Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

3/22/2018
10:30 AM
Rinki Sethi
Rinki Sethi
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

5 Ways to Get Ready for Public Cloud Deployment

Syncing security and product development early is now a "must do."

For many organizations, the public cloud has become the sole route to market for new product introductions. This cloud infrastructure is owned and managed by a third party, freeing up the organization from the maintenance and cost that comes with a private cloud setup. With that, speed and scale are the main reasons why developers are moving to the public cloud, and now is the best time for security teams to tighten their partnerships with product development and IT teams.

Although native public cloud controls provide basic infrastructure security, enterprises are still responsible for securing the data they put in the cloud. For this reason, it's important for security teams to get involved with product development early on to make sure that security considerations are baked into the product at all stages — well before the products ever reach the hands of customers.

Here are the top five things security teams should focus on when entering this next phase of public cloud deployment.

1. Demonstrate How Partnering with Security Teams Speeds Up the Product Development Process
A common misconception is that security teams slow down the product development process with seemingly unnecessary requirements and recommendations. However, the real concern should be how any redesign after a launch will slow down business processes and, ultimately, break customers' trust. Product teams that engage with their security teams early on — beginning with the ideation phase and continuing throughout the product development cycle — will enjoy a more effective process for new product introductions. By sitting side by side with product development and making security a truly integral part of the entire process, security teams can demonstrate the positive impact of identifying appropriate security requirements, understand the overall architecture, and be ready to go into production with confidence.

2. Understand the Development Life Cycle
How teams approach product development can vary from group to group and even from product to product. Security teams that invest in understanding each group's product development approach will gain a valuable understanding of the security controls that are needed to effectively defend against malicious activities. By making the entire product team aware of what's needed from a security perspective during product discussions, there's a better chance for collaboration when it comes time to do threat modeling, building in the right security capabilities, identifying the requirements for security testing, and pinpointing what the security operations team should be monitoring after the product is launched. Having these conversations directly with the product development team solves the significant problem of how to protect your data and your customers' data downstream.

3. Incorporate Testing Before and After Launch
There are no shortcuts when it comes to continuous testing, and it's unfortunately an often-overlooked part of the security stack. Before any product is made available to customers, you'll want to find issues before attackers do. A focus on testing is critical at all stages, and you will want to continue testing even after the product is live and deployed in the cloud. It's important for security and product development teams to understand that public cloud offers different types of services, from computing and storage to analytics, and each of these services has a unique set of security implications and threat scenarios that must be tested and solved for.

4. Ensure Continued Visibility
Security operations teams need to monitor activity in a way that is prevention-focused to stay one step ahead of adversaries. Many of the threat patterns remain the same for cloud-hosted workloads, but the conventional preventive measures used to thwart such threats don't easily apply. When moving products to the cloud, security teams need to identify mechanisms to achieve high-fidelity threat detection within the cloud and ensure continued visibility. With visibility, you can prevent attacks and ensure strong capabilities to combat sophisticated tools and tactics. By establishing the right logging and monitoring capabilities from initial design phases, you can leverage automation and other innovative technologies and processes, and set teams up for success.

5. Have Comprehensive Playbooks and an Incident Response Plan
There's no question that cloud security is now a board-level discussion. As security breaches continue to have outsize financial impact on organizations in all industries, executives and board members understand that cybersecurity threats are material risks that must be mitigated. It's essential that cybersecurity leadership have an open dialogue with the C-suite about material risks to the business, and form detailed advance response plans to counter and manage the scenarios most likely to occur.

Understand the key stakeholders when it comes to deployment in the public cloud — and how these individuals should be engaged if an incident does happen. With comprehensive playbooks and an incident response plan in place well before any incidents occur, the security team can work with stakeholders to be prepared to address the attack surface in the public cloud environment.

Related Content:

Interop ITX 2018

Join Dark Reading LIVE for two cybersecurity summits at Interop ITX. Learn from the industry's most knowledgeable IT security experts. Check out the security track here. Early Bird Rates Expire Friday March 23. Use Promo Code DR200 to Save $200 

Rinki Sethi is Senior Director of Security Operations and Strategy at Palo Alto Networks. She is responsible for building a world-class security operations center that includes capabilities such as threat management, security monitoring, and threat intelligence. Rinki is also ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Where Businesses Waste Endpoint Security Budgets
Kelly Sheridan, Staff Editor, Dark Reading,  7/15/2019
US Mayors Commit to Just Saying No to Ransomware
Robert Lemos, Contributing Writer,  7/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2002-0390
PUBLISHED: 2019-07-21
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-0639. Reason: This candidate is a reservation duplicate of CVE-2002-0639. Notes: All CVE users should reference CVE-2002-0639 instead of this candidate. All references and descriptions in this candidate have been removed to prevent ...
CVE-2018-17210
PUBLISHED: 2019-07-20
An issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4. The core components that create and launch a print job do not perform complete verification of the session cookie that is supplied to them. As a result, an attacker with guest/pseudo-guest level permissions can bypass t...
CVE-2019-12934
PUBLISHED: 2019-07-20
An issue was discovered in the wp-code-highlightjs plugin through 0.6.2 for WordPress. wp-admin/options-general.php?page=wp-code-highlight-js allows CSRF, as demonstrated by an XSS payload in the hljs_additional_css parameter.
CVE-2019-9229
PUBLISHED: 2019-07-20
An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A to F7.20A.251. An internal interface exposed to the link-local address 169.254.254.253 allows attackers in the local network to access multiple quagga VTYs. Attackers can...
CVE-2019-12815
PUBLISHED: 2019-07-19
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.