Businesses are increasingly turning to multi-cloud strategies to future-proof their networks, ensuring stability, scalability, and security. However, while these strategies bring undeniable benefits, they also introduce complex challenges for organisations striving to secure their digital ecosystems.
In an exclusive conversation with iTNews Asia, Rodney Kinchington, Managing Director for BT Business in the Asia-Pacific, Middle East, and Africa, shares his insights on the complex intersection of multi-cloud adoption, crucial factors that organisations must consider when navigating the complexities of multi-cloud environments and and the growing importance of cyber agility in safeguarding business operations.
Understanding the risks of multicloud environment
According to Kinchington, multicloud strategies have become a necessity as businesses seek to future-proof their networks and gain access to the best technology offerings from various cloud providers. With workloads spread across hybrid environments ranging from on-premises data centres to cloud services - adopting a multi-cloud approach provides critical advantages, such as improved stability and scalability.
However, these benefits come with their own set of challenges. Kinchington points out that a recent survey found that while 82 percent of businesses report having "high" or "complete" visibility over their cloud ecosystems, nearly one in five organisations still struggle with blind spots. These gaps in visibility can have significant consequences, particularly if any cloud service goes offline, which can result in data latency and disrupt mission-critical operations, thereby severely impacting performance and customer experience.
The complexity of managing multiple cloud environments further amplifies the risk of cyberattacks, especially as cloud services often operate in different markets with varied regulatory requirements.
To mitigate these risks, businesses must maintain clear visibility over the performance of each cloud network.
“A centralised dashboard that provides a comprehensive view of cloud performance can simplify the process of monitoring and managing risks, enabling teams to detect and address issues before they escalate,” Kinchington said.
He added that vendor lock-in remains a major concern for organisations relying on specific cloud providers for their critical services, which can create vulnerabilities that are difficult to defend against.
To avoid such pitfalls, Kinchington advocates for prioritising tools and technologies that support open standards, which allow for greater flexibility and portability across various cloud providers.
Organisations can strengthen their resilience against cyberattacks by designing workloads to be vendor-agnostic from the outset - free from provider-specific APIs and configurations.
- Rodney Kinchington, Managing Director for Asia-Pacific, Middle East, and Africa, BT Business
Network as a Service (NaaS) solutions can provide businesses with the ability to scale bandwidth and manage costs without being locked into long-term contracts, he said. This agility allows businesses to adapt quickly to regulatory changes and varying market conditions while maintaining control over their cloud environments.
The need for visibility across complex cloud ecosystem
With multi-cloud ecosystems in play, incident response becomes more complex, especially when breaches occur across multiple cloud platforms simultaneously. Kinchington emphasised a three-pronged approach to managing incidents: visibility, planning, and coordination.
“End-to-end visibility is essential. With detailed insights into network performance, businesses can proactively address issues like latency, jitter, and packet loss across the cloud delivery pathway, helping to minimise downtime and optimise performance,” he said.
Kinchington also added that the key to effective incident response lies in the integration of adaptive solutions that can seamlessly adjust to the complex, multi-cloud ecosystems. Traditional site-to-site network architectures often fail to provide the flexibility required for future-proofing cloud connectivity.
He urged businesses to tighten security controls around all connected devices, not just IoT devices, as each additional device increases the exposure to potential cyber threats.
Additionally, IoT manufacturers have a responsibility to build robust security features into their products from the outset. "A Zero Trust approach should be embedded from the beginning, ensuring secure integration across multi-layered security architectures," he added.
Artificial Intelligence (AI) and machine learning (ML) are playing an increasingly important role in strengthening organisations' security postures across multi-cloud environments.
“AI enables businesses to manage the high volume of incidents more effectively, allowing teams to focus on critical cybersecurity issues,” Kinchington said.
Automated systems can pre-emptively identify and mitigate potential risks, reducing the time it takes to respond to incidents and minimising their impact. What are the best ways to do this? Kinchington recommends Identity Threat Detection and Response (ITDR) solutions, paired with automated incident response, can enhance an organisation’s ability to resolve and recover from cybersecurity threats efficiently.
Cyber agility key to long-term security
Kinchington's vision for strong cybersecurity revolves around "cyber agility" - which is the ability to quickly respond to new threats while keeping the business running smoothly. He sees cyber agility as a way to turn security into a tool for innovation and growth.
To develop agile security frameworks, he recommended focusing on six key dimensions: awareness, compliance, connectivity, strategy, skills, and innovation.
“Organisations can strike a balance between short-term agility and long-term resilience by regularly reviewing and updating security practices,” Kinchington said.
He also added that collaboration is essential in building a resilient cybersecurity infrastructure.
"When businesses, partners, and industries share intelligence and best practices, they create a collective defense strategy that enhances security for all stakeholders." This collaborative approach ensures that organisations are better prepared to face emerging threats and strengthen their overall cybersecurity posture.
