Striving to Achieve High Fidelity Cloud Security

By : Trisha Paine | Thursday, August 06 2020 - 17:30 IWST

Trisha Paine, Head of Cloud Marketing Programs, at Check Point Software Technologies
Trisha Paine, Head of Cloud Marketing Programs, at Check Point Software Technologies - Several attributes make posture management a particularly challenging component of maintaining cloud security. For starters, you cannot secure or scale a rapidly growing quantity and variety of cloud workloads without automation. Visibility, and end-to-end observability context, is difficult to obtain. Finally, the pure velocity and rate of constant change to security best practices, regulations, and resources makes cloud security posture management a challenge.

The Challenges of Cloud Security Posture Management

Security pros are faced with the challenge of securing everything across multiple clouds. Of course, it’s impossible to copy and paste security strategies from on-premises to cloud (or even from one cloud to the other). Cloud is no longer one fixed set of parameters that you can easily manage. Its ephemeral for a start and you must secure access, manage identities, and continuously audit and govern accounts, if you want to stay secure.

As cloud sprawl increases, the number of vulnerabilities you must cope with also expands on a daily basis. On top of this, security pros must also keep pace with the ever-increasing velocity of agile software deployment.

Visibility Limitations Hinder Cloud Security Posture Management

Viewed without context, events can be confusing or misleading. While this can result in amusing images, as seen on the subreddit, “Confusing Perspective,” lack of proper perspective can cripple your security efforts.

Cloud security posture management raises new challenges, including the need to look inside the cloud resources and understand runtime behaviour of various workloads, such as containers and serverless functions. In order to secure everything across your increasing cloud sprawl, you have to see what is happening.

With increasing sprawl of workloads across multiple public and private clouds, getting control of it all grows ever more difficult. Questions that appear simple can now be difficult to answer, such as:

How many accounts do we have?

Did the developers add machines, new functionality, or connect to the outside world?

Who put that there?

Is it configured properly?

To complicate things further, it can be difficult to understand where you have sensitive information within your infrastructure, particularly with ever-expanding SaaS stacks. Despite these challenges, such visibility remains vital in order to map to regulatory requirements.

A lack of end to end context around risk throughout the modern application life cycle is all too common. Visibility was a primary issue among respondents to The Oracle and KPMG Cloud Threat Report 2020. Important areas for improving visibility include finding workload configurations that are out of compliance (28%), an audit trail of system-level activity (27%), identifying misconfigured security groups (25%), and detecting external-facing server workloads that don’t route Internet traffic via jump/bastion host (25%).

Visibility Must Include End-to-End Context

This lack of context around risk also limits the ability to make effective security decisions and stop advanced attacks. Context required to make sense of data is necessary in order to identify and prioritise events, and mitigate the damage done by any successful attacks. Forbes Councils Member Albert Zhichun Li states, “Today, organisations have to accept that motivated attackers will find a way in. The real challenge becomes finding an attacker early in what is typically a long process.”

“Despite these efforts, attackers have a firm advantage in that they get practically an unlimited number of attempts to penetrate a network, and all it takes is one instance of security failing for an attack to be successful.”

Visibility should ideally be enhanced by high fidelity, enabling you to access detailed forensics, drill down to see malicious activity against specific assets, and assess the level of exposure.

Keeping Up with the Constant of Change

Security professionals must keep pace with frequent changes to not only the resources within an expanding cloud sprawl, but security best practices and compliance regulations.

Linn F. Freedman, partner, Robinson & Cole, writes, “State [data privacy and security] laws are being enacted at a rapid pace, and it is challenging to keep up, even when it is your job to do so. We spend a lot of time staying on top of newly enacted laws for our clients, but compliance officers/personnel are being overwhelmed with the complexity of being aware of, and complying with, new laws, many of which are obscure.”

Cloud Security Posture Management Requires Automation

It’s important to not only establish a security baseline, but actively enforce it. You must ensure that compliance rule sets and customised policies are built into the development stages as well as carried over to runtime.

Security and compliance teams must enable developers to maintain the speed they’re striving for. Unfortunately, these teams cannot scale alone to control the security and compliance posture of their cloud environment.

Security and compliance protections must follow the same automated path and self-publish. This requires the ability to automatically remediate or act against suggested remediation. This integration is vital to making sure that the deployment is compliant with internal and external rules.

News Comment

Today's Industry

Ilustration Asia-Pacific’s First and Largest Collaborative Robots Virtual Expo (Photo by Universal Robots)

Selasa, 22 September 2020 - 17:00 WIB

Universal Robots Hosts First Virtual Collaborative Robots Exhibition & Conference in Asia-Pacific

Gain actionable insights on flexible and cost-effective automation solutions addressing post-pandemic ROI and safety challenges for small & medium businesses.

Published BSIMM11, The Latest Version of The BSIMM (Photo by EEJournal)

Senin, 21 September 2020 - 18:30 WIB

Synopsys Publishes BSIMM11 Study Highlighting Fundamental Shifts in Software Security

BSIMM11 reflects the software security practices observed across 130 firms from multiple industry verticals including financial services, FinTech, independent software vendors, cloud, health…

New Cloud-Based Technology That Delivers Secure Remote Access (Photo by News Break)

Senin, 21 September 2020 - 17:15 WIB

Check Point Software Technologies Redefines Secure Remote Access for Enterprises

This technology will integrate with Check Point´s Infinity architecture, and become the easiest and most secure solution for enterprises need to enable employees´ secure remote access to any…

Spider Charts by Noting The Highest-Level Activity Observed for Each Practice BSIMM Participant

Senin, 21 September 2020 - 16:30 WIB

BSIMM11 and Industry Verticals: Regulated Industries (Financial services, healthcare, insurance)

The resulting spider chart plots these values on 12 spokes corresponding to the 12 practices.

Vaccine Covax-19

Kamis, 03 September 2020 - 16:05 WIB

$1m for Covax-19 vaccine work

The $1 million grant is one of 13 early stage biomedical projects to receive funding through the Federal Government’s Biomedical Translation Bridge (BTB) program, part of Australia’s landmark…