Blog
Network And Security Integration: Keeping Up With SASE
Read More
Enterprises continue to move their IT environment to public clouds with infrastructure, platforms, and/or software as a service (IaaS, PaaS, SaaS). Those organizations are finding the shift to cloud computing requires a different set of skills and knowledge to deal with the complexities of securing a cloud environment. “You can’t perfectly translate everything you do in a physical data center or security role into cloud security,” says Gerry Wollam, Senior Cybersecurity Solutions Architect at Sayers.
Understanding the challenges and priorities of cloud security can help you map a smoother path to the cloud for your organization.
One of the biggest challenges businesses face in moving to the cloud is knowing what cloud security tools and technologies they’ll need. A Palo Alto Networks study, The State of Cloud-Native Security Report 2023, found:
77% of organizations struggle to identify what security tools are necessary to achieve their objectives.
As organizations increasingly develop and deploy applications in the cloud, the same study shows 72% of organizations report an above-average turnover rate in cloud security roles.
Rather than hiring dedicated cloud security talent, some businesses think their traditional data center or security teams can take on cloud security as additions to their jobs, despite the specialized skillsets needed.
The technical complexities of cloud security combined with a shortage of talent to manage it has led to related challenges including misconfiguration of security tools, failure to meet compliance requirements, and slower response to security issues.
According to the Palo Alto Networks study, 42% of organizations reported an increase in the mean time to remediate cybersecurity incidents and threats after moving to the cloud.
Hundreds of vendors offer solutions for cloud security, spanning IaaS, PaaS, and SaaS. As a result, many organizations end up deploying myriad point technologies that may or may not be part of a well-thought and comprehensive cloud security strategy.
Another common mistake is to assume one or two security tools will provide all the cloud security you’ll need. That’s a big assumption, given Gartner has identified the top five priorities for cloud security as:
Mapping a strategy to your own organization’s priorities has to consider first how you’re using the cloud.
“It’s not always the same toolset for every use case,” says Ken Wisniewski, Sayers Senior Security Architect. “For example, the technology solutions to apply most appropriately to platform as a service are going to be different than those for infrastructure as a service with virtual machines. If you’re using cloud for IaaS, what are you doing around identity management and posture management? How are you handling workload protection?”
Those types of questions can lead to a deeper layer of inquiry and consideration for each cloud security priority:
Cloud-native application protection platforms (CNAPP) combine several security and compliance capabilities to secure cloud-native applications across the development and production lifecycle. This can provide the data to alert you, for example, if you have vulnerable configurations running in your cloud environment or are using a container with known risks.
Cloud security posture management (CSPM) tools identify cloud platform configuration problems and compliance risks in the cloud, gauging them against a regulatory framework or a custom check you’ve created.
SaaS Security Posture Management (SSPM) includes API-driven integrations and focuses on areas including SaaS risk assessment, configuration drift monitoring, and security control automation. SSPM is an offshoot of cloud access security broker (CASB), which focuses on areas including compliance risks, adaptive access control, and threat protection.
Wisniewski says:
“We need to understand where an organization is, what their objectives are, and what their future looks like in the cloud before we can recommend the right tech stack for their needs.”
For more about cloud security technologies, see A Guide To Cloud Security Technologies And Vendor Landscape.
The complexity of securing your organization’s clouds might make you wonder where to start. A third-party cloud assessment, which Sayers offers, can identify gaps in your current infrastructure and security in the cloud. This becomes a first step before building out a roadmap to a more secure and agile IT environment for your organization.
Though not as comprehensive as a cloud assessment, our cloud security workshops are a no-cost option to consider.
Basic questions to ask even before conducting a comprehensive assessment include:
Questions? Contact us at Sayers today to learn how to create a cloud security strategy for your business.
