The world is now neck-deep in digital. Companies everywhere are trying to conquer the digital universe by revitalizing business models or building new ones from scratch to remain competitive. Much of this action is based on a common foundation: cloud computing.

In fact, the use of cloud computing has exploded over the past decade, and theres no end to the growth in sight. Global spending on the cloud hit $273 billion in 2018 and is poised to exceed an astonishing $623 billion by 2025, according to industry reports.

The reason for cloud's growth is clear: it is often associated with lower costs, greater flexibility, and greater security. But while cloud offers a big boost in physical security beyond what a garden-variety end-user is typically willing or able to afford, its still a shared responsibility proposition. Put another way, the provider oversees cloud security, and the customer is in charge of its own security in the cloud including the integrity of the stored and processed data, and the resilience of all apps and APIs that interface with the web.

But most cloud packages include only basic security. If an extra layer of security isnt added, the customers entire IT value chain is basically a line of sitting ducks. And since more and more corporate and customer data resides in the cloud, tight IP access can become a serious bottleneck. If the cloud platform is offline, its game over.

This is not just a theory. In October 2019, Amazon Web Services (AWS) suffered a major DDoS attack roughly eight hours long. Users couldnt connect because AWS miscategorized their legitimate customer queries as malicious. Google Cloud Platform encountered a variety of troubles at roughly the same time, but the company claims they were unrelated to DDoS. A few weeks earlier, a number of DDoS attacks knocked out a South African ISP for a full day, making internet access widely impossible.

Go here to read the rest:

3 things you should know about cloud security in 2020 - CIO