Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

2/25/2020
02:00 PM
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

Ensure Your Cloud Security Is as Modern as Your Business

Take a comprehensive approach to better protect your organization. Security hygiene is a must, but also look at your risk posture through a data protection lens.

People have been talking about making the transition to the cloud for more than a decade. The day that happens is no longer in the future: It's here now. More businesses than ever use multicloud environments to handle an increasing number of workloads as well as software-as-a-service applications for their core business processes. This shift brings cloud security to the forefront — and it's time for a fresh look at securing business in the cloud.

From a security standpoint, the cloud adds an extra layer of complexity on top of managing an increasingly mobile and demanding workforce. The old ways of building a rigid, static wall around our on-premises IT assets don't work for the cloud. Securing it requires a much more comprehensive approach.

Some IT professionals make the mistake of thinking basic cloud security is good enough. But there's a reason cloud data leaks continue to make headlines. One example: In 2019, a hacker gained access to around 100 million Capital One customers' accounts and credit card applications via a misconfigured Web application firewall. The fact that such a breach could occur the way it did means there's still something even the largest companies are missing.

But what is it? After speaking with CISOs, CTOs, and chief data officers, it's clear to me that we're still not speaking the language of cloud security in a way everybody can easily understand.

In addition, clarity is missing on who owns what part of cloud security and who is doing the necessary work to maintain it throughout the organization. It doesn't help that there is hidden or abstracted complexity in cloud platforms that's difficult to account for at all times. Combined with the rapid pace of technology change in general and the pressure that comes from the "push to production" in typical organizations, these factors all add to the overall risk we face in the cloud.

Here are three steps to consider that will make sure your cloud security is as modern as your business:

1. Converge Your People 
Align your IT decision-makers and your IT organization around an end-to-end view of infrastructure security and information protection that includes cloud environments. Start by standardizing the language used to discuss cloud and data security. It's the first step in furthering your organization's collective understanding.

Ongoing training also plays a role. Properly educated employees and users form a foundational piece of your security "stack," since they often serve as a first or potentially last line of defense. Instilling the idea that everyone plays a role in a security protection chain is vital because any disconnect within or between an organization's IT teams or employees can create exploitable gaps.

2. Converge Your Services and Tools
There's an interesting phenomenon regarding tools. CISOs are rightfully trying to reduce the number of diverse tools they have to manage. But on the cloud development side, there has been an explosion of tools and services being built for specific purposes. While many of these are consumed as managed services, they introduce a new demand on resources and potentially can increase risk. This is likely to continue until we see simplification and convergence.

As such, most CISOs are always looking to replace point solutions with integrated and converged security platform solutions. Seek platforms that provide security in the following areas:

  • Data loss prevention (DLP)
  • Endpoint protection
  • Network security (firewall-as-a-service and Secure SD-WAN)
  • Cloud security (cloud access security broker, or CASB, and Certified Security Project Manager if you deploy your own code)

A converged platform allows deployment of consistent policies across all levels and locations of your organization, and, importantly, it simplifies security management and gives data flow level visibility across your organization (from endpoint to cloud via the network). It also allows for real-time updates and responsiveness to changes in the organization and regulatory environment. GDPR and the California Consumer Privacy Act are just the beginning. As additional privacy regulations roll out, new policies will need to follow. Preparing for these is a must for most CISOs and data protection officers.

Modern cloud security incorporates solutions for a growing list of requirements: DLP, Web security, CASB, next-gen firewalls, elements of trust, etc. These should be complemented by behavioral analytics in order to apply the right level of user access controls across changing and disparate systems. Indicators of behavior, or IOBs, are the modern way to look at how users interact with company data, systems, and apps.

That's why today's cloud security requires utilizing converged services. Leveraging converged services is key to consolidating the number of tools in your security arsenal for maximum effectiveness and reducing operational burden.

3. Plan for a Data-Fluid Future
There's no way to put the genie back in the bottle. Cloud adoption will continue to accelerate because of the benefits it provides: cost and efficiency gains for businesses while offering employees flexibility to get work done wherever they are.

But adopting the cloud means your organization's data moves between users, apps, and cloud environments in more dynamic ways. All of this requires a data-centric approach to security protocols. Deciding to migrate workloads or adopt new cloud applications is the easy part; maintaining the right level of corresponding permissions and policies won't happen without a clear cloud security and information protection strategy.

Consider making changes to how you test your security framework. For example, in the past, penetration testing once a month might have made sense, but rapid alterations to cloud-based apps usually requires more frequent checks to ensure new vulnerabilities or attack surfaces are addressed.

There's no magic bullet for getting cloud security right. Take a comprehensive approach to better protect your organization. Security hygiene is still a must, but also look at your risk posture through a data protection lens and implement DLP and behavioral analytics. Endeavor to give everybody who touches data and the cloud a common language of cloud security they can all understand. And stay on your toes — the future is only getting cloudier.

Related Content:

Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's featured story: "SSRF 101: How Server-Side Request Forgery Sneaks Past Your Web Apps."

As Global CTO, Nico Fischbach drives corporate level vision, defines the research agenda, and pilots technology and architecture road maps that underpin Forcepoint's human-centric cybersecurity solutions. He is responsible for companywide innovation as well as Forcepoint ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 4/7/2020
The Coronavirus & Cybersecurity: 3 Areas of Exploitation
Robert R. Ackerman Jr., Founder & Managing Director, Allegis Capital,  4/7/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-21038
PUBLISHED: 2020-04-08
An issue was discovered on Samsung mobile devices with N(7.x) software. The Secure Folder app's startup logic allows authentication bypass. The Samsung ID is SVE-2018-11628 (December 2018).
CVE-2018-21039
PUBLISHED: 2020-04-08
An issue was discovered on Samsung mobile devices with N(7.0) software. With the Location permission for the compass feature in Quick Tools (aka QuickTools), an attacker can bypass the lockscreen. The Samsung ID is SVE-2018-12053 (December 2018).
CVE-2018-21040
PUBLISHED: 2020-04-08
An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (Exynos 9810 chipsets) software. There is a race condition with a resultant use-after-free in the g2d driver. The Samsung ID is SVE-2018-12959 (December 2018).
CVE-2018-21041
PUBLISHED: 2020-04-08
An issue was discovered on Samsung mobile devices with O(8.x) software. Access to Gallery in the Secure Folder can occur without authentication. The Samsung ID is SVE-2018-13057 (December 2018).
CVE-2020-11000
PUBLISHED: 2020-04-08
GreenBrowser before version 1.2 has a vulnerability where apps that rely on URL Parsing to verify that a given URL is pointing to a trust server may be susceptible to many different ways to get URL parsing and verification wrong, which allows an attacker to circumvent the access control. This proble...