February 8, 2021 By David Bisson 3 min read

Like anyone who works with their hands, cybersecurity experts need the right tools for the job. As we’ll see in this blog and the series to follow, cloud-based threats need cloud native tools to combat them. Traditional security tools don’t provide the same level of functionality in the cloud as they do on premises.

According to GlobeNewswire, 82% of respondents to a 2020 study said their tools either provided limited functionality in the cloud or didn’t work at all. How is cloud security different, and what needs to be done to implement it?

These questions are critical because businesses are migrating their workloads to the cloud more and more. Almost a quarter of respondents to a May 2020 survey expected to move all of their applications to the cloud over the next 12 months. In addition, 68% of chief information officers (CIOs) considered “migrating to the public cloud and/or expanding private cloud” to be their top IT spending driver in 2020.

Common Myths About Cloud Native Tools

Despite the eagerness for migrating to the cloud, many organizations don’t completely understand the process of doing so. Approximately one-third (32%) of respondents surveyed consider migrating security tools to the cloud to be too difficult or too risky. Even so, nearly half (46%) of respondents say they would rather migrate on-premise products to the cloud rather than replace them with cloud security tools.

But since classic tools don’t cut it, that’s getting cloud protection all wrong.

Traditional Network Security Versus Cloud Security

Protecting the cloud is different from protecting on-premises data by nature. With the latter, the enterprise has sole responsibility for defense. They own the base IT landscape. This means they must put physical controls in place to prevent malicious actors from gaining access to their data center(s).

This full control means organizations can configure their systems and networks in any way they like. That has its pros and cons. In an effort to protect the resulting network layers, they could end up investing in disjointed and costly tools. They could also find themselves paying for more employees or external consultants who have the expertise to deploy those tools and keep their data safe.

On the other hand, the enterprise doesn’t have complete control over their defenses in the cloud. They’re bound by the shared responsibility model. We’ll talk about this more later, but for now the key is that it requires a partnership with an outside provider. That cloud service provider (CSP) protects the infrastructure that runs the services in its cloud. Meanwhile, it’s up to each enterprise to put defensive controls in place that secure their infrastructure configurations, applications and/or data.

Knowing what’s required of each group under the shared responsibility model and where cloud native tools fall can be confusing. A 2020 study found just eight percent of respondents fully understood this model across all cloud services — down from 18% a year earlier. As a result, organizations might miss out on some cloud native tools, such as application programming interface-driven automation and specialized security options, that they might not find for their on-premises assets They might also overlook their duties, such as the need to find a trusted provider that allows for compliance with relevant rules.

Fighting Cloud-Based Threats With Cloud Native Tools

Enterprise can’t achieve good defense in the cloud using only classic tools. Many of those tools don’t work in cloud landscapes. Also, they assume a level of control that enterprise doesn’t have in the cloud. That’s why they need to turn to native cloud security tools.

It’s a bit more nuanced than that, however. You can’t choose just any cloud-based solution. You need to fully understand your defense needs.

To help in that regard, the next blog post in this series will provide some background on the shared responsibility model. We’ll discuss how defensive roles vary depending on what cloud deployment model you’re using. As we’ll find out, you can then discover a cloud-based security solution that works for you.

More from Cloud Security

Cloud security evolution: Years of progress and challenges

7 min read - Over a decade since its advent, cloud computing continues to enable organizational agility through scalability, efficiency and resilience. As clients shift from early experiments to strategic workloads, persistent security gaps demand urgent attention even as providers expand infrastructure safeguards.The prevalence of cloud-native services has grown exponentially over the past decade, with cloud providers consistently introducing a multitude of new services at an impressive pace. Now, the contemporary cloud environment is not only larger but also more diverse. Unfortunately, that size…

The compelling need for cloud-native data protection

4 min read - Cloud environments were frequent targets for cyber attackers in 2023. Eighty-two percent of breaches that involved data stored in the cloud were in public, private or multi-cloud environments. Attackers gained the most access to multi-cloud environments, with 39% of breaches spanning multi-cloud environments because of the more complicated security issues. The cost of these cloud breaches totaled $4.75 million, higher than the average cost of $4.45 million for all data breaches.The reason for this high cost is not only the…

Accelerating security outcomes with a cloud-native SIEM

5 min read - As organizations modernize their IT infrastructure and increase adoption of cloud services, security teams face new challenges in terms of staffing, budgets and technologies. To keep pace, security programs must evolve to secure modern IT environments against fast-evolving threats with constrained resources. This will require rethinking traditional security strategies and focusing investments on capabilities like cloud security, AI-powered defense and skills development. The path forward calls on security teams to be agile, innovative and strategic amidst the changes in technology…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today