Skip to main content

Keep your head in the cloud: Three elements needed for cloud security success

(Image credit: Shutterstock / Blackboard)

Security is much more than just keeping an organization protected. The role of security is to be an enabler for DevOps, business initiatives and everything else touched by IT and human intelligence. To fulfill this role, security tools must be integrated, and responsibilities should be assigned to limit confusion. This will help prepare teams to defend complex cloud environments which businesses depend on.

Many organizations are realizing a single cloud investment is no longer the right approach. Every cloud service, private or public, offers varying tools and opportunities, from advanced machine learning tools to favorable storage costs. This simply means most organizations are looking to harness a multi-cloud strategy in one way or another. To facilitate the needs of DevOps and the multiple cloud environments businesses use requires a unified platform and security parity. The solution should not only automate security controls but also ensure that the business meets compliance for hosts and containers no matter the cloud provider. To ensure cloud security is a success businesses need to ensure the three elements, unification, automation and integration, are incorporated into their security protocols.

Deploy unified solutions

When taking a stark look at the current state of security, it's clear to see that the threat actor may be the same but the environment we are looking to protect, is very different! Traditional security tools cannot protect the cloud. They were never built to deal with dynamic cloud environments, even when they have been retrofitted - they are simply rendered useless to the attack types targeting cloud environments. Traditional security tools leave massive gaps in visibility and security. Many security teams have faced such challenges produced by point solutions. This has led to teams creating ad hoc approaches to attempt to address the gaps and lack of integration.

When looking to protect the cloud, use the cloud! A cloud-native security platform is the best way to truly remove the holes in visibility and scale to an organization’s needs, from containers to microservices. Armed with comprehensive visibility and continuous workload discovery, these platforms support efforts to identify vulnerabilities and ultimately help DevOps teams weave security into CI/CD workflows so that issues can be fixed before they reach production.

With the rapid rise of remote work, businesses needed to make cloud security more of a priority to ensure that teams can be more unified. CrowdStrike's 2020 Global Security Attitudes Survey found that 21 percent of UK respondents have modernized their security tools and increased the rollout of cloud technologies as employees have moved to work remotely. Despite a few businesses adopting this technology, many more will have to make the shift to ensure they can stay protected and enable the DevOps team to continue to innovate. It is also important to note that the pressure of remote working has increased the average time it takes organizations to identify an intruder. In the UK the time has gone up by more than 50 percent over the past year, from 39 hours in 2019 to 61 hours in 2020

It is imperative that security solutions are able to keep up with the pace of DevOps, as well as have the flexibility to work across any cloud and any service so that workloads, security and visibility continue operating without friction. It’s a multi-cloud, multi-service world, and security solutions need to live in it.

Automation is key

Development teams move quickly, taking an idea from conception to reality in a matter of days or weeks. The same is especially true when we look at the microservices running those ideas as their lifespan can be a matter of seconds. They are a great demonstration of how dynamic cloud environments can be. Businesses need to have eyes on everything from what is running, where and who is running it. Even attempting to do this manually or with an outdated solution is out of the question. This is where automated asset discovery and monitoring comes into its own. Organizations can have visibility across everything without slowing any business process.

Integrating security with CI/CD improves security by enabling a “shift left” approach. The main benefit of automation is it can quickly remedy vulnerabilities and security risks early on in the process. However it is important to prevent security holes from being introduced via infrastructure-as-code (IaC) templates. In June, a survey of 300 CISOs performed by IDC, revealed that 67 percent of respondents viewed security misconfigurations in production environments as their top concern. The discovery of misconfigurations can be automated which limits the chance of one impacting business services, later.

Automation stops security being a barrier to innovation for developers. Rather, it removes unseen complexities and allows for quick deployment by keeping businesses secure through better visibility from the outset.

Integrated security solutions are scalable

When renovating a business’ security strategy it is important to note that it can not operate in isolation, especially when working with DevOps. Integration allows security to work seamlessly with applications, cloud instances and cloud workloads.

Integration is the element which can turn an average security strategy to an effective one. When examining non-cloud native tools it's clear to see that they are not built to protect dynamic cloud environments; they are not optimized for cloud-native applications and make monitoring harder. They also require more manual intervention. In contrast, cloud-native solutions provide consistency across the entire cloud estate and beyond. Integrated tools allow security teams to breathe a sigh of relief as cloud-native solutions maintain security and compliance levels without as much heavy lifting as the on-premise tools that used to be relied on.

Creating the complete package

Combining the three elements described above creates a cloud-native security strategy which can support businesses as they grow. Cloud-native security platforms provide visibility and control across public, private, hybrid and multi-cloud environments. This, alongside automation, can allow security teams to focus on more larger tasks rather than identifying types of cloud misconfigurations that can be used to launch a cyberattack. Many problems are obviated much sooner - and the business sees success sooner.

Zeki Turedi, CTO EMEA, CrowdStrike

Zeki Turedi is an influential, tenacious and highly sought cybersecurity commentator, consultant and presenter. Zeki has extensive incident response & forensic knowledge within law enforcement, government and private sector. His specialties include incident response, malware analysis, threat intelligence, digital forensics, network forensics, digital investigations, data loss prevention, and advanced threat modelling.