Cloud innovation: Becoming a proactive data defender

A blog post by Diana Kearns-Manolatos, senior manager, Center for Integrated Research, Deloitte Services LP

Deloitte’s research, “An integrated approach to your cloud migration strategy,” found 70% of surveyed organizations with a mature cloud and cyber strategy report doing well or very well in using advanced technologies to predict potential future risks and threats. Undoubtedly, artificial intelligence (AI) has an important role to play in enabling proactive cloud and cybersecurity strategies with advanced predictive capabilities across business, workforce, and customer operations.

For example, security teams have a large volume of daily activities, and a certain level of abnormal activity does not necessarily indicate a threat, just business as usual. Being able to tell the difference can be a challenge. However, organizations can use cloud-enabled machine learning (ML) to identify anomalous events, such as a Trojan horse activating “under cover” of a storm to send data to an unusual location rather than business continuity controls being implemented wherein data is rerouted to a planned location.

The cloud has an important role to play in enabling the chief information security officer (CISO) and the organization to become a proactive data defender.

Business and technology strategies for the proactive data defender

The proactive data defender’s cloud innovation strategy focuses on four key business outcomes:

• Proactive governance applies not just to data and automation, but also to more mature AI and machine learning predictive analysis that can enhance security across the entire digital ecosystem, including predictive threat monitoring and self-healing infrastructures.
  
• Data intelligence strategies must be highly mature for this scenario, with strong AI/ML capabilities trained to detect and respond to cyber risks and govern operations automatically.
  
• Creating and maintaining frictionless and agile experience management would need to balance false positives of AI systems related to issues like a fraud that could lock systems and adversely affect the customer experience with automated fraud detection vis-à-vis improved data privacy and customer trust.
  
• A network-of-ecosystems approach would allow the organization to collect important real-time and historical data for threat monitoring and to understand networked relationships related to known and unknown threats across customers, suppliers, partners, and more.
  

Given these business requirements, the proactive data defender’s cloud innovation program would benefit from:

• Being centralized to tightly manage data, application, network, and infrastructure access only to authorized individuals;
  
• Having some standards to help meet baseline regulatory, compliance, industry, and technology standards that could affect security and integrity;
  
• Taking an agile approach to keep pace with a continuously shifting threat landscape, with an automated process, controls, and risk reviews and solutions that improve with time; and
  
• Embracing a plural cloud strategy that allows the flexibility to use a private cloud for high-security data requirements.
  
  

Innovating the future with the cloud

The proactive data defender is one of several cloud scenarios where cloud innovation programs today are looking to build new organizational infrastructures for the future. To learn more about this business case and other future cloud scenarios, visit our Deloitte Insights article, “A new framing for cloud innovation,” and don’t miss our upcoming post, “Cloud innovation: Becoming an AI-fueled entrepreneur.”