Cloud security is the top barrier to cloud adoption. It needs to be approached differently from traditional data center solutions. Likewise, companies that have already adopted cloud technologies are also struggling with security. According to Gartner, 75% of security failures will result from inadequate management of identities, access and privileges by 2023, up from 50% in 2020.
Applying the right cloud security at the right time will insulate businesses from vulnerabilities. Here are six tools and strategies available to consider for improving cloud security:
1. Follow an integrated approach for zero-trust design and compliance.
The zero-trust model assumes breach and verifies each request as though it originates from an open network. Zero trust (never trust, always verify) is about three principles: 1. verify explicitly, 2. use least-privileged access and 3. assume breach.
Enterprises need to build security and compliance into the IT management process by implementing Zero Trust Network Access (ZTNA) and micro-segmentation to isolate workloads from one another and secure them at the granular level early in the design process. In addition, enterprises need to adopt threat modeling, micro-segmentation, cloud access security brokers (CASB) and secure access service edge (SASE) solutions early in the design process of secure enterprise landing zone in cloud.
2. Take a “Shift Left” approach.
Security is everyone’s responsibility. Shifting the security review process “left” — i.e., shift it earlier in the SDLC process — can result in a 50% effort reduction (and associated cost).
One way to do this is by combining DevOps and Security on the same team to adopt DevSecOPS frameworks. Being part of the same team would enable tighter integration of security throughout the process, leading to better security outcomes versus identifying security risks at the end. To maximize the benefits of the “Shift Left” approach, businesses should consider investing in automated security and compliance as code solutions.
3. Implement cloud asset protection and cloud threat detection.
In the public cloud, it’s essential to protect all assets; cloud access security brokers (CASB), cloud security posture management (CSPM) and cloud workload protection platform (CWPP) tools form a continuum of capabilities required to protect cloud assets.
To start, businesses should deploy CSPM tools as they enable constant communication, brainstorming and collaboration on solving security issues before they become problems. CSPM tools will help with detection (and orchestrating remediation actions) of configuration-related risks and monitor for issues including lack of encryption, improper encryption key management, extra account permissions and more.
Cloud technology is constantly changing, and — with multi-cloud adoption increasing — security teams need to continuously and proactively identify risks and threat signals to avoid data breaches or unauthorized access. With remote working, traditional network security controls aren’t enough. Endpoint signals and identity-based security are important for overall security posture.
Enterprises should also establish a next-generation Security Operations Center (SOC) with a cloud-based security information and event management (SIEM) system at the core. In a next-gen SOC, AI and ML would need to work seamlessly to help people focus on the right problems and right signals. Next-gen SOC should be centered around limiting the time and access attackers can gain to the organization’s assets in an attack to mitigate business risk. It should measure metrics like time to acknowledge (TTA), time to remediate (TTR) and the percentage of incidents auto-remediated.
Moreover, as businesses develop new business models based on IoT/IIoT technologies, I would suggest businesses explore integrating CPS/OT security monitoring data into SIEM and security, orchestration, analytics and reporting (SOAR) solutions.
Finally, given the growing sophistication in cyberattacks, businesses should create a joint threat intelligence ecosystem across cloud providers, government and niche security tool providers to share threat intelligence signals and joint remediation task force.
4. Extend data protection.
An optimal way to secure your data is to get data governance in place. In addition, enterprises need to re-examine their data strategy across the entire data lifecycle.
Enterprises need to be transparent on what data they capture and what purposes it can be used for. Encryption — both while data is in transit and data at rest — is insufficient for sensitive data; enterprises need to adopt confidential computing to protect highly sensitive data even during the processing.
Confidential computing makes it easier to trust the cloud provider by reducing the need for trust across various aspects of the compute cloud infrastructure. For example, it minimizes trust for the host OS kernel, the hypervisor, the VM admin and the host admin.
5. Use identity as perimeter.
In the public cloud, applications are now accessible anytime, anywhere, on any device. Unfortunately, that means traditional identity access and management (IAM) and privileged access management (PAM) solutions aren’t sufficient.
To overcome pervasive access and resource sprawl in cloud, enterprises need to consider digital identity and cloud infrastructure entitlements management (CIEM) solutions to reduce the risk of overprivileged cloud infrastructure entitlements associated with human and machine identities, including applications bots, services and more.
6. Develop a secure digital fluency program.
Finally, enterprises need to develop a secure digital fluency enablement program, focusing on cyberattack awareness and tools to notice any breach or cyberattack. Digital fluency is the ability to select and use the appropriate digital tools and technologies to achieve a particular outcome.
Security and compliance need to stay adaptive and agile.
Shifting the cloud-security mindset and focusing on its unique needs and applications is necessary for enterprises to stay protected and extract all their value from the cloud. While there’s no silver bullet in cybersecurity, what’s possible is a simplification with the “Shift Left” approach and zero-trust design. Being proactive and leveraging defensive AI will help fortify better business outcomes.