Cyberstorage: Leveraging the Multi-Cloud to Combat Data Exfiltration
Multi-cloud data storage, once merely a byproduct of the great cloud migration, has now become a strategy for data management. “Multi-cloud by design,” and its companion the supercloud, is an ecosystem in which several cloud systems work together to provide many organizational benefits, including increased scale and overall resiliency.
And now, even security teams who have long been the holdout on wide-scale cloud adoption, may find a reason to rejoice. Born out of the multi-cloud approach, cyberstorage enables companies to not only enjoy the benefits that multi-cloud brings but also eliminate the risk of data exposure at the same time, marking the beginning of the multi-cloud maturity era.
While many organizations ended up with multiple cloud services as a byproduct of interdepartmental needs, today organizations are intentionally building multi-cloud environments. And rather than manage the various cloud services individually, many are implementing an abstraction layer that sits above the hyperscale infrastructure to combine and collaborate cloud repositories together for a singular purpose.
This ecosystem is referred to as the supercloud. How organizations are using the supercloud is unique to their use case but the benefits to adopters are many: increased flexibility in accessing data, streamlined operations for DevSecOps teams, increased scale and power from multiple storage providers, reduced risk in single-point-of-failure should one cloud provider suffer an outage.
Whether the multi-cloud environment came by design or not, one thing remains constant: security teams are weary of wide-scale cloud adoption. And with good reason. As ransomware attacks continue to rise at a 13% growth rate year over year, surely more cloud storage simply equals more data vulnerability gaps to fill, right? New developments in data technology address these concerns. Adopting the concept of the supercloud, cyberstorage can create a virtual layer on top of the disparate cloud repositories, adding unique security controls that actually benefit from multi-cloud storage sprawl.
Cyberstorage, the fusion of high-performance security with accessible storage, entered the data security scene in 2022 when Gartner coined the category. The technology is purpose-built to withstand ransomware and other malware attacks on data repositories with proactive technology to better block and respond to attacks as they happen, such as the ability to self-heal and recover compromised data, and native safeguards at the data-level that secure it against exposure and exfiltration even when perimeter defenses have been breached. While there are several approaches to cyberstorage, solutions that employ a data harbor specifically leverage the multi-cloud to improve data security.
Data exfiltration, now replacing the pay-to-decrypt ransomware monetization tactic, is a daily fear for security teams. Stolen data has been a boon for ransomware actors as the threat of exposure and publication increases the leverage against the victimized organization, forcing their hand to pay increasingly higher ransoms to maintain the integrity of their data. Recent notorious exfiltration attacks, including 2022’s LastPass breach in which encrypted backups and MFA policies were stolen along with sensitive customer data, spurred industry-wide discourse about the fundamental vulnerability: data that is networked in its complete state can never be safe from breach. Even common data-level safeguards such as encryption and MFA were undermined in this case.
Cyberstorage solutions that utilize a data harbor solve this critical design flaw. Data is fragmented and distributed across the multiple storage locations that make up the data harbor – and then instantly reassembled for use. This means that exfiltration attempts in the cloud would only render meaningless fragments of data for the culprit, and never the full, usable data set. The more data locations and cloud vendors added to the data harbor, the higher the company’s resilience is against attack. Only the data harbor holds the keys to piecing the data back together. And since a data harbor has built-in redundancies, it can self-heal from an attack or outage perpetrated on any single cloud repository.
It is a sign of market maturity that security architecture is being designed to fit into the framework of the multi-cloud environment, rather than bolted on afterward. Cyberstorage solutions recognize the growing trend toward interconnected “supercloud” infrastructure and provide a solution to work within this foundation. Leveraging the multi-cloud infrastructure, cyberstorage can increase the organization’s security posture, safeguarding data against ransomware and exfiltration. And for this reason, it is predicted that the category will grow by 6x over the next three years as companies start to implement anti-ransomware technology right onto the data storage layer.
Note: Paul Lewis, the Founder & CEO of Calamu, has written and contributed to this article.
Sign up for free and start receiving your daily dose of cybersecurity news, insights and tips.