hero image

Delta Risk News

Delta Risk News > 2017 Cloud Data Breaches Highlight Need for Ongoing ...

2017 Cloud Data Breaches Highlight Need for Ongoing Attention to Configuration and Management

November 30, 2017


Experts Say Moving to the Cloud Can be Good for the Bottom Line but Presents New Security Challenges

SAN ANTONIO, TX — November 30, 2017 — More than 90 percent of organizations are now using cloud services and SaaS applications like Office 365 or G Suite, along with cloud infrastructure like AWS, Google Cloud, and Azure. Most, however, do not consider all the potential risks to data and business operations that can result from human error or malicious actors when accounts are misconfigured or mismanaged. Delta Risk, a global provider of cyber security and risk management services, announced today that it will host a webinar on this topic with recommendations for what security professionals can do to improve their cloud security posture and protect critical information. The live webinar, “Flying Blind: 2017 Cloud Configurations Gone Wrong,” will take place December 7 at 1 PM ET.

In the webinar, John Hawley, Vice President of Product Strategy, along with Michael Piscopo, Director of Technical Consulting Services, will take an in-depth look at some of the biggest public cloud breaches in 2017 and examine what went wrong in each case. They will also discuss:

  • New risks related to the use of cloud services
  • Common factors between 2017 security incidents
  • Indications for malicious behavior or risks
  • Methods and technology to prevent misconfiguration

“There’s hardly a week that passes without another news story on data losses and malicious user behavior resulting from misconfigured cloud instances,” notes Hawley. “Although moving to cloud services like AWS, Azure, or Google Cloud can offer significant cost savings and flexibility, the developers implementing these projects often lack the security knowledge required to keep data secure.”

While cloud services themselves are generally secure, the task of configuring and using them securely is often left to organization’s IT leaders, development teams, or even line of business managers. The lack of visibility and control around these services is resulting in some of the most significant data breach incidents of 2017. A survey of security professionals in the Cloud Security: 2017 Spotlight Report, published by Crowd Research Partners in coordination with Delta Risk, indicates that although cloud computing has become a mainstream delivery choice for applications, services, and infrastructure – with more than 90 percent of organizations now using them – concerns about cloud security remain high. The top three cloud security concerns of survey respondents were protecting against data loss (57 percent), threats to data privacy (49 percent), and breaches of confidentiality (47 percent).

“It’s important to recognize some of the telltale signs a misconfiguration is going to put your critical assets at risk,” added Piscopo. “Many organizations are finding that it makes good business sense to work with security vendors that understand what it means to do a technical assessment of cloud workloads, monitor cloud access, and respond to incidents in cloud environments.”

About the Speakers
John Hawley, Vice President of Product Strategy, has been in the security space for more than 15 years. Prior to joining Delta Risk in 2017, he served as Vice President, Portfolio Strategy for the Worldwide Security business at CA Technologies. Prior to CA, John founded and managed a venture funded SaaS company providing performance monitoring for cloud applications. Before this, he served in senior leadership roles at UUNET/WorldCom and Ernst & Young, LLC. John holds an MBA from the KATZ School of Business at University of Pittsburgh and a BS in Information Systems from Virginia Tech. 

Michael Piscopo, Director of Technical Consulting Serviceshas more than 20 years of experience in security leadership, IT architecture, application development, and business experience. Prior to joining Delta Risk, he was the Director of Information Risk Management and Information Security Officer for ING’s U.S. Financial Services division, where he and his team were responsible for enterprise-wide information security incident response, third-party security assessments, policy compliance, risk assessments, and security consulting.

Delta Risk LLC, a Chertoff Group company, provides customized and flexible cyber security and risk management services to government and private sector clients worldwide. Founded in 2007, we are a U.S.-based firm offering a wide range of advisory services as well as managed security services. Our roots are based in military expertise, and that background continues to drive our mission focus. We are passionate about keeping our clients safe and secure.