Security in the cloud: a complex balance of responsibilities

Many organizations find that applications in the cloud are naturally more secure than those based locally. This perception is based on the idea that the cloud service provider (CSP) takes responsibility for security. However, while it is possible to get a secure application in the cloud, one should not take such security for granted. In fact, several steps are required to ensure it. Cloud security is a shared responsibility, and migrating to the cloud does not relieve an organization of cyber risk or transfer it to the CSP. Instead, it requires a shared security model where roles and responsibilities are clearly defined.

New cloud security challenges

For many security teams, it was easier to monitor local applications. They had complete visibility into data traffic, owned the data itself, and could identify anomalies and investigate further without involving third parties. This process becomes more complex in a hybrid and multicloud environment. This requires a new approach, beyond that typically offered by a CSP, which is often not robust or well-suited for a security-focused organization. Additionally, data security in the cloud is further complicated with the emergence of zero trust architectures (ZTAs), as defined by NIST SP 800-171.

Misconfiguration increases risk

Many security issues associated with cloud environments are caused by misconfigurations that expose large amounts of data to the outside world. Cyber adversaries are constantly scouring the Internet for such oversights and are quick to act as soon as they discover one. As a result, organizations may be one misconfiguration away from public disclosure of their data. Making matters worse is the new class of cloud administrators, who may lack security and governance expertise.

Visibility: the best ally against cyber threats in the cloud

The federal government is leading the acceleration towards migration to the ZTA, which represents not only a technical challenge, but also a political, process, labour, legal and cultural one. Organizations must anticipate an important technical concern: Moving to a complex and segmented environment that leverages multiple cloud and SaaS offerings will create blind spots for security teams. Visibility into network traffic is a prerequisite for security in any environment you want to defend. Accurate analysis of network communications is critical to ensure that the analytics platform provides high security and detects attacks before the threat actor can act. Finally, it is important to note that traditional observability solutions are not enough. The only way to successfully protect data is to achieve deep observability across all hybrid cloud infrastructure.