Intelligent CISO Issue 16 - Page 33

 PREDI C TI VE I NTEL L I GE NC E SaaS nightmare: The risks of collaboration in the cloud Software-as-a-Service tools offer major benefits to modern organisations due to their collaborative nature – but they are not without security risks. Justin Fier, Director of Threat Intelligence and Analytics, Darktrace, discusses the major vulnerabilities seen in Software-as-a-Service today and looks at real life examples of attacks where AI cyberdefences have been able to prevent a breach. I t’s no secret that collaboration is the bedrock of business. In fact, a Stanford University study demonstrated that merely priming employees to act in a collaborative fashion – without changing their environment or workflow – makes them more engaged, more persistent, more successful and less fatigued. such applications offer financial and technical benefits to companies of all sizes, from storage savings to reliable connectivity to support speed. Yet it is their collaborative nature that has positioned SaaS software at the heart of the modern enterprise. To digitally optimise this biologically ingrained capacity for teamwork, businesses the world over have adopted Software-as-a-Service (SaaS) applications that facilitate the sharing of information between multiple users. At the same time, the interactivity of cloud services renders them an attractive target for advanced cybercriminals, who can often leverage a single user’s SaaS credentials to compromise dozens of other accounts. And while leading SaaS vendors conform to high security standards, the cyberdefences they employ nonetheless have a common weakness: human error on the customer end. Run via centralised, cloud-hosted data centres rather than on local hardware, By launching sophisticated attacks, today’s threat actors are increasingly | Issue 16 gaining access to cloud services through the front door, necessitating a fundamentally different security approach that can detect when credentialled users behave – ever so slightly – out of character. Sensitive file access Among the key challenges of SaaS security is balancing the convenience of open access to information with the imperative of protecting privileged assets. Indeed, with hundreds or even thousands of employees sharing a welter of files and databases at all times, safeguarding SaaS applications against insider threat is extraordinarily difficult with traditional security tools, which use fixed rules and signatures to catch only known, external cyberattacks. 33