KuppingerCole Report
Advisory Note
By John Tolbert

Protect Your Cloud Against Hacks and Industrial Espionage

Hacks against on-premises and cloud infrastructure happen every day. Corporate espionage is not just the stuff of spy novels. Unethical corporate competitors and even government intelligence agencies use hacking techniques to steal data. Reduce the risk of falling victim to hackers and industrial espionage by implementing the proper security tools in your cloud-based environments.

1 Executive Summary

Industrial espionage is the practice of spying or using covert operations to obtain information on competitors. Industrial espionage is perpetrated ei ...

Login Free 30-day Select Access Get full Access

2 Highlights

  • Industrial espionage costs companies which invest in R&D hundreds up to one trillion dollars annually
  • Companies of all sizes across many industrie ...
Login Free 30-day Select Access Get full Access

3 How hackers and spies steal data

Industrial spies use common attack patterns to break into computing systems from afar. In order to get a foothold, spies need to capture valid user cr ...

Targeting: crafting an email with a malicious link or attachment to target particular individuals within an organization, for the purpose of getting ...

Login Free 30-day Select Access Get full Access

4 Countermeasures against data loss from cloud services

To protect cloud-based resources from industrial espionage, companies need the following architectural components in place: IAM [identity governance, ...

In the sections that follow, we will look at identity management and security components that can be deployed to help reduce the risk of data loss. Ea ...

Login Free 30-day Select Access Get full Access

5 Countermeasure: IAM

IAM has been a keystone for information security for decades. IAM solutions have evolved considerably, encompassing proofing, provisioning and deprovi ...

Login Free 30-day Select Access Get full Access

5.1 Identity proofing

Identity proofing is demonstrably showing that a user is who they purport to be at time of registration and credential issuance. Proofing often involv ...

Login Free 30-day Select Access Get full Access

5.2 Provisioning and De-provisioning

Provisioning is the function of creating user accounts with proper group membership, roles, and entitlements for users. Historically there was a lot o ...

Login Free 30-day Select Access Get full Access

5.3 Attribute storage and maintenance

Attributes about users are the basis of attribute- and policy-based access controls. Information owners write policies, composed of rules, which stipu ...

Login Free 30-day Select Access Get full Access

5.4 Access management and recertification

In order to prevent unintended access possibilities, organizations must actively manage user attributes. For example, user attributes can change frequ ...

Login Free 30-day Select Access Get full Access

5.5 Authentication: MFA and Adaptive Authentication

Authentication is the process of “proving” that the appropriate user is in possession of the properly issued digital credential. Cloud-based servi ...

Login Free 30-day Select Access Get full Access

5.6 Authorization and Access Controls

Authorization is the process of determining whether a user, device, or application should be allowed to perform an operation.

Authentication ≠ ...

Login Free 30-day Select Access Get full Access

5.7 Privileged Access Management

Industrial spies often try to take over privileged accounts so that they not only can gain access to more kinds of data, but also so that they can cov ...

Login Free 30-day Select Access Get full Access

6 Countermeasures: Data Governance, CASBs, and Encryption

Data governance is another important architectural component to securing resources both on-premises and in the cloud, and if properly implemented can ...

Login Free 30-day Select Access Get full Access

6.1 Data discovery and classification

Organizations cannot adequately protect what they don’t know that they have. The first step toward appropriate integration between IAM and data-laye ...

Login Free 30-day Select Access Get full Access

6.2 CASB

Cloud Access Security Brokers evolved to fill the gap between traditional DLP tools, which were designed for on-premises applications primarily, and t ...

CASBs are a necessary element to help defend against industrial espionage in the cloud.

Login Free 30-day Select Access Get full Access

6.3 Encryption

Encryption should be used as primary control against data leakage in the cloud and on-premises, and both in transit and at rest. Encryption can be app ...

Login Free 30-day Select Access Get full Access

7 Countermeasure: Environmental security for cloud services

Industrial espionage perpetrators and cybercriminals often use malware to achieve their objectives. If your organization uses IaaS or PaaS virtual ser ...

Login Free 30-day Select Access Get full Access

7.1 Anti-malware for virtual servers

Even virtual servers are susceptible to various forms of malware. Viruses can afflict virtual servers. Worms could spread among unpatched applications ...

Login Free 30-day Select Access Get full Access

7.2 Network Threat Detection and Response (NTDR)

NTDR tools have evolved from a couple of sources over the last few years. Historically, many organizations have used Intrusion Detection Systems (IDS) ...

Login Free 30-day Select Access Get full Access

7.3 API Security

Applications talk to other applications as much as or more than users interact directly with them in contemporary computing environments. Besides basi ...

Login Free 30-day Select Access Get full Access

7.4 Security Intelligence Integration

Malicious actors sometimes leave clues to their activities scattered across various systems. This is the case for both on-premises and cloud infrastru ...

Login Free 30-day Select Access Get full Access

8 Countermeasure: Endpoint Security

Most legitimate access of your cloud resources originates from endpoints in your organization or from contractors, partners, or customers. If the clo ...

Login Free 30-day Select Access Get full Access

8.1 Endpoint Protection

Malware comes in many forms: viruses, worms, rootkits, botnets, file-less malware, ransomware, and crypto-miners are prevalent in the wild. Malware is ...

Login Free 30-day Select Access Get full Access

8.2 Endpoint Detection & Response

Modern EPP solutions generally do a pretty good job of detecting known and sometimes unknown malware. To combat unknown types of potentially suspiciou ...

Login Free 30-day Select Access Get full Access

9 Countermeasures matrix

All the countermeasures described above are necessary for the most effective defense. However, realizing that time and money are limited, the followin ...

Area Countermeasure Requires Main risks addressed Cost & Complexity Risk mitigating impact Priority
IAM Identity Proofin ...

It is difficult to prioritize the deployment of the various countermeasures considering that, generally speaking, all the components are needed to mou ...

Login Free 30-day Select Access Get full Access

10 Recommendations

Most organizations are using cloud-based services today. Hackers and industrial spies know this and will be actively probing these environments for in ...

Login Free 30-day Select Access Get full Access

Copyright

©2019 KuppingerCole Analysts AG all rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarksTM or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

KuppingerCole Analysts support IT professionals with outstanding expertise in defining IT strategies and in relevant decision-making processes. As a leading analyst ompany, KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole Analysts, founded in 2004, is a global analyst company headquartered in Europe focusing on Information Security and Identity and Access Management (IAM). KuppingerCole stands for expertise, thought leadership, outstanding practical relevance, and a vendor-neutral view on the information security market segments, covering all relevant aspects like: Identity and Access Management (IAM), Governance & Auditing Tools, Cloud and Virtualization Security, Information Protection, Mobile as well as Software Security, System and Network Security, Security Monitoring, Analytics & Reporting, Governance, and Organization & Policies.

For further information, please contact clients@kuppingercole.com.

top