Trillium Insights

Thoughts and Insights from Trillium's Practice Leaders

How do I Secure my Cloud Services?

How do I Secure my Cloud Services?

With the growth of Cloud Services, including Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS), and Infrastructure-as-a-Service (IaaS) solutions, your organization needs to be cognizant of what is involved with their use and what security in these environments means.  

SaaS is the Cloud-based service that consumes the entire operation – specific application(s) that are hosted by a third-party provider, available over the Internet.    PaaS provides the platform, allowing customers to develop, run, and manage applications without having to build and maintain the attendant infrastructure.  IaaS typically only provides infrastructure, including hardware, storage, and data center space to support the enterprise, with the customer directing the applications and operations.  

IDC estimates that in 2018 Cloud computing will be at least 50% of all IT spending, with additional growth to 60-70% by 2020.   However, with that growth additional security vulnerabilities will be uncovered, potentially exposing your organization.  Recently, a survey of security professionals indicated that one-third (1/3) of breaches affected more than one-half (1/2) of systems.  You simply cannot dismiss security concerns once you make the decision to go with a cloud-based solution. 

So, what is being done?  Cloud providers are beginning to be work directly with security solution providers to address customer concerns and implement end-to-end measures, such as Rackspace’s recent partnership with Cisco to deploy next-generation firewalls directly into its services.  Further, according to Cisco, in addition to traditional security tools, tools such as Machine Learning (ML) and Artificial Intelligence (AI) are maturing.  Tools like AWS Guardduty and AWS Macie are now being used within the enterprise.  It is imperative that as you develop relationships with Cloud providers, you understand their security roadmaps so you can make informed security decisions for your company. 

Also, there is a major security skills shortage and using an ‘automation first’ agile approach to security reduces the operational load on security, leverages automation learnings across multiple environments and provides economies of scale savings by utilizing scarce resources in a shared model.

Being acutely aware of your Cloud-based security risks, issues, and potential mitigation strategies will help your company to protect your data and electronic assets.

How do Artificial Intelligence (AI) and Machine Learning (ML) help in Cybersecurity?

How do Artificial Intelligence (AI) and Machine Learning (ML) help in Cybersecurity?

If you are running a business or an Information Technology operation, one of the biggest and most pervasive issues you deal with daily is cybersecurity.  In conjunction with security systems, Artificial Intelligence (AI) and Machine Learning (ML) are being used to protect against cyber-attacks.  A simple definition of AI in the cybersecurity context is the ability to program the identification and mitigation of attacks, alerting security staff to issues as needed.  This can help “free up” your employees for more fruitful and less repetitive security activities.  ML, a type of AI, in the cybersecurity context allows systems to identify anomalies. There are 2 types of ML – Supervised ML uses a pre-defined set of data examples to reach a conclusion, whereas Unsupervised ML finds patterns and relationships without examples from which to draw conclusions. 

It is projected that AI algorithms using ML will make it simpler to respond to cybersecurity risks, because these solutions will use ML data from prior cyber-attacks to adapt and identify similar risks, effectively “learning” behaviors in a standardized way.  Additionally, as attacks become more sophisticated, conventional cybersecurity protocols will be less and less effective. 

However, since security tools are only as good as the last successful attack, intrusions and intruders will continue to become more sophisticated.  To further complicate the issue, it is anticipated that AI and ML will also be used to conduct attacks, or “adversarial machine learning,” versus only being used as protection against attacks. 

Considering the current cybersecurity workforce shortage, estimated to grow to 3.5 million worldwide by 2021, your business will have to rely more on AI and ML solutions in conjunction with your own staff.

It is critical that your business stays vigilant in efforts to identify and mitigate cyber-attacks so your systems, data, and infrastructure remain as secure as possible.  Keeping your eyes open about both the benefits and issues surrounding AI and ML will allow you to view these emerging technologies in the cybersecurity space realistically.

Am I Secure, Where Do I Start?

Am I Secure, Where Do I Start?

If your business is responsible for maintain the privacy of Protected Health Information (PHI,) you are inevitably familiar with Health Insurance Portability and Accountability (HIPAA) data security regulations.  HIPAA governs the sharing of such information, both for electronic and paper records.  As your company grows, it is important to ensure that the data under your control is secure.  Failure to properly protect this information can adversely impact both your reputation and your bottom line, as indicated by the numerous news reports concerning data security breaches. 
What are some activities that will help to secure your data and environment?  They include analyzing the current state of your security so that issues are brought to the surface.  Specifically, a HIPAA assessment of your security framework can be executed, creating a risk assessment for the organization.  The resulting assessment can be used to prioritize security tasks, along with a security roadmap and a plan for mitigating the highest priority tasks.  Benchmarking risks compared to industry averages will help your organization adequately analyze its security.  All these activities can be used to create a security capability scorecard to have a total picture of your organization. 

Once you understand your security profile, a risk reduction program can be tailored to your requirements.  The program could include software monitoring products as well as modifications to your process flows.  In addition, the resulting HIPAA documentation for your organization can be used going forward to further help reduce your security risk profile.    

According to recent research, 43% of organizations that understand their cybersecurity profiles and have the appropriate processes and technologies in place can recover from potential breaches within hours.  This may well be the differentiating factor in securing your company’s HIPAA data and reputation       

It is often prudent to bring in impartial experts outside of your organization to do a review of your cybersecurity and HIPAA compliance.  Trillium's Cybersecurity and Privacy Practice can help to secure your PHI to ensure that your security exposure is minimized.

What does building Security into your development lifecycle mean?

What does building Security into your development lifecycle mean?

Part of the system development lifecycle includes the relationship between development teams and operations teams.  DevOps is shorthand for development and operations – a software development phase originally used in Agile methodology that enables systems to be more rapidly deployed and more easily managed by incorporating operations into the development process.  Given the higher visibility of security and the need of organizations to ensure that security is not an afterthought, there has been a relatively recent addition to DevOps – security, hence the term DevSecOps.  It is meant to incorporate security into the software development process so that new systems are deployed, employing as many security features as possible to protect your data and organization.   

What processes should be included to secure your systems in development?  They include Software Assurance activities to ensure your software is free from vulnerabilities, including:

  • Design Review – includes reviewing system security and best practices to determine the optimal architecture to protect and safeguard your company’s critical data and its access
  • Code Review – includes rules for writing code that minimize security exposure, along with formal reviews prior to code release
  • Security Testing – includes techniques to determine how your systems protect data while maintaining its intended functionality

While improving the relationships between development, operations, and security units, it may be prudent to include outside assistance to provide an unbiased look at your software development projects.  Trillium's Cybersecurity and Privacy Practice can help to secure your system and software development and ensure your systems minimize your security exposure.