Assessing the threat landscape of sectors as they adopt cloud-based email services

Abstract

Email communication is a crucial part of the daily processes of enterprises. Organizations can opt for traditional infrastructure on-premise or use cloud-based email services provided by (foreign) cloud service providers. In Europe in particular, organizations from crucial sectors have been adopting cloudbasedemail services. The level of cloud adoption can vary strongly within these sectors. Nevertheless, this trend towards the use of cloud-based email services brings societal implications for the sovereignty of European data. Email services hosted with foreign cloud service providers can be susceptible to surveillance by foreign governments and intelligence agencies, which violates privacy of European individuals. The attack space further includes invasion with political and monetary incentives that may also impact security, as data is hosted with cloud service providers who might have weak security protocols. We measured the level of cloud adoption for seven crucial sectors in Europe: executive governments, healthcare, SME’s, higher educational institutes, NGO’s and financial services. We have conducted a DNS analysis on MX records from a Farsight (SIE) dataset to measure the prevalence of cloud service providers. The results revealed the prevalence of extremely dominant cloud service providers, Microsoft and Google in Europe. The dominant position obtained by these providers means that two aspects in governance of this socio-technical system in Europe must be attended to if Europe wants to regain control over their data and infrastructures: (1) European regulation focus needs to shift and (2) awareness must be raised at managerial level in enterprises.