The volume of critical infrastructure attacks across 2024 was alarming: everything from airports to hospitals shut down due to ransomware.
With Microsoft reporting 600 million cyberattacks every day and other top cloud providers facing constant attempts, centralized clouds are under heavy fire.
There is a constant onslaught of cyber attacks each week, such as the November 2024 Blue Yonder attack, which, by infiltrating one supply chain operator, disrupted retailers from supermarkets to Starbucks.
The data and power demands of artificial intelligence, in particular, keep driving larger companies into the cloud — but it’s a gold rush fraught with danger.
Techopedia speaks to experts and explores why the cloud needs a stronger focus on cybersecurity as we move into 2025.
Key Takeaways
- Centralized cloud environments are increasingly targeted by cyberattacks, leading to significant consequences for businesses and critical infrastructure.
- Google’s decision to force MFA highlights the industry’s need for better cloud security while new trends like Data Security Posture Management emerge.
- Decentralized cloud technology is another idea — with higher security but with more complexity.
- There is no silver bullet, but one thing is certain: the attacks will keep on coming.
Google’s Mandatory MFA & the Cloud Exit Movement
In November, Google announced that multi-factor authentication (MFA) will be mandatory for everyone on the Google Cloud starting in 2025.
The announcement is not an isolated Google security feature but part of a wider trend across the industry that seeks to reduce the large number of cybersecurity incidents happening in centralized cloud environments.
But it’s not necessarily going to save the day: As the Cloud Security Alliance puts it, poor implementation of MFA or Identity and Access Management (IAM) is just one of the many problems the cloud faces.
The problem is exponential — most businesses operate in more than one cloud via multi or hybrid cloud environments, meaning security teams struggle to gain visibility into an ever-expanding digital attack surface that is ripe with vulnerabilities that hackers can exploit.
Knowing Where All Your Data Lives Is a Start
Paulo Henriques, Head of Cyber Security Operations at Exponential-e, an IT-managed service company, told us that no single data security technology in the market today stands out as the best.
Approaches like Data Loss Prevention (DLP), which can efficiently monitor and manage how data is accessed and used, particularly outside the secure environment, is a starting point.
Henriques said companies need to identify the most sensitive data they work with and take actions to secure that treasure trove.
“Encryption of data at rest and in transit remains critical, but it has become a standard feature in most solutions and is now considered less of a primary concern,” Henriques said.
Arvind Nithrakashyap, Co-Founder and CTO at Rubrik, a Palo Alto, California data security company, told us that there is still a lot of confusion regarding where data lives on the cloud, what it contains, and how to protect it.
He said:
“New GenAI enterprise applications have made it critical for organizations to monitor what data is being sent into LLMs.”
To solve these gaps, Data Security Posture Management (DSPM) is emerging.
“This is an approach to data security that solves one of the most complex issues in modern cloud environments: knowing where all your data is and how it is secured,” Nithrakashyap said.
“DSPM provides clear visibility to address this and ensure that only safe, compliant data is used in GenAI applications.”
After all, cybercriminals and nation-state-supported threat groups see data on the cloud as the grand prize.
Alex Shulman-Peleg, Americas Cloud Cybersecurity Leader at EY Consulting, an assurance, tax, and information technology services firm, agreed that DSPM is part of the necessary cybersecurity toolkit.
“DSPM tools are becoming more popular, as these tools offer a cross-cloud platform for data discovery, policy management, and alerting,” Shulman-Peleg said.
Is Decentralization & Cloud Blockchain the Future?
The big problem with centralized cloud environments is exactly what it sounds like: they are centralized.
This means that all the data is stored in one location, and when attackers manage to breach the digital attack surface, it is jackpot time.
But what if data on the cloud was constantly on the move, hashed, encrypted, and stored in different servers? This is the core idea behind decentralized clouds, which heavily use blockchain technology.
We asked Meny Har, CEO and co-founder at Opus Security, a cloud-native security remediation platform, if he saw potential in the new decentralized cloud technology.
“Yes, decentralized cloud security technologies present significant potential by distributing security controls and data management across multiple nodes, thereby reducing single points of failure and enhancing resilience against cyber threats.”
As Har explained, decentralized clouds can improve scalability and flexibility, allowing organizations to tailor security measures to specific needs while maintaining robust protection.
While some question the availability of data and speed as the main cons of decentralized cloud infrastructures, Har disagrees.
“Decentralized solutions facilitate more granular access controls and faster response times, making them a promising advancement in the evolving cloud security landscape.”
But if decentralized blockchain technology can be used to build much safer cloud infrastructure, why is it not becoming the norm? Henriques from Exponential-e suggested:
“These advantages come with a trade-off: increased complexity in managing and monitoring a decentralized model.”
For cloud engineers, DevOps, and DevSecOps teams, decentralized technology involves a new skill set, a more complex system that requires sophisticated syncing and is harder to manage as they have no source of single truth dashboards.
In short, building, operating, and maintaining decentralized clouds is more expensive and requires mastering blockchain tech.
The Cloud Security Silver Bullet Mantra
With reports showing that large businesses work with 10 to 15 security vendors and use, on average, 75 cybersecurity solutions, the “no-silver-bullet” mantra is well established.
This mantra pushes the narrative that only holistic cybersecurity frameworks are effective.
However, cybersecurity reports reveal that this approach is extremely vulnerable, and companies that use this concept are still being breached.
We asked Har from Opus Security for his thoughts on this one.
“In the cybersecurity industry, the notion of a silver bullet solution, such as a universal data security layer, is less practical than embracing holistic frameworks that orchestrate diverse security solutions”
While we agree that holistic approaches are indispensable today, there is also clear evidence of how innovative technology can quickly break the bullet’s trajectory.
GenAI, for example, took over the world in record time and is just one case of how new threats can throw a security plan into disarray.
As cyberattacks prove every day, holistic cybersecurity solutions and frameworks in place today cannot always move fast enough to deal with today’s threats.
The Bottom Line
Centralization is the big problem the cloud has that no one wants to talk about.
Those massive data leaks and the cyberattacks that shut down ambulances and emergency services across cities are a real threat to how we live our lives, and the attack landscape becomes a lot easier when services run on centralized clouds.
There is not a clear answer to this one: is it decentralized clouds, keeping data on-site, or hoping defenses can keep up with the constant attacks?
