Most cloud security breaches are caused by human error rather than the cloud platform or application, says Cisco’s Brian Roddy.

Aug 13 2019

Q&A: Cisco's Brian Roddy Notes Many Businesses Are Already in the Cloud and Don't Even Know It

Shadow IT is a big security problem. Businesses should deploy tools to gain visibility and control.

Here’s a scary thought: Businesses are using hundreds of cloud applications that their IT teams don’t even know about. Each one of those applications is a potential security risk, yet it’s difficult to secure a network against unseen threats, notes Brian Roddy, vice ­president and general manager of cloud s­ecurity for Cisco Systems.

In a conversation with BizTech Managing Editor Bob Keaveney, Roddy says good cloud security starts with better visibility.

BIZTECH: What are your threat intelligence sources telling you that small and midsize businesses should know right now when it comes to cloud security?

What we’ve seen is a dramatic increase in malware and ransomware exposure targeting the midmarket and below. Larger companies have very high-end security postures now, which means most attacks on them are targeted. But downmarket, hackers are seeing a whole lot of opportunities to attack things.

We’ve also seen a huge increase in cryptojacking, where people are using malware to basically hijack your computer power. That doesn’t feel bad, but it can add up and it can slow network performance and cause trouble.

CDW Cybersecurity Insight Report

One of the simplest and most effective things to do is Domain Name System-based security. And the reason we highlight that is because it’s easy to deploy — you can usually do it in about a half hour — and customers that deploy it tell us they see a 90 percent decrease in malware. So, that’s a pretty good bang for your buck.

BIZTECH: When it comes to cloud applications, what do businesses need to think about when it comes to security generally?

The first thing you have to think about is, “How does my security model change as a result of my use of this application?” It used to be that all the applications lived in the data center. And the good thing was that, as the IT manager, I had complete control over those applications. I could look at the data they’re storing, I could keep a perimeter around them and keep them safe. The challenge was, if my data center does get breached, I lose all the application data at once. It’s an all-or-nothing situation.

When I deploy cloud applications, I diversify my security issues. Now I have to worry about applications like Salesforce and Office 365 and all my other cloud applications. The good news is those companies have typically spent a lot more than you can as a small business on security, so they’re keeping those applications safe. And if they do get breached, you only lose the data from that one system.

Brian Roddy
The biggest issue is the way people use the cloud. With cloud-based security breaches, it’s usually much more about the behavior of the people involved than it is about the application."

Brian Roddy Vice ­President and General Manager of Cloud S­ecurity, Cisco Systems

BIZTECH: Right, but most businesses are using a lot more than the well-known cloud apps with well-funded, state-of-the art security.

That’s absolutely true. In fact, one thing that we find is that the average business today, even small businesses, are using hundreds and even thousands of cloud-based applications.

BIZTECH: Do most businesses typically even know they’re using that many cloud applications?

Nope. But people are starting to get a little more of a handle on that. One of the features that was recently added to Cisco Umbrella, for example, is a toolset that’s designed to help you see that. It gives you a report of what people are using and tells you which ones are risky. We rolled it out at a Fortune 200 company. They claimed to us that they were using very few cloud applications. But in fact, there were literally hundreds of applications that they didn’t know about. And that does not mean that cloud applications are bad. They’re not; most cloud applications are great. There’s a good reason people use them. It’s just that you need to have visibility and control over what’s in your environment.

BIZTECH: How do so many cloud applications get into environments without the IT department’s knowledge?

Because people just download things. It’s like with your phone — on the app store, you’re used to downloading ­whatever application you want that fits your needs. People feel the same way in business: If they feel like there’s a tool that’s going to help their productivity, they want to use it. And you want them to use it. But it’s important to have the visibility and control so that you can have a very flexible policy but still be able to zero in on the bad situations.

BIZTECH: What should IT managers be ­watching out for?

The biggest issue is the way people use the cloud. With cloud-based security breaches, it’s usually much more about the behavior of the people involved than it is about the application.

Users may be putting information into cloud applications that they shouldn’t be, simply because they aren’t aware or because people get their passwords breached. They make a mistake, they pass their password on to someone else, and then it’s out there. That sort of thing happens all the time.

For that, I really recommend that businesses deploy a two-factor authentication solution. Just having that second factor so that passwords are not the single way to get breached is so important. It’s more common that people will log in to steal your data than break in to steal your data.

Photography by Robert Houser

Zero Trust–Ready?

Answer 3 questions on how your organization is implementing zero trust.