Reevaluating cyber security in a cloud age
October 24, 2019863 views0 comments
Stakeholders have reevaluated affiliated dangers and prospects of growing adoption of cloud services and several other solutions attached to it, especially as the scourge of cyber attacks continues to prowl, writes OMOBAYO AZEEZ.
The need to save, store and access data has been a regular demand in every day affairs from personal to corporate and to governments’ activities. As information technology evolves, the mode of dealing with data has also evolved with it; and today, cloud computing and its affiliated services have become the smartest way of dealing with data in the current era tagged by many as the cloud generation.
Describing how the cloud generation works, experts at Symantec say: “in our cloud generation, everyone and everything is connected, information flows freely across various devices, services and platforms. We demand easy online document sharing, email that is available on every device, databases accessible from anywhere and phones you talk to, not through.”
Read Also:
The convenience and effectiveness accompany cloud services have wooed big and small players from both private and public sectors to key into it, albeit with a relatively slow take off in Nigeria and Africa.
Gartner recently predicted that by 2025, “80 per cent of enterprises will migrate entirely away from on-premises data centres”. According to the report, the trend of moving workloads away from the premises will continue, leading most businesses to shut down their traditional data centres.
As cloud computing and services continue to ease tasks and make data storage and retrieval more flexible and cost effective, such ease and flexibility come with cyber risks capable of reversing the good narrative about cloud.
The Public Cloud Market
As industry pundits gathered at the International Cyber Security and Cloud Computing, organized by Commercio and recently held in Lagos, they called for reevaluation of the cloud market to detect latent opportunities in the threats that trouble its confidence.
The Founder and CTO of Cloude Assurnace, Taiye Lambe, who spoke at the gathering emphasised more on how to extract economic benefits from cyber threats in relation to the growing adoption of cloud.
According to him, despite the associated risks involved, public cloud market is not ready to subside any time soon as its adoption will continue to grow in the future.
Quoting a report by Gartner, Taiye disclosed that from an estimated figure of $182.4 billion in 2018 and $214.3 billion in 2019, worldwide cloud services revenue has been estimated to hit $249.8 billion, $289.1 billion and $331.2 billion in the 2020, 2021 and 2022 respectively.
These represent projected growths of 17.5 per cent in 2019, 16.6 per cent in 2020, 15.7 per cent and 14.56 per cent in 2021 and 2022 respectively, which amount to a cumulative 81.6 per cent appreciation of revenue in the space within a period of four years.
Experts at the gathering also noted that the aspect of public cloud service that will play host to the projected revenue are cloud business process services (BPaaS), cloud application infrastructure services (Paas), cloud application services (SaaS) Cloud management and security services and cloud system infrastructure service (IaaS).
Similarly, another report titled “Global cloud computing market 2019” implies that the future of cloud computing indicates impressive growth rate till 2025. “Cloud computing is expected to reach USD 712.83 billion by 2025, at a CAGR of 18.46 per cent from 2018 to 2025.”
Meanwhile, while experts at the International Cyber Security and Cloud conference identified factors propelling the growth of the market to include increasing automation and agility, necessity for delivering enhanced customer experience, increased cost savings and return on investment, and enhanced internet quality and the rise of 5G technology, they warned sternly that cyber security continues to post unabated threats.
Cyber Attacks on the Prowl
According to the Managing Director of Tros Technologies, Olumyiwa Awosile, “in the past cyber-attacks have been aimed at large corporations, but in the last few years with the ransomware attacks becoming more prevalent, businesses large and small are now vulnerable to cyber attacks.
Experts within the Central Bank of Nigeria (CBN), who participated at the Lagos conference, also stated that cyber security has created many victims ranging from government institutions to private entities.
They, however, maintained that with financial institutions leading the migration of businesses to the cloud, they have remained the prime targets of cyber attacks.
The CBN also identified trends that are escalating cyber security in Nigeria to include rapid growth in internet usage which has risen from a paltry 100 thousand users in year 2000 to 86 million in 2016, and in less than three years after, it now stands at 122 million as at the end of August, 2019.
Other factors are large young population with a median age of 20 years; poverty which can be traced to underemployment and unemployment of a large percentage of the population.
According to the apex bank, all these combined, has worsened the case of cyber insecurity with many criminal minded fellows trying to use the internet channels dubiously as their leeway from poverty.
Meanwhile, Lambo explained cybercrimes cost African economies $3.5 billion in 2017.
According to him, “In that year, annual loses to cybercrimes were estimated for Nigeria at $649 million, and Kenya, itself at $210 million. The FBI also estimated about $26 billion global losses to business email compromise between 2017 and 2019.”
It is also revealed that 54 per cent of businesses are attacked at least once in 2018, when global loss was estimated at $1 trillion, and in the same year 60 per cent of Nigerian companies were affected. Meanwhile, 92.4 per cent of attacks come via email, according to Sidmack; while the FBI puts losses to email compromises at $26 billion.
In Nigeria, a 2019 Ponemon Institute research put the cost of data breach in the Nigerian financial system at $3.92 million, an equivalent of N14.3 billion.
Call for adequate regulation
Acknowledging regulatory roles in bringing the scourge of cyber attacks to its barest minimum, experts called for collaborative efforts among stakeholders and regulatory bodies.
Experts within the CBN have noted that regulating cyber security is a different ball game demanding a different approach from the regular regulatory pattern, if success must be attained.
They noted that dictatorial approach to regulating cyber crime is a secondary course, saying that engagement and collaboration with players in the industry in dissecting what the problems are and proffering suitable solutions to them is more important.
According the apex bank, this prescribed approach is necessitated by the nature of the ecosystem which involves complex IT infrastructures, rapidly evolving Cybercrime landscape, sophisticated adversaries, new technologies and capabilities.
Thought leaders in the industry also emphasised importance of communication and awareness in winning the war against cyber attacks, especially as it relates to cloud.
They opined that regulators should get all industry players to visualize the devastating impacts of cyber crimes not only on their organisation but on the entire ecosystem.
In Nigeria, the Nigeria National Cyber Security Strategy and Policy was enacted in 2016, CBN IT Standard Framework came in 2015 and the CBN Cybersecurity Framework Guidelines was introduced last year, 2018.
Despite these legal frameworks in place, industry pundits continue to make case for the need to have more legal pronouncements that will abate the rate of cyber attacks.
In the opinion of the Mr Olusola Teniola, President, Association of Telecommunication companies of Nigeria (ATCON), a more effective approach to tackling cyber crime is to create a value system that give the vice zero tolerance, particularly in the youths.
He noted, also, that the concept of ethical hacking had been abused such that the line between it and dubious hacking has faded, and as such, Teniola recommending complete abstain from hacking, except when it becomes inevitable.
Exploiting vacuum for economic benefits
Of the various aspect of cloud computing, cloud management and security services accounts for the lowest revenue projection between 2018 and 2022, standing at $70.7 billion or 5.6 per cent of the total $1,266.8 billion.
According to experts, this raises question as to how secured will the future cloud services be when a meager amount will be allocated to protecting the mushrooming migration businesses to the cloud.
According Lambo, cyber security as an aspect of cloud computing has the largest demand as well as the largest gap between demand and supply. He said this leaves smart nations and industry players with a lucrative opportunity to benefit from the current vacuum by developing human capital.
Quoting a recent survey, he said 68 per cent of employers demand high skill in cyber security while only 43 per cent of the demand can be met.
“Also, there is 65 per cent demand for skills in cloud computing while only 42 per cent supply is available to meet it. Analytics is also suffering from supply shortage in an estimated proportion of 51 per cent to 64 per cent demand.
“Web development has similar demand-supply gap in ratio 64 to 39. Mobile application design has an imbalance of 62 per cent demand against 38 per cent supply. Data science roves at 62 per cent skill demand against 45 per cent and big data which requires 61 per cent skills demand now has only 41 per cent of the demand met,” he said.
By developing human capital in the areas in dare need of more skillful hands, particularly that of cyber security and cloud computing, experts believed the country would be able to solve global problems in technology and legitimately claim their own share of the projected $1,266.8 cloud revenue by 2022.
Last Line
Industry thought leaders predict more cyber attacks due to growing trend of cloud computing. They not only advocate a collaborative approach between the public and private sectors in winning the war against the threats; simultaneously, they see latent economic opportunities as in the fight against cyber attacks.