Gartner estimates that less than one-third of enterprises have a documented cloud strategy. This is a concerning statistic, especially as it relates to the security of cloud workloads.
Even without a documented cloud strategy, however, Gartner also predicts that by 2020, as much as $216 billion in annual IT spending will shift to cloud and cloud-related categories of spending. This “cloud shift,” the shifting of IT spending from data center systems, software and IT services to public cloud services, will grow from $114 billion in 2016.
That’s a lot of growing reliance on the cloud. And, in most cases, this public cloud adoption is outpacing the implementation of proper cybersecurity defenses.
Cloud security is particularly important, however, due to the cloud’s increased risk of accidental threat exposure. This compounded by increases in the attack surface can create exponential risk exposure.
Consider the recently reported Uber data breach. Reports suggest that the breach took place because hackers were able to access Uber’s log-in credentials to Amazon Web Services which were, for some reason, available on a private area of Github. If Uber had had a documented cloud strategy, and a cybersecurity framework for their AWS environment, this breach would have likely been avoided.
NIST Cybersecurity Framework
The National Institute of Standards and Technology (NIST) created a Cybersecurity Framework (CSF) in 2014. The framework was a collaborative effort between government and private sector organizations and provides globally recognized standards for cybersecurity. While the framework was initially designed to provide best practices for on-premises infrastructure, many of its guidelines should be extended to manage risks across cloud-computing environments.
Learn top best practices for cloud security and the selection criteria you must prioritize to identify, protect, detect and respond to cybersecurity threats.
These guidelines provide a very useful checklist for cloud cybersecurity. Consider these recommendations in the following critical categories:
- Identify – A cybersecurity framework should identify resources and applications and build a flow map of your data. It should also account for third party feed ingestion, such as vulnerability data, to enrich your risk models then apply automated risk scoring to prioritize your resource risk.
- Protect – An effective cybersecurity framework should also monitor your identity and access management role configurations and network configurations and immediately auto-remediate issues. It should also monitor data-at-rest and data-in-transit encryption configurations, automate configuration baseline creation and monitoring and enable audit logs.
- Detect – To detect threats, the cybersecurity framework used should leverage advanced artificial intelligence (AI) to create user and network behavior baselines. It should also enable event correlation for user activity, network traffic and threat intelligence data and alert with risk context. Robust monitoring should also be provided including network, user activity, resource and vulnerability monitoring for comprehensive threat detection.
- Respond – For what is perhaps the most critical component of cybersecurity, response, the selected framework needs to provide an interactive risk map with a downstream impact analysis. It should also be able to perform incident investigation, recommend steps that should be taken to contain the incident and integrate with existing enterprise workflow management tools to auto-remediate issues.
Cloud Security Risk Assessment
Can you answer the following questions about your cloud environments?
- Are there any resources with risky configurations?
- Are there unpatched hosts in your environment?
- Have there been any network intrusions?
- Are there insider threats?
- Have any accounts been compromised?
If you’re not sure, contact us to schedule your Free Risk Assessment today. Don’t “do an Uber.” Be prepared with the cybersecurity framework that will safeguard your cloud data.
 Gartner, “What CIOs Need to Know and Do to Exploit Cloud Computing,” June 27, 2017