5 Things Every CISO Needs to Know in Securing Data and Applications in the Cloud

As a CISO, necessary visibility is required to continuously monitor threats and ensure compliance in the cloud. These five considerations will help you to embrace cloud security and its benefits.

22 dg 040 adversaries target weak points
CrowdStrike

Digital transformation has pushed organisations to adopt a hybrid IT approach and created a mix of on-premises and cloud infrastructure that has to be supported and protected.

Unfortunately, while hybrid IT holds significant promise for businesses when it comes to creating efficiencies and speeding the delivery of applications and services, it also introduces a new set of challenges.

As cloud environments become more complex and distributed, stitching together a comprehensive view of cloud activity is a vital part of enterprise security.  To embrace the cloud with confidence, there are five things every CISO will need to know.

Keeping up with the new normal

Poor visibility can lead to all manner of security risks, from data loss to credential abuse to cloud misconfigurations. It is one of the biggest challenges facing CISOs today as they look to adopt cloud technologies. In a survey from Enterprise Strategy Group, researchers revealed that 33% of respondents felt a lack of visibility into the activity of the infrastructure hosting their cloud-native applications was the biggest challenge involved in securing those apps.

That should come as no surprise. Some of the difficulties businesses are facing can be traced to the rapid changes to the environment that DevOps introduces in the name of speed and scalability. From microservices to containers, modernising your operation with cloud-native applications can come at a cost to security. For example, the short lifespan of microservices means they are being spun up and down frequently, which challenges organisations’ ability to maintain a clear view of their cloud environments. Containers face a similar challenge, as many are also short-lived. While this approach effectively reduces the attack surface, it also makes obtaining full visibility more complex.

Another challenge to visibility is shadow IT. As DevOps teams push back against anything that slows them down, they often increase their use of shadow IT. This is not something done out of malice but out of necessity. If IT cannot respond to requests to provision resources fast enough — or developers prefer unapproved applications they believe will increase their productivity — IT may find itself out of the loop.

By definition, shadow IT is outside the view of IT security, which increases the probability that vulnerabilities, misconfigurations and policy violations will go undetected. In a similar vein, though the growth of user self-provisioning may be good for speed, it is not without its drawbacks when it comes to security. By making the power to provision resources more decentralised, organisations can create an environment that allows for increased agility but does so at the expense of visibility.

Meeting the Challenge: Five Things You Need To Know

Embracing the cloud requires a comprehensive approach to security that emphasises both monitoring and real-time workload protection. In the IDG Cloud Computing Study 2020 report, 92% of organisations said their IT environment is at least somewhat in the cloud. Additionally, 55% of respondents said they use multiple public clouds, with 21% using three or more.

Defending the multi-cloud environments that organisations have to protect today requires keeping track of what is going on across any number of cloud instances. While cloud providers often have their own tools, those solutions are typically designed for the provider’s own infrastructure and not others, leaving many organisations in need of more advanced capabilities that can cover multiple clouds so that they can maintain security and compliance.

The following are the capabilities CISOs should consider as they look to embrace the cloud securely:

A solution that scales: As your organisation grows, your security needs will grow as well. An effective solution must be able to scale up or down as needed to provide the protection your organisation requires across containers, multi-cloud environments, virtual machines and more.

Portability: Businesses should not need to redo security every time they deploy a new cloud instance or utilise different cloud providers; security should be automated and extend to new cloud instances as they are deployed.

Integrated security: Integrated security reduces complexity. CISOs should be looking for a cloud-native security platform that can offer a cloud security posture management solution, cloud workload protection, and container security in a single, unified solution instead of relying on multiple tools and consoles.

Always on: When it comes to cloud security, simplicity should be the rule. DevOps teams need to be able to turn on automated security through their normal workflows to keep pace with the speed of app delivery and ensure that they can meet security and compliance requirements.

Comprehensive and actionable: The security solution should monitor the environment and provide a complete view of the organisation’s security posture. By leveraging high levels of automation, the right security solution can speed the time to remediation and reduce the noise for security teams dealing with alert fatigue. Bolstered by threat intelligence, these capabilities will empower security teams to take more effective actions.

A Way Forward

Whether on-premises or in the cloud, protecting data, systems and applications begins with having a clear view of what is happening in the environment. As organisations look to expand their footprint in the cloud, they must choose a solution that supports security and compliance across their entire IT environment. As a CISO you need to make it your mission that you have the ability to gain the visibility you need to continuously monitor threats and ensure compliance in the cloud. Doing so will help minimise risk in the new cloud-driven ecosystem while enabling DevOps to deploy applications with greater speed and efficiency.

Written by David Puzas
Head of Cloud Security Product Marketing - CrowdStrike

Connect with CrowdStrike here or contact our APJ Cloud Expert: Chris Hosking

Related:

Copyright © 2022 IDG Communications, Inc.