Financial services organizations and many other enterprises have hesitated to go all in the cloud, citing concerns about depending on a third-party to protect the data, and the Capital One breach seems to encapsulate their fears.
Capital One was unusual compared to the rest of the financial services industry because it embraced its digital transformation journey. Over the past few years, Capital One has more than tripled its technology staff, and encouraged developers to focus on artificial intelligence and data-mining applications. The bank’s willingness to use Amazon Web Services was unusual specifically because many of its counterparts were nervous about storing customer data on third-party networks. As CyberScoop reported, the financial giant opted for the public cloud’s security benefits, and said its data and applications were more secure in AWS than in its own data centers because Amazon could update the security technology faster than the bank’s security team.
“Capital One is a standout in the financial institutions community by going public cloud while most of its peers hedged the risk by implementing additional security controls around their private clouds,” said Igor Baikalov, chief scientist at Securonix.
The aftermath of the breach where a former AWS engineer abused a misconfigured server to get access to Capital One’s data—personal information such as names, addresses, and contact information for roughly 100 million individuals—may seem like the other financial institutions had a point with their slow approach regarding public cloud services. Competitors considered private clouds with internal firewalls, and handled their own data security contols. Capital One, by opting for th ..
Support the originator by clicking the read the rest link below.
