Greg Franseth, Cadre Information Security
The internet is chock-full of cloud growth stats. We all know it’s happening, but do we really know how great our security risk is? According to our friends over at Netskope, in 2020, the number of apps in use by the average enterprise increased by 20%[1]. Organizations with 500-2,000 employees used on average 690 distinct cloud apps. Of those apps, 47.5% have a “Poor” Cloud Confidence Index™ (CCI) rating—meaning enterprises should avoid using these apps and take steps to migrate to safer app alternatives.
And that’s just a glimpse into the current state of cloud security.
With so much of today’s work rooted in the cloud, it’s easy to get wrapped up in doing everything you can to improve your organization’s cloud security posture. But these days what we’re seeing is that IT teams need to take a pause and revisit these 3 need-to-know security facts.
1. Everyone’s cloud security stack still needs to be tailored.
“More cloud security doesn’t equate to stronger security” is something you have probably read time and time again. But it’s worth repeating. Why? Because as the attack surface keeps expanding, organizations keep falling into the same pattern. There’s an issue, they buy a security solution to stop the hemorrhage or meet a compliance requirement, and then put off dealing with the complexity issues for another day.
The real problem is that cloud complexity combined with too many different and uncooperative security solutions leaves you with no shared intelligence.
To overcome these challenges, you must streamline your security stack and include must-haves like: Cloud Access Security Broker (CASB) as part of your Secure Access Service Edge (SASE), Identity and Access Management (IAM), threat intelligence, and next-generation firewalls. And do so in a strategic manner that ensures all solutions work in harmony.
2. Constant vigilance is the only way forward.
So much of the discussion on cloud security revolves around technology. However, it’s not the IT team’s problem alone. Today, people are the weakest link in security. Even with a cloud-based SWG, if an employee clicks on a phishing email and enters their credentials, your whole cloud ecosystem could be at risk as attackers stealthily move and escalate privileges. While artificial intelligence (AI) and machine learning (ML) technologies help with predicting these events, and isolation layers can keep phishing attempts and malware off endpoint devices, awareness is still a central pillar of keeping the cloud secure.
3. You have to use ML/AI to take the load off analysts so they can keep a human eye on end users.
The cloud can be safer, but you’ll always need real-time monitoring and analysis of end-user behavior. This will allow you to spot irregularities that deviate from normal usage patterns (did they modify audit trails, did they repeatedly try to download data, etc.). And at the other end of the spectrum, when that employee departs the company, do you have a process to ensure they can no longer access your cloud storage, systems, data, customer information, and intellectual properties?
To address these issues, consider completing an assessment before buying any new solutions that use AI/ML to complete low-level, high-volume tasks to take the burden of human experts such as:
· Intrusion Detection & Response
· Extended Detection and Response
· SIEM
Cloud-First Must be Security-First
As a bonus fact, to reap the benefits of cloud computing, organizations must put security first on the list of priorities. While cloud is more secure if you take the right precautions, it takes constant evaluation and re-evaluation to ensure you have the best solutions for your ecosystem. At Cadre, we work with the best cloud security providers in the business and take an unbiased approach to review and recommend how to best secure your unique environment and reduce risk.
To learn more about integral parts of today’s cloud security, watch our recorded webinar, Demystifying SASE - A Cloud-Based Approach to Network Security.