Open GI’s chief information officer Giles Baxter explains why brokers should move to cloud-based solutions, as cyber security risks get ever more sophisticated

OGI Giles Baxter

Giles Baxter, chief information officer at Open GI

There has been, and will continue to be, widespread coverage across the national media of high profile brands being hit by cyber criminals – from huge players like British Airways through to retailers such as Furniture Village and even, quite recently, insurance firm CNA Hardy. However, the reality is that SMEs – including brokers – are just as exposed to ransomware and extortion as the bigger players.

Cyber often feels like an intangible threat, but the impact of an attack is very real. According to the government’s Cyber Security Breaches Survey 2021, published in March this year, of the businesses that identify breaches or attacks, one in five end up losing money, data or other assets. And one-third of businesses (35%) report being negatively impacted because they require new post-breach measures, have staff time diverted or suffer wider business disruption.

Secure in the cloud

Additional protection from cyber attacks could be made by moving your business to the cloud.

In simple terms, when your applications are running in the cloud, all your software applications, data storage and services run on infrastructure provided by your cloud provider.

In most cases, the cloud provider will have made significant investments in securing its service from cyber attacks - far more investment than all but the very largest organisations make.

Microsoft, for example, invests over $1bn (£744m) annually in security and employs 3,500 cyber security experts. By running your applications in the cloud, you inherit the investment that your cloud provider continues to make, keeping it secure against the ever-changing cyber security threat landscape. These investments typically include:

  • Sophisticated multilayer cyber security architecture and tooling used to prevent, detect and respond to cyber attacks more efficiently than ever.
  • 24 hours a day, 365 days a year of monitoring and response capability, so they can react no matter when an attack is launched.
  • Embedded processes to ensure that security is maintained against all the latest identified security vulnerabilities.
  • Teams of highly trained specialists, with scarce and valuable - often expensive - skills.
  • Industry standard certifications, including ISO 27001, providing external validation that its cyber security capabilities are operating effectively.

On its own, this bundle of capabilities looks attractive, particularly as ensuring the operability of your systems and security of the data held on them is non-negotiable. The increase in business transacted online, a trend accelerated by Covid-19, means this has never been truer than it is today.

All that is on top of the other benefits that moving your business to the cloud can offer, such as:

  • Speed of deployment.
  • Scalability of compute and storage.
  • Reliability and availability of applications.
  • Reduced management overheads and less external tooling requirements.
  • Accessibility over the internet anytime, anywhere, on any device.
  • Disaster recovery and the ability to backup and restore data with ease.

Therefore, the case for using the cloud and the security you inherit with it makes even more sense.

A stronger security model than your own budget allows

It is true that all of this can be achieved yourself on your own infrastructure solution, if all these cyber security capabilities are built in-house. We are seeing cyber threats increasing in sophistication and voracity - and with it, the cost of mitigating them is correspondingly rising. As this escalates, the point at which it makes sense to hold these capabilities in-house becomes increasingly prohibitive.

With the dissolving perimeters that are present within modern day application architectures, the skills, tooling and experience required to secure your platform changes.

Traditional environments usually control access by using a perimeter security model, but modern environments are highly connected, making it easier for traffic to bypass traditional perimeter defences.

Preventing unauthorised access requires shifting to a data-centric security approach and with cloud providers doing most of this work for the consumer, isn’t it time you evaluated whether it still makes sense to hold these skills in-house, or leverage the significant investment cloud providers make to do this for you?

Open GI has developed a new cloud solution, Mobius, which will provide brokers with all the security features the cloud can offer. Hosted in Microsoft Azure, the new Mobius broking platform is highly secure, providing consistent, reliable performance and protection included as standard.

There is much more to Mobius than security, so to find out more or to arrange a demo please visit www.opengi.co.uk/mobius-campaign