The past 12 months have seen dramatic changes for organizations as they adapted to the pandemic to maintain business operations and continue their digital transformation. Increased remote working and accelerated cloud transformation have driven organizations to rethink how they do security, especially cloud security.
In addition, with the recent ransomware attacks - such as the one on a U.S. fuel pipeline operator - continuing to impact cities and businesses, and the new White House Executive Order on cybersecurity calling for increased implementation of Multifactor Authentication and data encryption, business resilience and the ability to adapt to an ever-changing environment has never been more important.
As part of the build-up to RSA Conference 2021, Thales’ Todd Moore, VP of Encryption Products, was interviewed by Matthew Schwartz, Executive Editor with Information Security Media Group (IMSG), and discussed how operational, technological, and regulatory complexities are creating new challenges for security teams.
Challenges of an ever-changing digital age
As critical corporate data extends across a multitude of platforms, in the cloud and on-premises, organizations are compelled to discover, protect and control their data to prevent breaches.
Focusing on protecting data in the cloud, we have seen that many cloud service providers are offering native security solutions. However, per the shared responsibility model, it is not their responsibility to protect your critical data. That responsibility falls upon your security teams. While in some cases it is fine to utilize the security solutions offered by the cloud service providers, when it comes to protect your highly sensitive data you will have to opt for other practices, such as Bring Your Own Key (BYOK), Hold Your Own Key (HYOK) or even Bring Your Own Encryption (BYOE).
Looking to the future
Executive Orders like the one from the White House will make a significant contribution toward modernizing cybersecurity defenses. There are going to be more methods and mechanisms on confidential computing, and data processing. The Zero-trust framework for end-to-end cybersecurity, including data encryption and strong authentication, will be adapted and implemented by more organizations. Best practices such as Bring Your Own Encryption (BYOE) make sure that cloud service providers cannot see the data hosted inside their environment.
It is all about business resilience – being able to adapt to the changing environment and overcome the challenges that come with it. Resilience is also the theme of RSA Conference 2021 this week. If you want to learn how Thales can help your business become resilient to the evolving security landscape, make sure to visit our virtual booth at the event, where you will also be able to watch Todd's interview in full.