[BreachExchange] Why Multi-cloud Security Requires Rethinking Network Defense

[Audrey McNeil]

https://www.securityweek.com/why-multi-cloud-security-
requires-rethinking-network-defense

Companies are utilizing the public cloud as their primary route to market
for creating and delivering innovative applications. Striving to gain a
competitive advantage, organizations of all sizes and in all vertical
sectors now routinely tap into infrastructure as a service, or IaaS, and
platform as a service, or PaaS, to become faster and more agile at
improving services through applications.

Along the way, companies are working with multiple cloud providers to
create innovative new apps with much more speed and agility. This approach
is opening up unprecedented paths to engage with remote workers, suppliers,
partners and customers. Organizations that are good at this are first to
market with useful new tools, supply chain breakthroughs and customer
engagement innovations.

There’s no question that IaaS, PaaS and their corollary, DevOps, together
have enabled businesses to leapfrog traditional IT processes. We are
undergoing a digital transformationof profound scope – and things are just
getting started. Companies are beginning to leverage the benefits of being
able to innovate with unprecedented agility and scalability; however, to
take this revolution to the next level, we must take a fresh approach to
how we’re securing our business networks.

Limits to legacy defense

Simply put, clunky security approaches, pieced together from multiple
vendors, result in a fragmented security environment where IT teams must
manually correlate data to implement actionable security protections. This
level of human intervention increases the likelihood for human error,
leaving organizations exposed to threats and data breaches. What’s more,
security tools that are not built for the cloud significantly limit the
agility of development teams.

Cloud collaboration, fueled by an array of dynamic and continually
advancing platforms, is complex; and this complexity has introduced myriad
new layers of attack vectors. We’ve seen how one small oversight, such as
forgetting to change the default credentials when booting up a new
cloud-based workload, can leave an organization’s data exposed or allow
attackers to leverage resources to mine cryptocurrency.

Clearly the need to rethink security for our cloud apps has become urgent.
What’s really needed is an approach that minimizes data loss and downtime,
while also contributing to faster application development, thus allowing
the business to experience robust growth. It should be possible to keep
companies free to mix and match cloud services, and to innovate seamlessly
on the fly, while also reducing the attack surface that is readily
accessible to malicious parties.

Frictionless security

The good news is that the cybersecurity community recognizes this new
exposure, and industry leaders are innovating, as well, applying their
expertise to prevent successful cyberattacks. It is, indeed, possible to
keep companies free to mix and match multiple cloud providers, and to
innovate seamlessly on the fly, while also reducing opportunities for
attack. Ideally, cloud security should speed application development and
business growth, while preventing data loss and business downtime.

This requires three key capabilities: advanced application and data breach
prevention, consistent protection across locations and clouds, and
frictionless deployment and management. Security delivered through private
cloud, public cloud and SaaS security capabilities can work together to
eliminate the wide range of cloud risks that can cause breaches.

When you think about it, a different approach to cloud security is
inevitable. There’s every reason to drive toward wider use of
enterprise-class cloud security capabilities integrated into the cloud app
development lifecycle. It’s vital to make cloud security frictionless – for
both the development teams and the security teams. This is a linchpin to
fulfilling the potential of cloud-centric commerce. We must move toward
frictionless security systems, designed to be just as fast and agile as the
cloud-based business operations they protect.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180405/508d976a/attachment.html>