Continued reliance on human vigilance – a large surface area is difficult to patrol continuously, which
            means that gaps and lapses in monitoring are commonly overlooked.



            The waters of cybercrime just as vast and murky

            This real-world analogy perfectly mirrors the need for a revised approach to cybersecurity. In today’s
            digital world, having to deal with a veritable ocean of an attack surface and unknown cyberthreats are
            two prominent challenges. Faced with this onslaught, it is unreasonable and sheer folly to expect human
            decision making to remain a large part of the cybersecurity chain.

            At the cloud level, visibility over your infrastructure decreases astronomically. Today, organisations use
            thousands of instances of cloud services, which is near-impossible for the human mind or even your IT
            department to keep track of at all times. In August 2022, FortiGuard Labs reported that it had seen over
            10,666 ransomware variants compared with 5,400 in the previous six-month period – representing a 100
            per cent growth. There are simply too many variables beyond your control, which means that your IT
            experts and software-based defenses that patrol the external environment are fighting a battle against
            unseen foes, at all times.

            Outside of the hardware level, organisations are playing in an ever-expanding open environment where
            they will be hard-pressed to protect themselves from all angles. In fact, between Q1 2021 to Q1 2022,
            the US ranked as the highest region globally to be targeted by ransomware, according to cybersecurity
            firm Group-IB.

            The question then is how do we take control of the environment to protect our most important assets?



            Your house, your rules

            Revisiting the beach analogy. If I had to choose between the fallible safety net-protected beach and a
            swimming pool, I’d go for the latter. Why? Because I would know exactly what’s in the water with me, and
            presumably would have control over that environment.

            The same applies when devising a plan to keep cybercriminals away from your valuable data. In this
            analogy, the software is the ocean and the hardware is the man-made pool. Usage of the cloud is already
            highly prevalent and has undeniable business benefits. In fact, global expenditure on cloud infrastructure
            and services grew 13.5% y-o-y between 2020 and 2021., according to a study by IDC. Cloud computing
            was  a  lifesaver  in  the  early  days  of  the  pandemic,  as  organisations  shifted  to  remote  working
            arrangements – and adoption will only continue to grow. This is why the idea is not to abandon the use
            of such a useful innovation, but rather to learn how to build a comprehensive defense posture to reap the
            benefit of digital innovation.

            Specifically, your mission-critical assets such as employee and customer data, and company financial
            records, are absolutely essential to protect. Rather than allowing such information to float freely in the
            ocean of the cloud, you might already be storing the data with physical options such as physical servers
            or local storage devices.




                                                                                                              13