It is crucial to remember that out of sight should never mean out of mind. In other words, do not assume that your cloud service provider has implemented adequate security protections. The onus of securing your cloud-based assets falls on your shoulders - not theirs. As such, be sure to deploy a unified risk management platform that continuously monitors for security risks with IT components located on-premises and in the cloud.
5. Detect threats from within
Today's cybercriminals are well-funded, highly motivated, and more sophisticated than ever. Advanced threat actors constantly develop new ways to circumvent perimeter defenses. And with the use of laptops and mobile devices on a seemingly permanent upward trend, employees often hand carry threats into the office after surfing the web over the weekend. For these reasons, organisations can't afford to rely exclusively on perimeter security devices and traditional endpoint defences. Smart CISOs are investing in technologies that continuously search for threats from the inside instead.
"You have to push your point of monitoring focus and look at every element in your network - not just the endpoints, but also the infrastructure that ties everything together. Monitor the infrastructure deeper than you traditionally would, understand what's on your network, and identify the risks that you are, or potentially, exposed to," advised Bussiere. "If you don't know what's on your network, you can't efficiently fight the risk."
Sign up for CIO Asia eNewsletters.