©2018-2019 by The GRC Institute - Governance, Risk & Compliance.  ABN: 42862119377

The Cloud, Cyber Security & Compliance

July 26, 2018

 

 

The cloud has played a major factor in an environment where businesses are under increasing pressure to digitise to stay relevant. 


Earlier the week Checkpoint, Alibaba Cloud and TAS Cloud came together to launch their TAS Cloud platform. 
Shane Baker said at the Cloud Reimagined at the IVY Ballroom in Sydney, that they have focused on cloud and these partnerships because, he said that with the radical change in the financial services sector and the way that technology is maturing. 


He said that the choice to partner with Alibaba Cloud is the capabilities that they have been cultivating I this space and the partnership with Checkpoint must do with the ensuring that the cloud is secure. 


China is a global leader when it comes to the development of Fintech and Baker said that the Alibaba is a key component of that success. 


Third largest cloud provider on the global market baker indicated that they are on track to being the number one cloud provider in the Asia Pacific region. 

 

Cybersecurity, Compliance and the Cloud 
Keith Holtham, head of emerging technologies at Checkpoint for Australia and New Zealand,  said that NotPetya was game-changing cyber-attack the in the in the sense that is was targeted, but despite this, many businesses still have not done much to improve their cybersecurity systems. 


Checkpoint is one of the key partners for the new Cloud platform formed by this underlying partnership. 


He said that less than 40 per cent of organisation have made substantive change to their security frameworks. 
The World Economic Forum has subsequently released a report suggesting that there will be more of these kinds of attacks. 


The focus of these attacks will no longer just be in the data centre but they will be focussed on the networks, endpoints, cloud and the mobile device. 


This means that businesses are likely to be open to multi-surface attacks. 


He said that mandatory breach reporting regime that went into law this year and now people are more aware of the breaches and the impact they are having. 

 

“The cloud for the security people is an anathema, we like building big walls around things.”

 

He said that the capabilities of this new cloud system are that the companies can bring their secure framework on to the platform with their business processes. 


And this will then allow the business to be able to comply with the relevant regulations and standards. 
The examples that he used are Payment Card Industry Standards, the Australian Privacy Principles or the General Data Protection Regulation coming out of the UK.


He said that in the cloud security he said that they have seen a 350 per cent growth, which explained that better than 9/10ths of organisations are not protecting their data in the cloud, however, the responsibility of securing the data in the cloud belongs to the organisation. 

 

Implications and connection to Open Banking and Comprehensive Credit Reporting 
In a recent interview, the Julian Fenwick, Managing Director of GRC solutions told the GRC professional that the Australian Prudential Regulation Authority (APRA) requirements around the cloud might be what is holding some businesses back from on boarding technology solutions to businesses. 


In 2015, the prudential regulator released an Information Paper which is entitled Outsourcing Involving shared computing Services (Including Cloud). 


This information paper was released in response to the potential risks that the regulator saw around the use of the cloud. 


This includes CPS 231 that requires businesses mitigation strategies for outsourcing. At the time the regulator saw the shared computer services and the cloud as a major change and a major disruptor to how technology had been used before. 


However, Computer World reported earlier this year that the cloud is going major leap in 2018. 


In April, the publication said that per Gartner forecasts spending on public cloud services will reach $4.6 billion, and Gartner further predicts that the spend will then go up to more than 5 billion mar next year. 


Baker said that this will be difficult for business to change their core systems in a blink of an eye but the core works of the future will be in the cloud and this means better access to data around regulatory controls. 
 

Please reload

Suggested Posts
Please reload

Tags
Please reload