For years, the cloud has been rapidly expanding and is well on its way to becoming the primary compute platform for the world
At no time has the adoption been as rapid as in the past year, however, when the world had to forcibly rely and depend on the cloud – at scale.
To make matters more complex, the accelerated pace of change within cloud computing can challenge and perplex even the most advanced cyber-security teams. Exacerbating these challenges is IT teams’ reliance solely on their past experiences when approaching cloud security; they approach the cloud with a “this is how we’ve always done it” mentality, which often results in catastrophic outcomes.
To see evidence of these catastrophes, one needs only to look to the latest daily data breach headlines attributed to misconfigurations, overprivileged access, and identities with excessive permissions. The Cloud Native era has disrupted how data infrastructures of all kinds are provisioned, managed, and secured, while digital transformation and work-from-anywhere trends have massively amplified the number of access points to critical information.
Today, identities, human, non-human, machines, infrastructure, applications, and platform services have exploded access to information assets. Permissions, credentials, and vulnerabilities are constantly flowing between dynamic infrastructures, microservices, and data pipelines. A stark contrast between then (on premise) and now (in the cloud) is that then we strived to get everything set and then meticulously managed and controlled all changes. Now, nothing is set and things are continually changing. It could be argued that change is not managed, it’s expected, and therefore must be accommodated and embraced in the cloud native world.
Recently, I saw a graphic from an analysts report titled CIEM Vendor Landscape and Adjacencies’ and I was taken by how cloud security has evolved in three short years and is now being stratified and described (by Gartner). For example:
· CIEM – Cloud Infrastructure Entitlement Management
· CWPP – Cloud Workload Protection Platform
· CSPM – Cloud Security Posture Management
· CASB – Cloud Access Security Broker
· SSPM – SaaS Security Posture Management
· IAM – Identity and Access Management
· PAM – Privileged Access Management
· IGA – Identity Governance and Administration
What I extrapolate and find most compelling about this is that cloud security is enormous and is an increasingly expanding challenge; cloud security is evolving and is highly fluid and nuanced; cloud security tools are young and immature and cloud technology is rapidly evolving; and how tightly coupled cloud security and identity have become. I often tell people what’s so exciting about cybersecurity is, no matter when you get in into it, you’re getting in at the beginning of something.
We are definitely at the beginning of numerous technologies and capabilities in cloud computing. The multiple and various tools, capabilities and controls required to manage and maintain a multi-cloud, hybrid cloud and/or cloud-native environments are long and growing. Additionally, the solutions available today, from a sundry of vendors, is also long and continues to grow. The result is a landscape of siloed offerings with compelling marketing promises, but with solutions that might be described as Swiss cheese – appealing but having lots of holes.
Even large vendors, with multiple offerings addressing more than just one of the laundry list of acronyms created by Gartner, often fall short when it comes to unifying management, logs, analytics and multi-cloud deployments. This is often a result of their cloud suite being a compilation of acquired products. All of this is occurring because the delivery of new cloud technologies is out pacing our ability to develop the necessary security tools to secure the new advancements and technologies in the cloud.
As a company begins investigating cloud security solutions, I often advise them to be sure and consider the multiple use cases you (eventually) will have, even if you don’t have them today. The cloud moves fast and so will you as you grow and scale. Likewise, seek a platform that provides a broad range of functionality and integrations whether for your cloud network, your cloud applications and microservices, and provides you with both observability and remediation for when security issues arise. And since the majority of organizations leverage multiple clouds, seek solutions with strong industry partnerships and support for a broad range of cloud platforms. At minimum AWS, Azure, GCP, AlibabaCloud, vmware, OracleCloud, and IBMCloud should be on the list.
In the end, you must maintain agility, because you never know what amazing new capability or technology is coming out tomorrow or from whom. Ensure you have the platform and tools to enable you to use most any cloud with confidence.
About the Author
Grant Asplund is Growth Technologies Evangelist at Check Point software. Check Point Software Technologies Ltd is a leading provider of cyber security solutions to governments and corporate enterprises globally. Check Point’s solutions protect customers from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware and advanced targeted threats.
Featured image: ©Julien Eichinger