Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa Bay news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Charlotte news in your inbox

Catch up on the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Illustration: Sarah Grillo/Axios

Moving data storage and processing to the cloud ameliorates some cybersecurity vulnerabilities while heightening others, according to a study published last week by the Carnegie Endowment for International Peace.

The big picture: More and more segments of both the public and private sectors are shifting their systems to the cloud, primarily relying in the U.S. on a handful of companies, chief among them Amazon, Microsoft and Google.

On the one hand, says the report, the centralization of data storage services provides many public and private entities with more advanced cybersecurity protections than what they possess internally.

  • “[T]he reality [is] that most organizations—governments and companies—cannot effectively protect themselves. Very few organizations can rival the security teams of the major CSPs [cloud service providers] and are therefore better off entrusting their security to these external firms’ security teams.”
  • “This does not mean that the cloud is secure,” says the report, “but it is more secure relative to the security measures most organizations could otherwise achieve.”

On the other hand, the report finds a significant “emerging problem is the systemic risk associated with a centralized approach.”

  • That is, the concentration of power and data among what the authors call the CSP “oligopoly” means that, though they may have advanced security infrastructure, a potential breach of even one of these services could be catastrophic.
  • Worries about over-reliance on a single CSP has led U.S. government agencies to move toward a "multicloud" strategy in order to minimize risks associated with relying on one firm, says the report.
  • That includes the CIA, which entered into a contract with Amazon Web Services to build it a bespoke cloud system in 2013 but is now in the process of soliciting bids for a multicloud solution.

Meanwhile: The major U.S.-based cloud services are also beginning to be challenged by Chinese firms like Alibaba and Tencent for market share across Asia, says the report, a finding that comes as the U.S. and China swap blows over mutual attempts to blunt each other’s technological influence around the world.

Go deeper

Biden promises retaliation for cyberattack on government agencies

Joe Biden speaking in Atlanta on Dec. 15. Photo: Jim Watson/AFP via Getty Images

President-elect Biden on Thursday said that a suspected Russian cyberattack on multiple government agencies and U.S. companies "is a matter of great concern" and promised to impose "substantial costs" to those responsible for the attack.

Driving the news: Biden's statement came just hours after the Cybersecurity and Infrastructure Agency alerted that evidence suggested that additional malware was used in what it described as “a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations.”

Updated 1 hour ago - Politics & Policy

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Health: Coronavirus deaths reach 4,000 per day as hospitals remain in crisis mode — CDC warns highly transmissible coronavirus variant could become dominant in U.S. in March.
  2. Politics: Biden says, "We will manage the hell out of" vaccine distribution — Biden taps ex-FDA chief to lead Operation Warp Speed amid rollout of COVID plan — Widow of GOP congressman-elect who died of COVID-19 will run to fill his seat.
  3. Vaccine: Battling Black mistrust of the vaccines"Pharmacy deserts" could become vaccine deserts — Instacart to give $25 to shoppers who get vaccine.
  4. Economy: Unemployment filings explode againFed chair: No interest rate hike coming any time soon —  Inflation rose more than expected in December.
  5. World: WHO team arrives in China to investigate pandemic origins.

NRA declares bankruptcy, says it will reincorporate in Texas

Wayne LaPierre of the National Rifle Association (NRA) speaks during CPAC in 2016. Photo: Saul Loeb/AFP via Getty Images

The National Rifle Association said Friday it has filed for Chapter 11 bankruptcy and will seek to reincorporate in Texas, calling New York, where it is currently registered, a "toxic political environment."

The big picture: The move comes just months after New York Attorney General Letitia James filed a lawsuit to dissolve the NRA, alleging the group committed fraud by diverting roughly $64 million in charitable donations over three years to support reckless spending by its executives.