Is Cloud Native Security Good Enough?
December 2022 by Deryck Mitchelson, Field CISO at cybersecurity company Check Point
Global organisations are digitally transforming via cloud native applications and services. Use of cloud native can drive innovation, accelerate speed to market, and can bring about cost savings that fuel new growth. Cloud native technologies enable organisations to tap into the agility required to keep up in the current competitive landscape and to create new business models. But achieving efficient, flexible, distributed and resilient cloud native security is tough.
All major public cloud providers -Amazon Web Services (AWS), Microsoft Azure and Google Cloud- of course offer security features and services, which are designed to address significant threats to cloud-based data. However, in spite of this, public cloud providers’ security tools commonly fail to meet operational needs, and their limitations should prompt organisations to consider or reconsider how they are protecting public cloud environments.
Cloud providers’ efforts to ensure security are barely adequate. In the following section, I go into why that’s the case and how it could impact your organization:
1. Limited visibility: One of the major challenges associated with cloud-native is that, in contrast with on-prem deployment, owners cannot be sure of the security elements related to the cloud environment that the application is hosted on. As a result, it becomes the role of the IT team to track every resource and to add it to the application. Monitoring needs to proceed throughout application lifecycles. Lack of adequate visibility can needlessly compromise security.
2. Cloud native exposure to threats: The cloud is accessible to anyone with an internet connection, which means that threat actors are continually searching for ways to undermine systems’ security. As cyber attackers advance their strategies, cyber security prevention and defense methodologies also need to evolve. For example, enterprises need cloud security that can fend off brute-force attacks, phishing and SQL injections.
3. Policy centralisation: At present, the average cloud native environment includes a number of tools from an assortment of developers and service providers. In a multi-cloud infrastructure, information technology managers may face fragmented security access controls, and due to implementation in separate provider environments, an impossible-to-keep-up-with set of monitoring tools. Policy centralisation can make security management more uniform and more successful.
4. Slow security processes: Key reasons as to why enterprises are moving to the cloud include speed, agility and flexibility. But security can easily get left in the dust, so to speak. Given the speed of the continuous integration and deployment (CI/CD) pipeline, security can lag. Enterprises can solve for this issue by shifting security as far left as possible. You can create a Shift Left environment through a third-party security platform.
Ensuring Cloud – Native Protection
Here are three key improvements to drive your organisation’s cloud-native security to ensure protection against upcoming sophisticated cyberattacks:
1. Improve Your Visualisation and Regular Reporting: To understand the current state of their security posture, enterprises must have access to up-to-date reports and visualisations (e.g., dashboards) that account for their entire application infrastructure to overcome information overload and lack of clarity, to quickly and effectively assess their overall security posture to improve upon, where needed.
2. The Automation Game: Compliance rule sets and customised policies must be built into the development stages as well as carried over to runtime, which will require automation to ensure the deployment is compliant with internal and external rules.
3. Keeping up with Changes: Security professionals must keep pace with frequent changes to not only the resources within an expanding cloud sprawl, but security best practices and compliance regulations, which are being enacted at a rapid pace to keep up with the expanding cyberattacks taking place. Efforts should also be made to keep up with the speed and scale of the organisation with new security protection measures implemented accordingly.
For organisations who are facing such cybersecurity challenges, making every effort to reduce their enterprise risks and limiting their exposure to threats, will require prevention-first security instead of just leaving it at detection.
By 2023, more than 500 million digital applications and services will be developed and hosted through cloud native means. The findings and suggestions shared above, combined with the recent sharp increase in cyberattacks should lead organisations to consider whether or not they are making adequate effort to secure public cloud environments.