data feed intakes, number crunching and relational analyses that can be performed and readily shared using cloud infrastructure is staggering. There has been much talk over the years about the need to enhance “information sharing” between any number of groups of people in the private and public sectors. The cloud is moving the equation away from local human interactions to focus instead on machine acquisition, correlation, learning and sharing at network speed and globally.

In today’s cloud environment, crowd-sourced cyber intelligence includes billions of records derived from multiple platforms of event logs, reputational data and malware analysis. Computers are particularly good at finding anomalous behavior. Malicious activities are the exception and not the rule, and catching new intrusions may require not only a computer’s discerning eye but also a computer’s instant ability to put that data into years of context across a wide range of data sets.

Developing Self-Healing, Neural Networks. Another important advantage of cloud-based cybersecurity architectures is their ability to centrally manage a diverse set of endpoints. Cloud technologies can push real-time, simultaneous changes whether to the endpoints themselves or to the endpoints’ larger operating environment. This ability, combined with the big data analytics and machine learning, offers a glimpse into next-generation cloud-based cybersecurity. Bad guys already are finding it increasingly hard to hide their techniques and their human identities, while the good guys are using cloud platforms to detect both known and previously unknown malicious activities in nanoseconds, to share that information across millions of end users immediately, and to successfully respond to intrusions and attacks before they cause significant damage.

To be sure, the Internet will never be crime-free. Still, there is reason to believe that evolving technologies will fill a historic void in our abilities for quick detection, attribution, assessment and response. If today’s growing cloud solutions are combined with equally effective policy choices on an international scale, we finally will have tipped the scales in favor of the defender.

Steven Chabinsky is global chair of the Data, Privacy, and Cyber Security practice at White & Case LLP, an international law firm. He previously served as a member of the President’s Commission on Enhancing National Cybersecurity, the General Counsel and Chief Risk Officer of CrowdStrike, and Deputy Assistant Director of the FBI Cyber Division. He can be reached at chabinsky@whitecase.com.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.