Skip to main content

Our website uses cookies to give you the most optimal experience online by: measuring our audience, understanding how our webpages are viewed and improving consequently the way our website works, providing you with relevant and personalized marketing content.
You have full control over what you want to activate. You can accept the cookies by clicking on the “Accept all cookies” button or customize your choices by selecting the cookies you want to activate. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button. Please find more information on our use of cookies and how to withdraw at any time your consent on our privacy policy.

Managing your cookies

Our website uses cookies. You have full control over what you want to activate. You can accept the cookies by clicking on the “Accept all cookies” button or customize your choices by selecting the cookies you want to activate. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button.

Necessary cookies

These are essential for the user navigation and allow to give access to certain functionalities such as secured zones accesses. Without these cookies, it won’t be possible to provide the service.
Matomo on premise

Marketing cookies

These cookies are used to deliver advertisements more relevant for you, limit the number of times you see an advertisement; help measure the effectiveness of the advertising campaign; and understand people’s behavior after they view an advertisement.
Adobe Privacy policy | Marketo Privacy Policy | Pardot Privacy Policy | Oktopost Privacy Policy | MRP Privacy Policy | AccountInsight Privacy Policy | Triblio Privacy Policy

Social media cookies

These cookies are used to measure the effectiveness of social media campaigns.
LinkedIn Policy

Our website uses cookies to give you the most optimal experience online by: measuring our audience, understanding how our webpages are viewed and improving consequently the way our website works, providing you with relevant and personalized marketing content. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button. Please find more information on our use of cookies and how to withdraw at any time your consent on our privacy policy.

How cloud security is evolving to a platform centric approach-Part 2

In the first part of the article, we reviewed how a unified approach for cloud security becomes necessary to face a dynamic set of security challenges. In this second part, we will share a few tips to prepare yourself for the cloud security journey with a set of new recommendations and tools.

Why cloud security should be more platform-centric

The secure lane between data center, cloud and multi-cloud

Enterprises use a wide variety of cloud solutions which must be protected from various threats and attacks. As siloed security solutions become more prevalent, companies will need to implement security tooling in order to gain an integrated view over their entire IT environment. Although public clouds are the best protected platforms, they only provide us with tools. The responsibility of defining and deciding which security controls to use lies with the business in question, and it shouldn’t be taken lightly, given the importance of cloud security. In order to determine what these tools should do, we need to decide what type of assets we want to protect and how we need to protect them. Various sources provide guidelines and baselines for this, such as the Center for Internet Security (CIS).

The CIS framework provides an internationally accepted standard for cybersecurity and a benchmark for cloud provider platforms, as it maps to the most important industry and overall security frameworks, including ISO, NIST, PCI and HIPAA. The CIS controls incorporate principles from these frameworks, but it doesn’t necessarily mean that by implementing them a company is automatically PCI or HIPAA compliant. They still need to be evaluated individually by company and sometimes by environment in order to achieve the best possible results.

Although Azure Security Center, AWS Security Hub and Google Cloud’s Security Command Center are native security monitoring services, companies may use IaaS, PaaS and SaaS from other providers to go multi-cloud. This in turn requires a more overall and integrated view of their security solutions. Once the enterprise goes multi-cloud, it will need an integrated security solution with SIEM and SOAR — which demands a unit that can work with these systems and trigger the correct measures in response to security events. Usually, a security operations center (SOC) is used for this role, or it is outsourced to a company that specializes in security services.

Start by building a secure foundation

Although some may argue that cloud security tenets are the same as the foundational cybersecurity triad of confidentiality, integrity and availability, innovations in the cloud occur almost daily. This increases the difficulty of protecting our workloads in the cloud, unless we keep track of adversaries and their latest tricks.

It is also essential to ensure that we can quickly and efficiently respond to threats, by practicing periodic fire drills and exercises designed to emulate existing threats. We see more and more enterprises using the MITRE ATT&CKTM framework to detect new threats, which has almost 200 techniques in its arsenal for this purpose. Observing and mapping emerging techniques is useful in this situation and security service providers with skilled personnel can implement them into controls for remediation.

Recommendations

  • Prioritize security above all else when starting your journey to the cloud

  • Address the major security blind spots and get the most prevailing threats out of the way before building a comprehensive security and governance framework to future-proof your digital ambitions

  • Get help from a specialized cloud security partner who can implement incident response capabilities, has tools that integrate with your hybrid and multi-cloud environment, and is capable of automating security operations and policy enforcement

Conclusion

According to Gartner®, “more than 85% of organizations will embrace a cloud-first principle by 2025 and will not be able to fully execute on their digital strategies without the use of cloud-native architectures and technologies.

In a world where threats evolve and are subjects to constant innovation, cloud security must be highly adaptive in order to keep up. We must stay focused on understanding the mechanics of the newest threats to stay adaptive and implement fast and effective solutions. Cloud-native technologies and a cloud-focused mindset will play an important role in protecting hybrid environments.

A platform-centric approach is therefore necessary for the visibility, detection and remediation of threats in cloud workloads — from development to runtime. Another important factor is ensuring your security operations (SecOps) team is ready to give up the old legacy tools and adopt and adapt to the newest requirements. Don’t let gaps in architecting skills slow down or inhibit the process of designing and implementing evolved security measures.

Share this article

About the author

Gabriel Priceputu

Lead Security Architect at Atos

Gabriel Priceputu is a Lead Security Architect at Atos, responsible for developing “peace-of-mind as a service” security services that help organizations identify and mitigate risks in their cloud and enterprise environments, and enhance their overall security posture.

Prior to joining Atos, Gabriel spent more than 25 years at different companies in various IT roles, where he designed and implemented solutions that fulfilled their business needs. Outside of tinkering in the cyberspace, Gabriel enjoys photography and horseback riding with friends.

Follow or contact Gabriel