For a growing number of organizations adopting cloud-based deployment models, the cloud security challenge is clear. For example, how do I rapidly transform my business in a way that is also secure and compliant? Business leaders have an opportunity to rethink securing their enterprise during the sea-change shift toward cloud models. For instance, leaders should not assume that previous policies and practices are readily transferrable or immediately applicable to newly adopted cloud environments.

While each organization’s journey to the cloud will have its own unique elements, common and basic tenets can help. Any organization can better protect and defend their IP, their users and their assets throughout their journey to the cloud and across multicloud deployments.

Take a look at five key ideas for organizations looking to secure their multicloud deployments.

Establish Visibility: Who’s Using What and Why?

Security teams must have regular visibility into the number and types of cloud applications and services their fellow employees are using on a daily basis. Additionally, they need to understand what they are using them for. In the modern technology landscape, new cloud services and new accounts can be quickly spun up. Users potentially start cloud services and applications without IT’s awareness. This unchecked growth adds complexity and can introduce potential risks.

Before you can effectively prevent data theft or protect your resources from insider and external threats, you need a way to baseline all of the cloud services running in your system. A cloud discovery application should be able to assist you with this. You should run this baseline list regularly and match it against an approved set of applications. Flag and review any discrepancy in these two lists. One-time scans are not sufficient. In addition, run cloud service discovery scans on a regular basis and include them in your overall cloud security plan.

Integrate Cloud Security Across Hybrid and Multicloud Environments

Cloud deployments come in many different flavors. For example, some take the form of workloads run on internet-as-a-service (IaaS) platforms such as IBM Cloud, Amazon Web Services (AWS) and others. Others may be containerized workloads leveraging a platform-based approach. They can also run as dedicated applications delivering software as a service. Regardless of the use case, the key is to have the ability to monitor your cloud security and compliance with a one-size-fits-all approach.

With built-in security intelligence and analytics tools, you can collect data from endpoints, users, applications, the network and user activity. You can apply business context and rules to that data so you can more easily understand what is going on in the context of your own unique environment. Instead of serving up multiple alerts for different events from different systems, you can chain these events and log them under a single potential incident. Therefore, you will reduce the sheer volume of things you need to sort though. This in turn can increase your overall time to response.

Mitigate Insider Threats

Beyond discovery and detection, a cloud security program should also include active user behavior analysis. The majority of potential threats to cloud environments can emerge from inside the organization; a recent study found that threats posed by insiders made up 60% of data breaches. This applies regardless of whether the user’s action is malicious and intentional (in the case of data theft or misuse of corporate assets) or unintentional (in the case of clicking on phishing emails or downloading malware). Either way, identifying and tracking abnormal behavior across all cloud deployments is key.

In addition to protecting human users, leaders also need to think of their service or machine accounts. Conduct a regular inventory of how they are used, what are they accessing and from where these accounts are connecting. By establishing behavioral baselines – both known-good and known-bad – organizations can be improve their abilities to defend their assets and safeguard their users.

Solve Cases Quickly

When and if an issue is uncovered, you should respond urgently. Additionally, the accuracy of your response is critical. You need to be armed with all of the relevant data and the ability to execute a well-orchestrated plan. It does not make sense to try to manage different policies and response plans across multiple clouds, with different tools. You need a unified strategy.

Responding well means using thoroughly tested, automated responses via playbooks and standards that you set in advance. Teams that excel at handling cases empower their employees to adapt their responses, where necessary, to the threats at hand. They need the ability to collaborate and plan though knowledge and data sharing tailored to, and right for, the threats faced. Security leaders must ensure that they can not only meet their compliance rules, but also prove and report on their adherence.

 

Augment Your Multicloud Security Program With AI

Today’s security teams face a mounting set of challenges including a rising volume, variety and complexity of attacks across different deployments. These challenges can be further increased by the fact that hiring and retaining experienced cloud security analysts can be difficult. The industry skills gap, combined with a rising volume and variety of attacks, can sometimes lead to alert overload, longer incident dwell times, unaddressed threats and/or analyst fatigue.

By leveraging the power of augmented intelligence, organizations can cut through much of the noise to pinpoint:

  • What exactly has happened?
  • How am I impacted?
  • What should I do next?

Bringing artificial intelligence (AI) to the fight can drive a number of day one benefits, including rapidly comparing data across and between cases and filtering priorities according to what matters most and what is most in need of attention. AI can also help speed up the training and onboarding of new resources and can shorten the time it takes a junior analyst to start working at a more intermediate or advanced level.

Are You Ready for a Cloud-Based Future?

A future with cloud deployments as central to your business is here to stay. Trying to manage information security across multiple point solutions can quickly become untenable and can introduce potential monitoring blind-spots. A preferred and proven approach to cloud security embraces a unified security intelligence, analytics and response program with future cloud uses at the center.

Learn more about the tools and skills needed to secure multicloud deployments effectively.

More from Cloud Security

Is Your Critical SaaS Data Secure?

4 min read - Increasingly sophisticated adversaries create a significant challenge as organizations increasingly use Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS) and Infrastructure-as-a-Service (IaaS) to deliver applications and services. This mesh of cloud-based applications and services creates new complexities for security teams. But attackers need only one success, while defenders need to succeed 100% of the time. Organizations are contending with an exponential rise in advanced threats that are not only increasing in volume but also sophistication. The IBM Cost of Data Breach Report 2022 found…

4 min read

Rationalizing Your Hybrid Cloud Security Tools

3 min read - As cyber incidents rise and threat landscapes widen, more security tools have emerged to protect the hybrid cloud ecosystem. As a result, security leaders must rapidly assess their hybrid security tools to move toward a centralized toolset and optimize cost without compromising their security posture. Unfortunately, those same leaders face a variety of challenges. One of these challenges is that many security solutions create confusion and provide a false sense of security. Another is that multiple tools provide duplication coverage…

3 min read

New Generation of Phishing Hides Behind Trusted Services

4 min read - The days when email was the main vector for phishing attacks are long gone. Now, phishing attacks occur on SMS, voice, social media and messaging apps. They also hide behind trusted services like Azure and AWS. And with the expansion of cloud computing, even more Software-as-a-Service (SaaS) based phishing schemes are possible. Phishing tactics have evolved faster than ever, and the variety of attacks continues to grow. Security pros need to be aware. SaaS to SaaS Phishing Instead of building…

4 min read

The Importance of Modern-Day Data Security Platforms

4 min read - Data is the backbone of businesses and companies everywhere. Data can range from intellectual property to critical business plans to personal health information or even money itself. At the end of the day, businesses are looking to grow revenue, innovate, and operationalize but to do that, they must ensure that they leverage their data first because of how important and valuable it is to their organization. No matter the industry, the need to protect sensitive and personal data should be…

4 min read