Light Dark
December 3, 2020 By Michael Sanders 3 min read
Cloud Security

Today’s cloud services customers are looking beyond the basic benefits of the cloud, such as ease of scale and payment options. Now, they want the cloud to keep their business evolving and improve customer experience to help them compete. Amazon Web Services (AWS) Cloud security is often seen as getting in the way of these goals, but it doesn’t have to be.

Managing a Hybrid Landscape With AWS Cloud

Moving more and more business services to the cloud results in a hybrid environment, with some data on the cloud and some local. Here, defense and legal mandates can become more and more complex. Problems include:

  • Defining a robust cloud defense strategy
  • Lack of expertise for cloud-native controls
  • Securely deploying workloads at cloud speed
  • Lack of insight and control
  • Industry and legal compliance
  • Need for rapid incident response

If you can overcome these challenges, you can speed up business innovation in the cloud.

Meanwhile, the cost of poorly securing the cloud is high. According to the 2020 Cost of a Data Breach report, poorly configured clouds were a leading cause of data breaches, resulting in more than one billion lost records in 2019. Additionally, Gartner predicts that 99% of cloud breaches will be the customer’s fault through 2025.

Download the AWS Cloud Security Maturity Assessment

Keys to Building Confidence in the Cloud

Cloud service providers, such as AWS, offer many options when it comes to keeping the cloud secure. These can form the foundation for your cloud defense plan. It is critical to do multiple things at once in this step: embrace cloud-native security controls, align native security to the enterprise defense program and extend native security with other enterprise controls. In order to achieve this, you should consider the following steps.

1. Know Your Cloud

One of the most important aspects of securing your AWS Cloud is a well-defined defense strategy. A proper strategy begins with an assessment of your current setup. Are there gaps in your digital walls? From there, you can build a roadmap to the secure future you want.

2. Use DevSecOps in Your Cloud Security Strategy

One of the benefits of AWS Cloud is how DevOps can deliver ongoing integration, delivery and deployment. “Businesses want to launch hundreds of accounts an hour for internal, testing and production purposes. We need to automate security and remove manual bottlenecks to enable this rate of scaling,” says Roy Stephan, the security practice lead for consulting services at AWS.

Some defense functions, including scanning and testing, can now be aligned throughout the development life cycle. In this manner, security aligned to DevOps can enable the best practice of ‘secure by design’ — apps and systems with defense built in from the very beginning of design, through development and then deployment.

3. Bring Threat Management Plans Together

If your business data flows between different platforms as a matter of course, you’ll need to secure hybrid or multicloud setups as part of your overall cloud posture. In cases like this, embrace cloud-native security functions from the cloud service providers themselves. For example, AWS brings Amazon GuardDuty, Amazon Macie, AWS CloudTrail, AWS Config and AWS Security Hub. You can also leverage SIEM with functions like these. They allow you to centralize threat management for insight, control and incident response.

4. Add SOAR to AWS Cloud

You should also consider leveraging SOAR, which builds response orchestration and formal incident response run books into the threat management process. Being able to respond to threats quickly calls for security orchestration, automation and rapid incident response. That automation is made possible with machine learning, artificial intelligence, orchestration tools and native cloud functions.

You should also consider cloud configuration monitoring and configuration remediation. For example, AWS enables functions, such as AWS Config, AWS Security Hub and AWS Lambda to help with these. For multicloud setups, you can also find posture management tools.

5. Use Force Multipliers

Consulting, systems integration and managed security services providers help their customers embrace cloud-native defense functions and align them to existing defenses. These services can augment in-house tactics as a trusted partner that provides the blueprint, services and open technology to improve overall threat management readiness.

Securing AWS Cloud is a Journey

Having a good defense can enable innovation while you’re using AWS Cloud. Getting there involves a robust cloud security strategy and a clear roadmap. Securing the journey to the cloud will require new skills and the addition of cloud-native tools and processes into your existing workflows, but once you get there, you can achieve confidence in the cloud.

IBM, an AWS Premier Consulting Partner for Security Competency, matches its capabilities as the largest enterprise security solutions provider with its deep expertise in cloud native security to advise on cloud security, integrate hybrid environments and operate with confidence. With this, learn how security organizations are elevated to enabler status for confidence in accelerating to cloud.

 |  | 
Michael Sanders
Program Director, Strategy, Cloud Security Services, IBM Security

More from Cloud Security
November 14, 2024

Autonomous security for cloud in AWS: Harnessing the power of AI for a secure future

3 min read - As the digital world evolves, businesses increasingly rely on cloud solutions to store data, run operations and manage applications. However, with this growth comes the challenge of ensuring that cloud environments remain secure and compliant with ever-changing regulations. This is where the idea of autonomous security for cloud (ASC) comes into play.Security and compliance aren't just technical buzzwords; they are crucial for businesses of all sizes. With data breaches and cyber threats on the rise, having systems that ensure your…

October 10, 2024

Risk, reward and reality: Has enterprise perception of the public cloud changed?

4 min read - Public clouds now form the bulk of enterprise IT environments. According to 2024 Statista data, 73% of enterprises use a hybrid cloud model, 14% use multiple public clouds and 10% use a single public cloud solution. Multiple and single private clouds make up the remaining 3%.With enterprises historically reticent to adopt public clouds, adoption data seems to indicate a shift in perception. Perhaps enterprise efforts have finally moved away from reducing risk to prioritizing the potential rewards of public cloud…

June 6, 2024

AI-driven compliance: The key to cloud security

3 min read - The growth of cloud computing continues unabated, but it has also created security challenges. The acceleration of cloud adoption has created greater complexity, with limited cloud technical expertise available in the market, an explosion in connected and Internet of Things (IoT) devices and a growing need for multi-cloud environments. When organizations migrate to the cloud, there is a likelihood of data security problems given that many applications are not secure by design. When these applications migrate to cloud-native systems, mistakes in configuration…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature