Cloud computing’s balancing act: Are we in a mushroom cloud moment?

Groundbreaking innovations, those that shape history, often introduce immeasurable opportunity as well as profound risk. The recent release of the film “Oppenheimer” underscores this truth. The film centers on physicist J. Robert Oppenheimer, who in 1945 led his team to achieve the detonation of the world’s first nuclear weapon. In what is known as the Manhattan Project’s Trinity test, a distinct mushroom-shaped cloud exploded over the New Mexico desert almost 40,000 feet into the atmosphere, ushering in the nuclear age.

Since then, nuclear energy has driven advancements in power generation, medicine, and various scientific fields, yet humanity has also suffered its catastrophic effects. Thereafter known as the father of the atomic bomb, Oppenheimer grappled with the complexities of his innovation, famously quoting a Hindu scripture in saying, “I am become death, the destroyer of worlds.”

The mushroom cloud became a symbol of the potential of technological advancements for both great promise and great peril.

The concept of racing for innovation to harness power brings to mind another transformative technology: cloud computing. As the internet began to drastically reshape how businesses operate and scale, we created a new reality in tech, one of rapid consumption, access, and storage of data.

Cloud computing has enabled business transformation and ushered in massive economic growth. It has revolutionized entire computing frameworks—but not without exponentially expanding the attack surface and redefining the front lines of existing and emerging threats.

In many ways, the cloud is the cyber version of the Trinity mushroom cloud. A cloud attack can fracture digital infrastructures, compromising sensitive information and disrupting business operations. The fallout extends beyond data loss; it can have far-reaching impacts on users and customers, eroding trust. The cloud is a weapon of our own creation that we are racing to understand.

The cloud conundrumOrganizations often prioritize growth over security. And truly, we have benefited from the cloud’s capacity to scale our businesses. But without training our people, implementing sufficient controls, or allocating necessary resources, we are leaving our cloud environments vulnerable to intruders. We are competing against resourceful and motivated adversaries who consistently carry out activities such as identity-based attacks and exploitation of trust in enterprise applications.

This is the unfair fight we face: While security capabilities for the cloud have improved and best practices have been defined, the onus is still on organizations to enable the settings that ensure security—settings that are sometimes ignored in the name of efficiency. The choice to accept this risk is often made by those tasked with driving revenue rather than those well-versed in cloud security. What’s more, the latter are in short supply.

Nearly 80 years after the Trinity test, a new form of warfare has emerged: cyber warfare. We have recently seen it in the attacks on Ukraine’s critical infrastructure. But in a more general sense, we as defenders, are also in an ongoing battle. Are we witnessing the explosion of technical innovation as Oppenheimer did, without a strategic acknowledgment of the risk?

Frameworks for a secure horizonCloud attack tactics and techniques will continue to advance. But attackers needn’t work that hard—in environments with poor cloud hygiene, basic attack techniques persist.

Guidelines and standards such as the Cloud Security Alliance’s (CSA) Cloud Controls Matrix (CCM), the National Institute of Standards and Technology’s (NIST) Cloud Computing Security Reference Architecture, and the Center for Internet Security’s CIS Controls Cloud Computing Guide provide organizations with a systematic approach to aligning their cloud practices with regulatory requirements and security best practices. By offering clear pathways to assess, implement, and monitor security measures, these frameworks can play an important role in helping organizations navigate the cloud landscape.

Just as Oppenheimer grappled with the profound impact of nuclear energy, we are at a crossroads with cloud computing. The cloud, much like the Trinity test, symbolizes both great potential and substantial risk. It is the new frontier for security practitioners to level set, demanding us to elevate the level of cloud security across the board. By leveraging what we already know and advancing our collective understanding of what we don’t, we can take back the cloud and more fully realize its promise.

MacKenzie Brown is vice president of security at Blackpoint Cyber, a supplier of cybsersecurity and real response services to MSPs, SMBs, and enterprise companies.

03

Cash in or lose out: Banks are turning to AI, cloud computing, and Web3 to gain competitive advantage and customer loyalty

  • Banks are revamping their digital strategies to make better use of technology at their companies.
  • AI and cloud tech are giving some banks an edge over competitors and enticing brand loyalty.
  • Outdated IT systems are hard to modernize, but they must be updated to meet current needs.
  • This article is part of “Build IT,” a series about digital tech and innovation trends that are disrupting industries.

Loading Something is loading.Thanks for signing up!

Access your favorite topics in a personalized feed while you’re on the go. download the app

It might be hard to remember the last time you visited a bank branch for a financial service. You likely conduct most of your banking via apps and websites, whether you’re paying bills, seeking help for a transaction, or checking your account balance after an expensive night out at your local cocktail bar.

In a 2023 GoBankingRates survey of US consumers, 59% of respondents said they would rather bank with smartphone applications, and 22% said they were more inclined to use banking websites. Meanwhile, 19% said they preferred physical branches and ATMs to online banking.

However, online banking is only a small part of the digital transformation underway in the sector as innovations such as AI-driven tools and cloud technology radically restyle the industry.

Traditional banks that ignore this reality risk losing loyal customers to digital banks that have emerged over the past few years, research suggests. A study from the banking-tech company 10x found that bad customer experience could result in banks losing 20% of their customers.

Experts told Insider that implementing a comprehensive digital strategy blending current and emerging technologies would put banks in a better position to maintain brand loyalty with customers and increase their competitive advantage.

Digital transformation is a must for banksWith online banking now the norm, digital transformation is no longer optional for banks. It’s a “necessity to remain competitive and meet customers’ evolving needs,” said Victoria Newton, the chief product officer of Engine by Starling Bank, the cloud-banking software used at Starling.

Victoria Newton, the chief product officer of Engine by Starling Bank. Engine by StarlingBut effective tech in the banking sector should go beyond apps and cloud migration, Newton said. She advised banks to rethink their technical operations and transform legacy, or outdated, IT systems to “continuously improve and adapt.”

“It’s integral to the longevity of banks. Legacy banking systems were not designed to provide the banking experience that people expect today,” she said. “Simply changing the customer channels without attacking the core and customer-servicing systems cannot deliver the customer experience or low cost to serve what digitally native banks can.”

Changes in customer habits and technological developments have made the banking sector “incredibly competitive,” Laura Merling, the chief transformation and operations officer of the financial-services provider Arvest Bank, said.

Banking firms must invest in digital tools such as cloud platforms and generative artificial intelligence to “meet customers where, when, and how they want to bank,” Merling added. Doing so will help banks benefit from additional revenue streams, improve the customer experience, and streamline operations, she said.

Jay Venkateswaran, the business-unit head of banking and financial services at the business-process-management firm WNS, said digital transformation strategies could also help banks lower transaction and operating costs.

Jay Venkateswaran, the business-unit head of banking and financial services at WNS. WNSFintechs that have sprung up over the past decade are leveraging digital channels and offshoring to “ensure minimal operating costs,” he said, adding: “Accordingly, the operating cost for such firms has been far lower than traditional banks who continue to leverage branch and onshore call centers apart from digital channels.”

For example, many banks have replaced physical branches and call-center teams with live chats and FAQ website sections to reduce the overhead of their customer-support functions.

AI is automating banking transactions and processesBanks are increasingly automating the banking experience by adopting AI tools and developing AI-generated products. For example, Capital One offers an AI-powered customer assistant called Eno. It detects and flags suspicious account activity, answers questions over text messages, makes suggestions to help improve customer spending habits, pays bills, and checks account balances.

Goldman Sachs is another major bank that sees massive potential in AI technology. In March, the firm announced that its software developers were exploring ways AI tools could help them write and test code automatically. The aim is to improve productivity in the bank’s software-development department. In the long run, it could help banks accelerate product development, further improving their competitive edge and satisfying evolving customer expectations.

Nigel Vaz, the CEO of Publicis Sapient. Publicis SapientNigel Vaz, the CEO of Publicis Sapient, a consultancy for digital business management and transformation, told Insider that AI could also provide protections such as cyberdefenses and fraud detection. Meanwhile, Venkateswaran views AI as a “powerful tool” for increasing the speed and efficiency of banking transactions, he said.

Leave a Comment