Cloud computing has become an integral part of modern business. It allows people to store and access data and programs over the Internet rather than through a computer hard drive.
But how safe is the cloud? How easy is it for a savvy
cyber criminal to turn a fluffy cumulus cloud of information into a superstorm of personal data?
Insurance Business caught up with David Millar, an IBM Canada security expert focused on financial services, to discuss whether the cloud is a systemic loss potential or whether it can greatly improve an organization’s cybersecurity.
“Cloud-based solutions clearly benefit and enable all areas of a business,” he said. “They can provide standardized enterprise-wide security monitoring, compliance, security policy and controls enforcement, remediation (where required) and reporting, which will reduce labour intensive efforts, incident response time and overall risk.
Celebrate excellence in insurance. Join us for the Insurance Business Awards in Toronto
“At IBM, we see clients purchasing a range of cloud services in a variety of cloud formats, including SaaS, IaaS, PaaS, and Security-as-a-Service as well as continuing with legacy in-house systems and applications. Since not all applications or systems are hosted in the same place and on the same network, this can actually disaggregate risk to a variety of vendors.”
However, despite the cloud’s obvious value, it could still be viewed by some as an aggregation of risk and a systemic loss potential. If a main cloud goes down, and there are thousands of policies in that cloud, all of those policies could be subject to a loss.
Companies should never get slack with
cybersecurity or stop monitoring cloud-based solutions, according to Millar. He said: “One must continue to be vigilant to monitor for insider threats or compromised endpoints with strict identity management, access and governance controls and monitoring systems.”
IBM has been providing innovative solutions in Canada for 100 years. It’s IBM Cloud is an enterprise cloud, built to “provide an immune system of interconnected and orchestrated security controls […] allowing clients to minimize costs while maximizing the effectiveness” of their business.
“When
addressing cybersecurity with our clients, we go through a consultative process to determine the threats and associated risks facing their organization, assess their maturity across a range of controls, and put together plans to bridge the relevant security gaps,” Millar explained.
“We believe aggregated and centralized cloud-based identity systems can mitigate or eliminate unwanted access to data and systems hosted across a variety of cloud platforms.”
What do you think about the cloud as a systemic loss potential? Let us know in the comments section below.
Related stories:
Reported costs of cyberattacks just ‘tip of the iceberg’ says QBE
How technology is reshaping the traditional insurance model