Is there any innovation on the horizon that will help companies stem the onslaught of cyber breaches? Yes, there is. It is called “The Cloud,” not to be feared but to embrace with urgency. The cloud offers enterprises a once-in-a-lifetime opportunity for a security do-over. Executed properly, a move to the cloud offers the opportunity to deliver a level of security unimaginable in the old-world of leaky networks and data centers – and can lead to security transformation.
By Brendan Hannigan, co-founder and CEO, Sonrai Security
Traditional networks and data centers are crammed full of a morass of security products, with each new solution promising questionable benefits and delivering results that daily ransomware headlines and data breaches can measure. Nothing is on the way to change this reality. Gartner predicts that by 2023, 75% of cloud security failures will result from inadequate management of identities, access, and privileges — up from 50% in 2020. The sad fact is that many of these arise not because of sophisticated attacks but rather due to basic misconfiguration. The rapidly expanding suite of cloud providers and their multitude of services with infinite combinations and permutations of settings place an extraordinary burden on enterprise security teams to change.
Data is your most important enterprise asset. The truth is that business data is rarely confined to corporate network perimeters anymore. In the cloud, identities are the security perimeter and must be at the forefront of how you secure your data. Thus, the way to secure enterprise data is to extend enterprise security to your cloud identities (people and non-people).
However, organization after organization use outdated security strategies to protect this number one asset using the outdated network security model. This strategy fails in the public cloud, as we see this in the headlines pretty much weekly over the past three years.
Identities are the new Perimeter
Jay Gazlay, a technical strategist at the Cybersecurity and Infrastructure Security Agency, told members of the National Institute of Standards and Technology’s (NIST) Information Security and Privacy Advisory Board, “Identity is everything now. We can talk about our network defenses, we can talk about the importance of firewalls and network segmentation, but really, identity has become the boundary, and we need to start readdressing our infrastructures in that manner.”
Jay’s assessment is 100% correct and brings to light another hard truth; the network is no longer the perimeter — identities are the new perimeter. Security teams are used to creating boundaries using networks, and placing the security stack where those boundaries meet, and configuring it based on known and locked down data paths. This does not work as a holistic security solution in the cloud. Cloud security teams must think about what identities they control, what are their uses, and what resources they have access to.
Securing identities and data in the cloud is challenging if you use outdated strategy and tooling. Almost like it doesn’t have to be this way.
The current attack cycle, particularly in the cloud, starts with identity. Attackers seek to access the identity, then pivot between resources, discovering credentials and other people and non-people identities that give them more and more access to get what they want. It’s important to understand that identity extends security beyond the traditional walls of the enterprise, which is why there are failures in applying old network security strategies to the new cloud environment.
But it need not be that way. When properly executed, moving infrastructure and apps to the cloud, hands over the core infrastructure security to the massively funded cloud providers. Unburdened by the struggle of core infrastructure management, networks, and data centers, companies can focus on who and what has access to their data and its protection. Systems enabling deep knowledge and control of corporate data and identities and aligned with corporate policies allow an impressive lockdown of access impossible in old-world data centers.
Still, why are so many so slow to move? Making a wholesale shift to something new creates anxiety, risk, and potential downfall. Companies fear they will lose control when the opposite is true. Executives use security to slow the move to the cloud when in reality, they should be using security as a reason to run – not walk – away from the status quo.
Digital Transformation, executed properly, leads to Security Transformation. Of course, executed poorly, it leads to the status quo. Only when we can make a wholesale mindset shift will our companies, data, identities, and lives be fully secure.
About the Author
Brendan Hannigan is CEO and co-founder of the cloud security software company Sonrai Security. Brendan has spent decades building technologies and businesses in cyber security and networking based on unmet needs. Brendan is a recognized leader in the cybersecurity field, and his perspective spans multiple industry transitions. He’s also an Entrepreneur Partner with Polaris Partners and serves on the board of Flashpoint. At Polaris Partners, Brendan led the investment in cloud-native security company Twistlock and acted as Chairman through its successful sale. Brendan previously was the general manager of the $2 billion IBM Security business. Before this, Brendan was CEO of Q1 Labs, which pioneered the security intelligence and analytics market and built the market-leading QRadar platform. Earlier, Brendan led the network and security practice of Forrester Research and built switching and routing software at Wellfleet Communications and Digital Equipment Corporation. Brendan graduated from University College Dublin with a degree in Computer Science.
Views expressed in this article are personal. The facts, opinions, and language in the article do not reflect the views of CISO MAG and CISO MAG does not assume any responsibility or liability for the same.