Cloud

3/22/2018
10:30 AM
Rinki Sethi
Rinki Sethi
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

5 Ways to Get Ready for Public Cloud Deployment

Syncing security and product development early is now a "must do."

For many organizations, the public cloud has become the sole route to market for new product introductions. This cloud infrastructure is owned and managed by a third party, freeing up the organization from the maintenance and cost that comes with a private cloud setup. With that, speed and scale are the main reasons why developers are moving to the public cloud, and now is the best time for security teams to tighten their partnerships with product development and IT teams.

Although native public cloud controls provide basic infrastructure security, enterprises are still responsible for securing the data they put in the cloud. For this reason, it's important for security teams to get involved with product development early on to make sure that security considerations are baked into the product at all stages — well before the products ever reach the hands of customers.

Here are the top five things security teams should focus on when entering this next phase of public cloud deployment.

1. Demonstrate How Partnering with Security Teams Speeds Up the Product Development Process
A common misconception is that security teams slow down the product development process with seemingly unnecessary requirements and recommendations. However, the real concern should be how any redesign after a launch will slow down business processes and, ultimately, break customers' trust. Product teams that engage with their security teams early on — beginning with the ideation phase and continuing throughout the product development cycle — will enjoy a more effective process for new product introductions. By sitting side by side with product development and making security a truly integral part of the entire process, security teams can demonstrate the positive impact of identifying appropriate security requirements, understand the overall architecture, and be ready to go into production with confidence.

2. Understand the Development Life Cycle
How teams approach product development can vary from group to group and even from product to product. Security teams that invest in understanding each group's product development approach will gain a valuable understanding of the security controls that are needed to effectively defend against malicious activities. By making the entire product team aware of what's needed from a security perspective during product discussions, there's a better chance for collaboration when it comes time to do threat modeling, building in the right security capabilities, identifying the requirements for security testing, and pinpointing what the security operations team should be monitoring after the product is launched. Having these conversations directly with the product development team solves the significant problem of how to protect your data and your customers' data downstream.

3. Incorporate Testing Before and After Launch
There are no shortcuts when it comes to continuous testing, and it's unfortunately an often-overlooked part of the security stack. Before any product is made available to customers, you'll want to find issues before attackers do. A focus on testing is critical at all stages, and you will want to continue testing even after the product is live and deployed in the cloud. It's important for security and product development teams to understand that public cloud offers different types of services, from computing and storage to analytics, and each of these services has a unique set of security implications and threat scenarios that must be tested and solved for.

4. Ensure Continued Visibility
Security operations teams need to monitor activity in a way that is prevention-focused to stay one step ahead of adversaries. Many of the threat patterns remain the same for cloud-hosted workloads, but the conventional preventive measures used to thwart such threats don't easily apply. When moving products to the cloud, security teams need to identify mechanisms to achieve high-fidelity threat detection within the cloud and ensure continued visibility. With visibility, you can prevent attacks and ensure strong capabilities to combat sophisticated tools and tactics. By establishing the right logging and monitoring capabilities from initial design phases, you can leverage automation and other innovative technologies and processes, and set teams up for success.

5. Have Comprehensive Playbooks and an Incident Response Plan
There's no question that cloud security is now a board-level discussion. As security breaches continue to have outsize financial impact on organizations in all industries, executives and board members understand that cybersecurity threats are material risks that must be mitigated. It's essential that cybersecurity leadership have an open dialogue with the C-suite about material risks to the business, and form detailed advance response plans to counter and manage the scenarios most likely to occur.

Understand the key stakeholders when it comes to deployment in the public cloud — and how these individuals should be engaged if an incident does happen. With comprehensive playbooks and an incident response plan in place well before any incidents occur, the security team can work with stakeholders to be prepared to address the attack surface in the public cloud environment.

Related Content:

Interop ITX 2018

Join Dark Reading LIVE for two cybersecurity summits at Interop ITX. Learn from the industry's most knowledgeable IT security experts. Check out the security track here. Early Bird Rates Expire Friday March 23. Use Promo Code DR200 to Save $200 

Rinki Sethi is Senior Director of Security Operations and Strategy at Palo Alto Networks. She is responsible for building a world-class security operations center that includes capabilities such as threat management, security monitoring, and threat intelligence. Rinki is also ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Microsoft, Mastercard Aim to Change Identity Management
Kelly Sheridan, Staff Editor, Dark Reading,  12/3/2018
Windows 10 Security Questions Prove Easy for Attackers to Exploit
Kelly Sheridan, Staff Editor, Dark Reading,  12/5/2018
Starwood Breach Reaction Focuses on 4-Year Dwell
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/5/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: I guess this answers the question: who's watching the watchers?
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19980
PUBLISHED: 2018-12-08
Anker Nebula Capsule Pro NBUI_M1_V2.1.9 devices allow attackers to cause a denial of service (reboot of the underlying Android 7.1.2 operating system) via a crafted application that sends data to WifiService.
CVE-2018-19961
PUBLISHED: 2018-12-08
An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes.
CVE-2018-19962
PUBLISHED: 2018-12-08
An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones.
CVE-2018-19963
PUBLISHED: 2018-12-08
An issue was discovered in Xen 4.11 allowing HVM guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because x86 IOREQ server resource accounting (for external emulators) was mishandled.
CVE-2018-19964
PUBLISHED: 2018-12-08
An issue was discovered in Xen 4.11.x allowing x86 guest OS users to cause a denial of service (host OS hang) because the p2m lock remains unavailable indefinitely in certain error conditions.