You may have seen one of those witty bumper stickers that states “If you think Education is expensive, try Ignorance.” The same is true for security: if you think security is expensive, try getting hacked!
As we often say, you can’t manage what you don’t know about. The cost of not paying enough attention to cyber security can be devastating. Last year’s Ponemon “Cost of Data Breach” study estimates the costs related to a breach have risen 29% since 2013—and are exponentially larger for large enterprises. In just the past few months we’ve learned about Yahoo’s breach of over one billion email accounts. Yahoo’s security failures are expected to result in the loss of 925 million dollars as Verizon looks to acquire Yahoo for far less than originally agreed to. Target, Home Depot, even the US Postal Service have had their own such breaches.
Remember the hack of the Democratic National Committee’s emails, and the uproar over Hillary Clinton’s private server? Arguably she lost out on a really nice job, with lots of benefits, because of server security issues.
Your job could be next
Those security breaches are well publicized, because they affect millions of people, or well-established internet companies, or politicians. Clearly, organizations of scale are just as susceptible as anyone to anonymous hackers, corporate espionage, and disgruntled employees if they fail to make security a priority. Without the infrastructure and process to support security in a dynamic environment, any organization is at risk.
Modern enterprises need to take proactive steps to mitigate risks and prevent threats. The move to IaaS shifted some of the security responsibility to the cloud provider, but there are still important considerations for the enterprise. Enterprises must worry about rogue or poorly trained employees. Perhaps the biggest danger is from hackers, competitors, or disgruntled former employees. Since the cloud means they don’t need physical access to access your infrastructure, you don’t have the same barriers you did when all of your data was inside your facilities.
Cloud security costs for enterprises
So the obvious question is, why wouldn’t you make every effort to secure your infrastructure? Usually, it comes down to cost. It’s true that security comes with a price. Cloud Security professionals cost over $100,000 per year, or even twice that amount. Then of course, there’s the cost of technology to enforce appropriate identity access management (IAM), policies, and permissions. But security doesn’t have to hurt your bottom line. When cloud security is combined with cloud cost management, enterprise organizations can ensure their infrastructure spend goes farther, enabling them to grow the business faster while staying safe and compliant..
If you can make the case for increased security, while saving significantly, you don’t have to worry about losing your job. (In fact, you might even get a promotion!)
Are you attending AWS Summit in San Francisco April 18th and 19th? Register to attend “Best Practices for Managing AWS Environments at Scale.” Join CloudCheckr Co-Founder/CEO Aaron Newman in this presentation as he walks you through best practices and strategies for successfully scaling your AWS environment.
Next week: Cost Management for the Modern Enterprise