Light Dark
February 8, 2021 By David Bisson 3 min read
Cloud Security

Like anyone who works with their hands, cybersecurity experts need the right tools for the job. As we’ll see in this blog and the series to follow, cloud-based threats need cloud native tools to combat them. Traditional security tools don’t provide the same level of functionality in the cloud as they do on premises.

According to GlobeNewswire, 82% of respondents to a 2020 study said their tools either provided limited functionality in the cloud or didn’t work at all. How is cloud security different, and what needs to be done to implement it?

These questions are critical because businesses are migrating their workloads to the cloud more and more. Almost a quarter of respondents to a May 2020 survey expected to move all of their applications to the cloud over the next 12 months. In addition, 68% of chief information officers (CIOs) considered “migrating to the public cloud and/or expanding private cloud” to be their top IT spending driver in 2020.

Common Myths About Cloud Native Tools

Despite the eagerness for migrating to the cloud, many organizations don’t completely understand the process of doing so. Approximately one-third (32%) of respondents surveyed consider migrating security tools to the cloud to be too difficult or too risky. Even so, nearly half (46%) of respondents say they would rather migrate on-premise products to the cloud rather than replace them with cloud security tools.

But since classic tools don’t cut it, that’s getting cloud protection all wrong.

Traditional Network Security Versus Cloud Security

Protecting the cloud is different from protecting on-premises data by nature. With the latter, the enterprise has sole responsibility for defense. They own the base IT landscape. This means they must put physical controls in place to prevent malicious actors from gaining access to their data center(s).

This full control means organizations can configure their systems and networks in any way they like. That has its pros and cons. In an effort to protect the resulting network layers, they could end up investing in disjointed and costly tools. They could also find themselves paying for more employees or external consultants who have the expertise to deploy those tools and keep their data safe.

On the other hand, the enterprise doesn’t have complete control over their defenses in the cloud. They’re bound by the shared responsibility model. We’ll talk about this more later, but for now the key is that it requires a partnership with an outside provider. That cloud service provider (CSP) protects the infrastructure that runs the services in its cloud. Meanwhile, it’s up to each enterprise to put defensive controls in place that secure their infrastructure configurations, applications and/or data.

Knowing what’s required of each group under the shared responsibility model and where cloud native tools fall can be confusing. A 2020 study found just eight percent of respondents fully understood this model across all cloud services — down from 18% a year earlier. As a result, organizations might miss out on some cloud native tools, such as application programming interface-driven automation and specialized security options, that they might not find for their on-premises assets They might also overlook their duties, such as the need to find a trusted provider that allows for compliance with relevant rules.

Fighting Cloud-Based Threats With Cloud Native Tools

Enterprise can’t achieve good defense in the cloud using only classic tools. Many of those tools don’t work in cloud landscapes. Also, they assume a level of control that enterprise doesn’t have in the cloud. That’s why they need to turn to native cloud security tools.

It’s a bit more nuanced than that, however. You can’t choose just any cloud-based solution. You need to fully understand your defense needs.

To help in that regard, the next blog post in this series will provide some background on the shared responsibility model. We’ll discuss how defensive roles vary depending on what cloud deployment model you’re using. As we’ll find out, you can then discover a cloud-based security solution that works for you.

 |  |  | 
David Bisson
Contributing Editor

More from Cloud Security
April 9, 2024

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

April 4, 2024

Cloud security uncertainty: Do you know where your data is?

3 min read - How well are security leaders sleeping at night? According to a recent Gigamon report, it appears that many cyber professionals are restless and worried.In the report, 50% of IT and security leaders surveyed lack confidence in knowing where their most sensitive data is stored and how it’s secured. Meanwhile, another 56% of respondents say undiscovered blind spots being exploited is the leading concern making them restless.The report reveals the ongoing need for improved cloud and hybrid cloud security. Solutions to…

March 14, 2024

Cloud security evolution: Years of progress and challenges

7 min read - Over a decade since its advent, cloud computing continues to enable organizational agility through scalability, efficiency and resilience. As clients shift from early experiments to strategic workloads, persistent security gaps demand urgent attention even as providers expand infrastructure safeguards.The prevalence of cloud-native services has grown exponentially over the past decade, with cloud providers consistently introducing a multitude of new services at an impressive pace. Now, the contemporary cloud environment is not only larger but also more diverse. Unfortunately, that size…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature