For a growing number of organizations adopting cloud-based deployment models, the cloud security challenge is clear. For example, how do I rapidly transform my business in a way that is also secure and compliant? Business leaders have an opportunity to rethink securing their enterprise during the sea-change shift toward cloud models. For instance, leaders should not assume that previous policies and practices are readily transferrable or immediately applicable to newly adopted cloud environments.

While each organization’s journey to the cloud will have its own unique elements, common and basic tenets can help. Any organization can better protect and defend their IP, their users and their assets throughout their journey to the cloud and across multicloud deployments.

Take a look at five key ideas for organizations looking to secure their multicloud deployments.

Establish Visibility: Who’s Using What and Why?

Security teams must have regular visibility into the number and types of cloud applications and services their fellow employees are using on a daily basis. Additionally, they need to understand what they are using them for. In the modern technology landscape, new cloud services and new accounts can be quickly spun up. Users potentially start cloud services and applications without IT’s awareness. This unchecked growth adds complexity and can introduce potential risks.

Before you can effectively prevent data theft or protect your resources from insider and external threats, you need a way to baseline all of the cloud services running in your system. A cloud discovery application should be able to assist you with this. You should run this baseline list regularly and match it against an approved set of applications. Flag and review any discrepancy in these two lists. One-time scans are not sufficient. In addition, run cloud service discovery scans on a regular basis and include them in your overall cloud security plan.

Integrate Cloud Security Across Hybrid and Multicloud Environments

Cloud deployments come in many different flavors. For example, some take the form of workloads run on internet-as-a-service (IaaS) platforms such as IBM Cloud, Amazon Web Services (AWS) and others. Others may be containerized workloads leveraging a platform-based approach. They can also run as dedicated applications delivering software as a service. Regardless of the use case, the key is to have the ability to monitor your cloud security and compliance with a one-size-fits-all approach.

With built-in security intelligence and analytics tools, you can collect data from endpoints, users, applications, the network and user activity. You can apply business context and rules to that data so you can more easily understand what is going on in the context of your own unique environment. Instead of serving up multiple alerts for different events from different systems, you can chain these events and log them under a single potential incident. Therefore, you will reduce the sheer volume of things you need to sort though. This in turn can increase your overall time to response.

Mitigate Insider Threats

Beyond discovery and detection, a cloud security program should also include active user behavior analysis. The majority of potential threats to cloud environments can emerge from inside the organization; a recent study found that threats posed by insiders made up 60% of data breaches. This applies regardless of whether the user’s action is malicious and intentional (in the case of data theft or misuse of corporate assets) or unintentional (in the case of clicking on phishing emails or downloading malware). Either way, identifying and tracking abnormal behavior across all cloud deployments is key.

In addition to protecting human users, leaders also need to think of their service or machine accounts. Conduct a regular inventory of how they are used, what are they accessing and from where these accounts are connecting. By establishing behavioral baselines – both known-good and known-bad – organizations can be improve their abilities to defend their assets and safeguard their users.

Solve Cases Quickly

When and if an issue is uncovered, you should respond urgently. Additionally, the accuracy of your response is critical. You need to be armed with all of the relevant data and the ability to execute a well-orchestrated plan. It does not make sense to try to manage different policies and response plans across multiple clouds, with different tools. You need a unified strategy.

Responding well means using thoroughly tested, automated responses via playbooks and standards that you set in advance. Teams that excel at handling cases empower their employees to adapt their responses, where necessary, to the threats at hand. They need the ability to collaborate and plan though knowledge and data sharing tailored to, and right for, the threats faced. Security leaders must ensure that they can not only meet their compliance rules, but also prove and report on their adherence.


Augment Your Multicloud Security Program With AI

Today’s security teams face a mounting set of challenges including a rising volume, variety and complexity of attacks across different deployments. These challenges can be further increased by the fact that hiring and retaining experienced cloud security analysts can be difficult. The industry skills gap, combined with a rising volume and variety of attacks, can sometimes lead to alert overload, longer incident dwell times, unaddressed threats and/or analyst fatigue.

By leveraging the power of augmented intelligence, organizations can cut through much of the noise to pinpoint:

  • What exactly has happened?
  • How am I impacted?
  • What should I do next?

Bringing artificial intelligence (AI) to the fight can drive a number of day one benefits, including rapidly comparing data across and between cases and filtering priorities according to what matters most and what is most in need of attention. AI can also help speed up the training and onboarding of new resources and can shorten the time it takes a junior analyst to start working at a more intermediate or advanced level.

Are You Ready for a Cloud-Based Future?

A future with cloud deployments as central to your business is here to stay. Trying to manage information security across multiple point solutions can quickly become untenable and can introduce potential monitoring blind-spots. A preferred and proven approach to cloud security embraces a unified security intelligence, analytics and response program with future cloud uses at the center.

Learn more about the tools and skills needed to secure multicloud deployments effectively.

More from Cloud Security

How Posture Management Prevents Catastrophic Cloud Breaches

We've all heard about catastrophic cloud breaches. But for every cyberattack reported in the news, many more may never reach the public eye. Perhaps worst of all, a large number of the offending vulnerabilities might have been avoided entirely through proper cloud configuration. Many big cloud security catastrophes often result from what appear to be tiny lapses. For example, the famous 2019 Capital One breach was traced to a misconfigured application firewall. Could a proper configuration have prevented that breach?…

How to Implement Cloud Identity and Access Governance

Creating identity and access governance across cloud environments is crucial for modern organizations. In our previous post, we discussed how important human and non-human identities are for these environments and why their management and the governance of their access can be difficult. In the face of these challenges, our cloud identity and access governance (CIAG) approach offers an orchestration layer between cloud identity and access management (IAM) and enterprise IAM, as the following graphic shows. As we continue our CIAG…

How Do You Plan to Celebrate National Computer Security Day?

In October 2022, the world marked the 19th Cybersecurity Awareness Month. October might be over, but employers can still talk about awareness of digital threats. We all have another chance before then: National Computer Security Day. The History of National Computer Security Day The origins of National Computer Security Day trace back to 1988 and the Washington, D.C. chapter of the Association for Computing Machinery’s Special Interest Group on Security, Audit and Control. As noted by National Today, those in…

Why Are Cloud Misconfigurations Still a Major Issue?

Cloud misconfigurations are by far the biggest threat to cloud security, according to the National Security Agency (NSA). The 2022 IBM Security X-Force Cloud Threat Landscape Report found that cloud vulnerabilities have grown a whopping 28% since last year, with a 200% increase in cloud accounts offered on the dark web in the same timeframe. With vulnerabilities on the rise, the catastrophic impact of cloud breaches has made it clear that proper cloud security is of the utmost importance. And…