Cloud security is still a major problem, despite all the conversations about it and the very clear threats enterprises face today. In fact, the 2021 Verizon Data Breach Investigation Report found that most cybersecurity incidents now involve cloud infrastructure – 73% involved external cloud assets, up from 27% the prior year. It marked the first year that cloud incidents surpassed on-premises ones.
By Vince Hwang, Senior Director – Products and Solutions, Fortinet
Clearly, security isn’t keeping up even as cloud adoption skyrockets. And it’s going to continue to do so – Gartner predicts that global spending on public cloud services will reach $332.2 billion this year, a significant increase from $270 billion last year. What’s behind these cloud security issues and how do we tackle them? Read on.
The Madness of Misconfiguration
The likelihood of misconfiguration increases in step with increased cloud use, and it’s one of the biggest problems when it comes to cloud security. According to the Fortinet 2021 Cloud Security Report, 67% of cybersecurity professionals surveyed said that misconfiguration remains the biggest cloud security risk. Cloud misconfigurations happen when a user or team specifies settings that fail to provide adequate security for their cloud data. If an organization’s cloud doesn’t have strong security measures, attackers can exploit those misconfigurations to compromise or steal cloud data.
Misconfigured cloud-based resources leave critical environments at risk, so misconfigurations may result in unexpected costs and disrupted services. Attackers can do significant harm by targeting a misconfiguration as they move laterally within an organization’s infrastructure.
Adding Multi-cloud to the Scenario
Another significant trend affecting cloud security is this: very few companies are taking a one-size-fits-all approach to the cloud. Most are using more than one cloud to overcome multi-cloud security challenges, such as data backup, application resiliency disaster recovery and global coverage. In fact, according to the Fortinet report, 71% of organizations are pursuing a multi- or hybrid cloud strategy; 33% of organizations are running more than half of their workloads in the cloud today, and that figure is projected to rise to 56% in the next 12–18 months. They are doing this for reasons of scalability, integration of multiple services or business continuity. That doesn’t mean that on-premises is a thing of the past; hybrid still accounts for more than one-third of deployments. What it does mean is that organizations are now operating in a diverse and expanded digital landscape.
The problem is that it’s not so easy to manage and secure different private and public cloud workloads and environments as some may have imagined. Though it offers many benefits, multi-cloud adoption adds extra layers of management complexity, especially when cloud services are added in an ad hoc manner rather than being planned out. This complexity creates management and operational challenges and increases operational costs. Even worse, not many IT teams have the expertise to manage a mixed deployment of multiple public clouds, private cloud and on-premises environments.
Less Talk, More Strategy Needed
Overcoming all of these cloud security issues requires a cohesive approach. Multi-cloud deployment presents an opportunity to hit the pause button, shift from the point solution approach and design your cybersecurity in a holistic manner. Otherwise, you may end up adding to the chaos so typical in IT today: too many management platforms, too many products, too many vendors.
A holistic security approach excels over traditional security approaches. Rather than adopting point solutions that can lead to security gaps, a holistic security model uses open standards and protocols to integrate all security activities into a single platform. With all security routed to the same platform, organizations can more rapidly detect, investigate and respond to threats. Additionally, if a security fabric approach uses machine learning (ML), the system can become a self-healing security and networking system that protects applications, data and devices across on-premises data centers and cloud services.
A Holistic View
Unfortunately, both legitimate organizations and cybercriminals take advantage of advances in technology. As enterprises have adopted multi- and hybrid cloud strategies, malicious actors have found ways to circumvent security measures and attack corporate networks. Yet the irony is that cloud misconfigurations, created by enterprise IT teams, are the primary way that attackers can infiltrate the network.
Multi-cloud and hybrid cloud approaches add layers of management complexity, which is also difficult for most IT teams to navigate. A new cloud approach requires a new security approach – one that integrates all security activities into a single pane of glass. IT security teams then have visibility into all cloud configurations and a better chance of detecting and mitigating threats. Today’s cloud strategies require a holistic security strategy.
About the Author
With over 20 years in cybersecurity leading at the forefront of many industry-firsts in the space, Vince Hwang is senior director of products & solutions at Fortinet where he leads adaptive cloud security products and solutions. He’s excited by the possibilities of enabling customers to achieve their desired digital innovations outcomes through cloud journeys. Previously, Vince has held key roles driving product strategy and execution at companies that include Cisco, Sourcefire (now part of Cisco), Symantec, and Trend Micro.
Views expressed in this article are personal. The facts, opinions, and language in the article do not reflect the views of CISO MAG and CISO MAG does not assume any responsibility or liability for the same.