Light Dark
February 8, 2021 By David Bisson 3 min read
Cloud Security

Like anyone who works with their hands, cybersecurity experts need the right tools for the job. As we’ll see in this blog and the series to follow, cloud-based threats need cloud native tools to combat them. Traditional security tools don’t provide the same level of functionality in the cloud as they do on premises.

According to GlobeNewswire, 82% of respondents to a 2020 study said their tools either provided limited functionality in the cloud or didn’t work at all. How is cloud security different, and what needs to be done to implement it?

These questions are critical because businesses are migrating their workloads to the cloud more and more. Almost a quarter of respondents to a May 2020 survey expected to move all of their applications to the cloud over the next 12 months. In addition, 68% of chief information officers (CIOs) considered “migrating to the public cloud and/or expanding private cloud” to be their top IT spending driver in 2020.

Common Myths About Cloud Native Tools

Despite the eagerness for migrating to the cloud, many organizations don’t completely understand the process of doing so. Approximately one-third (32%) of respondents surveyed consider migrating security tools to the cloud to be too difficult or too risky. Even so, nearly half (46%) of respondents say they would rather migrate on-premise products to the cloud rather than replace them with cloud security tools.

But since classic tools don’t cut it, that’s getting cloud protection all wrong.

Traditional Network Security Versus Cloud Security

Protecting the cloud is different from protecting on-premises data by nature. With the latter, the enterprise has sole responsibility for defense. They own the base IT landscape. This means they must put physical controls in place to prevent malicious actors from gaining access to their data center(s).

This full control means organizations can configure their systems and networks in any way they like. That has its pros and cons. In an effort to protect the resulting network layers, they could end up investing in disjointed and costly tools. They could also find themselves paying for more employees or external consultants who have the expertise to deploy those tools and keep their data safe.

On the other hand, the enterprise doesn’t have complete control over their defenses in the cloud. They’re bound by the shared responsibility model. We’ll talk about this more later, but for now the key is that it requires a partnership with an outside provider. That cloud service provider (CSP) protects the infrastructure that runs the services in its cloud. Meanwhile, it’s up to each enterprise to put defensive controls in place that secure their infrastructure configurations, applications and/or data.

Knowing what’s required of each group under the shared responsibility model and where cloud native tools fall can be confusing. A 2020 study found just eight percent of respondents fully understood this model across all cloud services — down from 18% a year earlier. As a result, organizations might miss out on some cloud native tools, such as application programming interface-driven automation and specialized security options, that they might not find for their on-premises assets They might also overlook their duties, such as the need to find a trusted provider that allows for compliance with relevant rules.

Fighting Cloud-Based Threats With Cloud Native Tools

Enterprise can’t achieve good defense in the cloud using only classic tools. Many of those tools don’t work in cloud landscapes. Also, they assume a level of control that enterprise doesn’t have in the cloud. That’s why they need to turn to native cloud security tools.

It’s a bit more nuanced than that, however. You can’t choose just any cloud-based solution. You need to fully understand your defense needs.

To help in that regard, the next blog post in this series will provide some background on the shared responsibility model. We’ll discuss how defensive roles vary depending on what cloud deployment model you’re using. As we’ll find out, you can then discover a cloud-based security solution that works for you.

 |  |  | 
David Bisson
Contributing Editor

More from Cloud Security
December 18, 2024

Cloud Threat Landscape Report: AI-generated attacks low for the cloud

2 min read - For the last couple of years, a lot of attention has been placed on the evolutionary state of artificial intelligence (AI) technology and its impact on cybersecurity. In many industries, the risks associated with AI-generated attacks are still present and concerning, especially with the global average of data breach costs increasing by 10% from last year.However, according to the most recent Cloud Threat Landscape Report released by IBM’s X-Force team, the near-term threat of an AI-generated attack targeting cloud computing…

December 4, 2024

Cloud threat report: Possible trend in cloud credential “oversaturation”

3 min read - For years now, the dark web has built and maintained its own evolving economy, supported by the acquisition and sales of stolen data, user login credentials and business IP. But much like any market today, the dark web economy is subject to supply and demand.A recent X-Force Cloud Threat Landscape Report has shed light on this fact, revealing a new trend in the average prices for stolen cloud access credentials. Since 2022, there has been a steady decrease in market…

November 14, 2024

Autonomous security for cloud in AWS: Harnessing the power of AI for a secure future

3 min read - As the digital world evolves, businesses increasingly rely on cloud solutions to store data, run operations and manage applications. However, with this growth comes the challenge of ensuring that cloud environments remain secure and compliant with ever-changing regulations. This is where the idea of autonomous security for cloud (ASC) comes into play.Security and compliance aren't just technical buzzwords; they are crucial for businesses of all sizes. With data breaches and cyber threats on the rise, having systems that ensure your…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature