If your organization isn’t already addressing cloud cybersecurity proactively, it’s risking disaster. Waiting for an attack to happen simply doesn’t make sense.
Proactive cloud security takes active measures to spot potential threats and prevent cyberattacks before they take place, explains Nick Godfrey, senior director and global head, office of the CISO, at Google Cloud in an email interview. “This is done through practices like continuous identity validation, automating detection and response capabilities, and analyzing threat intelligence to mitigate weaknesses in the cloud network before they can be exploited.”
“By taking a proactive approach to cloud security, organizations can mitigate destructive attacks through the discovery of high-risk entry points, threat actor campaign orchestration activity ... and validate security control effectiveness against targeted attacks,” Godfrey says. “As a result, organizations will save time, money, and resources that would otherwise be put toward reactive remediation.”
With cloud native infrastructures deployed across the enterprise, typical endpoint and intrusion detection tools are not sufficient to identify attacks or vulnerabilities in a non-VM infrastructure, cautions Accenture Federal Services’ cyber chief technical officer Dave Dalling via email. “Real-time automated responses can quickly shut off attacks and prevent lateral movement through credential stealing and role escalation.”
The best way to get started is by evaluating vendors that offer proactive cloud security tools and determining their capabilities, Dalling advises. He also suggests reviewing the existing cloud-native inventory and security techniques. “Work with your organization’s security operations center to determine the most effective way to integrate a proactive cloud security tool into their monitoring and incident response workflows,” Dalling adds.
By adopting a proactive cloud security approach, organizations can safeguard themselves against security threats, ensure compliance, and increase customer trust, says Ravi Raghava, vice president of cloud solutions at technology integrator SAIC via email. “This approach is often more cost effective than dealing with the aftermath of a security breach, which can result in substantial financial and reputational losses.” He notes that business partners are more likely to trust organizations that prioritize the protection of their data through proactive security steps.
Raghava narrows-down proactive cloud security to three basic steps:
1) Continuous monitoring. Continuously assess and monitor the current security posture and identify any gaps and security control needs. The implementation of continuous monitoring, strong identity and access controls, and multi-layered cloud services security all aid in the early detection of potential breaches or mistakes, allowing timely responses and mitigations.
2) Logging and analysis. Regular analysis of the log data, such as network traffic data and Software as a Service (SaaS) solutions data, will help to identify any suspicious activities or anomalies.
3) Integrating threat intelligence. Using the insights gained from monitoring and log data analysis allows cloud consumers to make informed risk-based decisions and take appropriate actions to protect their data and assets. Use threat intelligence to proactively adjust the security posture and respond to evolving threats.
Read the rest of this article on InformationWeek.