Five key cybersecurity considerations for a secure cloud strategy

The Covid-19 pandemic gave the cloud an unexpected shot in the arm as it proved to be the single biggest factor in business continuity and provided a wealth of solutions to manage the disruptions of 2020. Defensive or maintenance-related cloud priorities, including remote access, security, resiliency and cost, enabled companies to support their business.

Likewise, we’ve seen organizations adopt the cloud for the “offensive or progressive” priorities like speed, scale, and capacity. Cloud was used to implement newer business models and to bring products and services to customers in the new hybrid world. The ubiquitous reach of the cloud, along with its capabilities for collaboration and AI-driven insights, has accelerated the pressure from companies to drive business. Gartner forecasts Indian public cloud end-user spending to grow 31.4% year-over-year in 2021.

As cloud adoption increases, businesses will be operating beyond the perimeter of their organization, including interacting with external stakeholders such as partners and vendors who need access to cloud-hosted applications. This makes the IT landscape very vulnerable to cyber attacks.

The vulnerabilities of a cloud-first and borderless enterprise

Cybersecurity architecture, operations and compliance require more attention in a cloud-based environment. The inability of organizations to extend the default security architecture from on-premise to the cloud leads to ineffective security controls. The risk of a security breach is high due to misconfiguration and insufficient change control, especially since many of the cloud attacks are opportunistic.

Cloud API gateways act as a single point of entry, but also become a target of compromise.

Service providers often offer cheap and easy-to-use PaaS and SaaS products, increasing the risk of unauthorized use of cloud services (Shadow IT). Therefore, when migrating workloads to the cloud, the security controls and policies applied to an on-prem workload must also be moved to the cloud.

Limitations of traditional cybersecurity controls

According to a recent cloud security report, 66% of respondents believed that traditional security solutions either don’t work or have limited functionality in the cloud. Traditional cybersecurity solutions are designed with traditional information assets, data flow and access management in mind. These are primarily confined within an organization’s perimeter and are deployed on fully controlled physical assets. Since cybersecurity in the cloud scenario is a shared responsibility between the cloud provider and the cloud consumer, traditional controls fall woefully short. On the other hand, cyber attacks are becoming innovative and causing more damage.

All of these risks highlight the importance of establishing secure cloud governance, with cybersecurity risk assessment, architecture, compliance and assurance as an integral part of the overall cloud strategy and migration.

An integrated cybersecurity strategy in the cloud

Key considerations for building an integrated cloud cybersecurity strategy include:

  • Risk assessment and architecture strategy

A comprehensive cloud strategy with cybersecurity risk assessment is the first step to creating an integrated cybersecurity plan. Risks associated with cloud providers should be studied for compliance and reporting in accordance with legal mandates and technical and operational KPIs. Organizations need to expand the capabilities for security monitoring, incident response, vulnerability management and overall risk management of cloud assets. Cloud API, container and serverless security will further strengthen the security position.

  • Safe by design approach

A secure by design principle must be applied to the enterprise cloud strategy. This means that security architecture and governance teams must work closely with the cloud strategy team to ensure that cloud-native security controls such as cloud firewall or DDOS protection are implemented as part of the cloud foundation.

Another best practice is to embed cybersecurity into the DevOps processes and container security.

When deploying cloud logging/event monitoring systems, they should align with the overall security incident response process. By securing data at the source, risks can be significantly reduced. Improved solutions for data encryption, database activity monitoring, tokenization and masking can minimize the risk of data loss. Likewise, defining KPIs, compliance requirements, and extending additional on-premises controls to the cloud help improve security health.

  • Access control and segmentation

Organizations need to improve data security with encryption, classification, leakage prevention, and data recovery capabilities. Expanding and improving access controls with Multi Factor Authentication (MFA), privilege managers and key vaults are the new mandates.

  • Zero Trust Security Framework

Applying a Zero Trust Security framework extends comprehensive enterprise security control from base servers and networks to governance, compliance, and reporting. Zero Trust micro-segmentation and workload protection solutions provide deep defenses.

  • NextGen Security Operations

With organizations evaluating hyperscalers for complex requirements such as OT/IOT, data analytics, or high-performance computing, cloud providers have expanded their security portfolios. This provides basic enterprise-level security to comprehensive threat and vulnerability management and compliance reporting. Nextgen security operations with a platform-centric approach can support the adoption of integrated security monitoring, detection and response, cyber intelligence-driven proactive defense, and risk-based vulnerability management. Upcoming innovative solutions such as confidential computing should be considered once they reach maturity.

These measures allow organizations to take full advantage of the cloud without having to worry about security.



The above views are those of the author.


Leave a Comment