Preventing Cloud Blindness

For many organizations, embracing the potential of the new digital economy involves migrating services, data, and infrastructure to the cloud. The cloud is a powerfully disruptive technology. It allows businesses to be more agile, responsive, and available than ever before by transforming traditional compute architectures and best practices that have been in place for decades.

Most organizations today have some sort of a cloud strategy. Nearly all of them are adopting a hybrid cloud infrastructure that combines their private cloud with one or more public cloud solutions. As a result, organizations now use an average of 62 cloud applications, with cloud-based Infrastructure-as-a-Service (IaaS) apps climbing to their highest value ever. And nearly half of all workloads are now being run in a cloud environment.

Unfortunately, many organizations are now facing a cloud skills gap every bit as serious as the one affecting cybersecurity. The result is that many companies are having a difficult time seamlessly integrating their traditional network with their new cloud environments.

And of course, every time you extend or alter the network you also expand the potential attack surface. Mobile computing, the increase of new applications, and the distribution of data into the cloud means that users, devices, and applications are able to access virtually any information or interact with virtually any user or device, from any location. New cloud-related risks include insider threats, especially from privileged users, compromised accounts, and shadow IT (where data and resources are stored or processed using cloud applications not approved by corporate).

The traditional security models and technologies we have relied on for decades were simply never designed to protect today’s elastic and highly virtualized environments. And as we continue to see, cybercriminals are ready and able to exploit every weakness in these new technologies or services. So, while we are in the process of reengineering our businesses (and our society), it is also time to radically rethink security.

To respond to this new threat landscape, many organizations have accelerated the adoption of specialized security, such as virtualized, on-demand data center protection, web-application firewalls, security for mobile devices, secure email gateways, advanced threat protection, and sandboxes. However, dozens of isolated security tools, regardless of how relevant they may seem to be, create their own problem. Overburdened IT teams are poorly equipped to adequately deploy, configure, monitor, and manage dozens of new security tools – especially when there is no good way to correlate the threat intelligence each of these devices produces.

As a result, this deluge of isolated security tools being deployed has actually created a blind spot in the overall security strategy of many organizations. And as we continue to see, a critical lapse in visibility, control, or coordination in any part of the distributed network, especially in the cloud, can spell disaster for a digital business.

To address this challenge, security needs to be redesigned. Today’s organizations require an interconnected security framework that can dynamically expand and adapt as organizations extend into the cloud. Security policy and enforcement need to seamlessly follow and protect data, users, and applications as they move back and forth between IoT, traditional networks, and the cloud. And networks need to be able to automatically respond in a coordinated fashion at the speed of an attack.

In order to adequately protect today’s distributed business, organizations need to adopt an integrated security strategy that can actively collect, share, and correlate threat information, distribute mitigation instructions across all attack vectors, extend visibility and control across the networked ecosystem, and enable a synchronized attack response. One effective way to do this is to design a security architecture, or fabric-based approach, that enables you to tie your deployed security tools into a single, holistic solution.

As your organization expands its security strategy into the cloud, you should consider the following:

1. Ensure that the security tools and services available to you through your cloud provider or MSSP are compatible with those you have implemented in your local and remote networks and on your endpoint devices.
2. Make the support of open standards a critical requirement when evaluating new security solutions to ensure interoperability and enable consistent, coordinated response wherever a threat is discovered.
3. Select solutions that truly extend visibility and control into your cloud infrastructure through a single management console. This will allow you to establish, distribute, and enforce security policies anywhere your data travels.