Cloud of the future poses security challenges now

Evolve.Cloud Canberra
  • CSO staff (CSO Online)
  • — 30 October, 2012 13:42

The accelerated nature of cloud computing is presenting new security challenges, attendees at the Evolve.Cloud conference heard in Canberra recently.

See the Evolve.Cloud slideshow

JD Sherry, VP of Data Centre Technologies and Solutions for Trend Micro, said the challenges are often exacerbated as the industry moves from a physical world to a virtual environment.

“With cybercriminals mobilising and learning how to attack these infrastructures, an adaptive security model is required to provide better flexibility, agility and compliance. Everybody’s currently talking about zero-day threats, but we’re now seeing zero-hour activities,” said Sherry.

“However, we can’t let that stop us. The cloud is the way of the future and we need to plan accordingly,” he said.

For cloud security adviser and author Rob Livingstone, the emergence of the hybrid cloud as the dominant form of cloud computing in the enterprise sector posed other challenges. Coming to grips with the systemic risks associated with this ecosystem may well be the next dilemma.

“Information assets are protected within the new cloud environments as long as the underlying security architecture has been designed for the cloud. However, the convergence of hybrid clouds, mobile devices and BYOD presents unique systemic risks for CIOs,” said Livingstone.

The conference, hosted by Trend Micro, had a strong government focus.

John Sheridan, First Assistant Secretary, Agency Services, Australian Government Information Management Office (AGIMO), announced the Data-Centre-as-a-Service (DCaaS) Multi Use List of 35 leading suppliers which have been selected to provide cloud and cloud-Like services to the Australian Government.

“We need to recognise the challenges that we see here around the notion of reaping the savings that apply to public cloud and expecting them to be reflected in private cloud. I think all of us understand that in government, balancing those pressures is something that we’re used to, so perhaps doesn’t present us with too much of a difficulty,” said Sheridan.

Andrew Milroy, Vice President, ICT Research, APAC Frost and Sullivan, observed that governments are using cloud to reduce spending, enable greater agility, access updated technology, and eliminate procurement and maintenance activities, as well as provide universal access to resources.

“Across the board we’re starting to see governments set up infrastructures that behave like private clouds but are run by governments themselves,” said Milroy.

Sanjay Mehta, Managing Director, Trend Micro ANZ, said the benefits of cloud computing have been proven for business and government, ranging from lower costs to increased innovation.

“As with any fast-growing technology, there are risks and challenges, but security should not be seen as a barrier to adoption,” said Mehta.

Spectrum allocation was another emerging topic, and seen as a little-discussed constraint on the growth of cloud computing.

“The model we have now, where spectrum is allocated to telco vendors, is perhaps not the optimal way forward and that will become more apparent.  We think that regulators will need to look at broader models that can optimise how spectrum is being used,” said Frost and Sullivan’s Milroy.

See the Evolve.Cloud slideshow

Tags: Evolve.cloud, trend micro, cloud security

Google introduces Chrome 'factory reset' pop-ups to tackle extensions hijacks

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Cloud Trust Authority

Reduce complexity and increase trust for public cloud service providers and their customers.

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.