The Top 3 Trends

The Top 3 Trends

Cloud security faces its own security issues

  • By Paul Fletcher
  • Sep 01, 2016

Cloud environments give companies a cost-effective, easy-to-use data store solution. In fact, analysts predict that cloud spending will cross a $200 billion tipping point in 2016. But, there’s a catch. The rapid growth of cloud adoption has left many organizations playing catch up, struggling to outline proper and complete cloud security strategy to protect these new data environments. Consequently, organizations may proceed with cloud migration and adoption, in order to take advantage of all the very real cost-saving and efficiency outcomes, but many are left with unprotected sections of their application stack. Due to the increased threat diversity in the cloud, it’s important for companies to seek out cloud-native security solutions that are custom-made and purpose-built for the cloud.

PURPOSE-BUILT CLOUD SECURITY

With today’s constantly changing threat landscape and the increasing adoption of cloud, security should be top of mind for organizations of all sizes. In fact, a 451 Research and TheInfoPro survey highlights that more than 92 percent of respondents put security capabilities at the top of their list when selecting a cloud security provider. Even though incident frequency is still generally greater in on-premises environments, attacks against cloud infrastructures are growing at a faster rate, according to Alert Logic’s 2015 Cloud Security Report.

Legacy security solutions that were originally designed for on-premises infrastructures do not and cannot adequately protect cloud applications. A simple forklift move of applications from a data center to the cloud without proper analysis and appropriate security measures may leave attack vectors, paths through which a hacker can gain access to an environment, exposed.

Instead, companies must consider the correct plan of attack for both on-premises and cloud hosting provider (CHP) environments. Consider the appropriate security measures to accompany application migration. Because legacy security products are primarily geared toward protection of on-premises attack vectors, like malware, these products will not defend cloud deployments against CHP-specific vectors like web application attacks.

Organizations need to take responsibility for the continuous process of evaluating and analyzing procedures and tools in order to optimize solutions for their environments and safeguard against the growing threat persistence and landscape. With the recent news surrounding retailer and financial institution information breaches, it is not surprising that companies are looking to cloud and security providers for solutions. For effective cloud security to operate and scale properly while providing the right level of detection and protection, tight integration with the underlying cloud platform is required.

CLOUD SECURITY TRENDS IN 2016 AND BEYOND

Brute force attacks and vulnerability scans occur at similar rates in both cloud and on-premises environments. The ease of attack execution has led to this convergence, along with the movement of traditional enterprise workloads to the cloud, including more “theft-worthy” data. We are now in the throes of cloud adoption and cloud security innovation. Top security offerings for purpose-built cloud security include infrastructure and web application security, end-to-end encryption and use of a managed security service for threat detection and log monitoring.

Here are three trends that will continue to shape the industry and drive cloud security expansion in the next few years.

Security designed for the cloud. The industry needs to lead with the message that cloud environments can and should be safer than on-premises data centers. Applications are moving to the cloud because of the benefit of improved operations through a DevOps model, which emphasizes collaboration between software developers and IT operations to optimize deployment of products and services.

With this, organizations can automate continuous delivery, from code to quality assurance to full production pushes, using tools that address confirmation management, test system, application deployment and monitoring. When moving applications to the cloud, companies can also wrap specific controls and tailored policies around that application stack. In doing this, areas that are available to attackers become smaller. Organizations can then achieve a higher level of functionality in the cloud than in an enterprise data center. In the future, expect security solutions that are specifically designed for the cloud, programmable and highly automated, and able to deploy and auto-scale with minimal effort.

Big data security analytics. In cloud deployments, the vast majority of what is needed to analyze and identify security incidents is not being seen by most legacy security products. Traditionally, security has been focused on security logs, but these logs offer a limited vantage point when working to comprehend activity across an entire application stack. For this reason, machine data and analytics are compulsory for a strong security posture.

Machine data includes information from system logs, database transactions, application logs, configuration statistics and network telemetry. The ability to view all of these entities reveals up to 80 percent more attack indications, enabled by grid processing, machine learning and big data analytics techniques. In this data, many of the logs are custom, and security teams may not know what to do with them. With today’s cloud security solutions, companies can pull in logs and couple them with machine data for thorough intelligence that offers a better “big data” security vantage point.

Cloud threat intelligence. Threat intelligence, one of the most active fields of research in security today, includes context, indicators of compromise and actionable data about malicious actors. It helps to further identify threats with the highest fidelity and augments security analytics for both pre- and post-compromise activity.

Threat intelligence provides insight into quantitative data such as malicious IPs, domains and URLs, as well as qualitative information around new attack methods including campaigns, tools, and techniques. By leveraging threat intelligence and identifying threats before, during and after an attack, cloud providers are able to deliver higher levels of security for their customer base.

Threat intelligence partnerships can only yield more comprehensive security programs. For instance, a provider may send malicious code to a threat intelligence lab to be analyzed and then compiled into intelligence feeds.

All in all, as an effect of automation and cloud computing, we are seeing a dramatic change in the security industry with regard to how security is designed, delivered and what constitutes the “right” security strategy. In the next two to three years, there will be more specialization—some companies will focus strictly on on-premises environments, while others will hone in on the cloud. In terms of specific initiatives to make the cloud more secure than traditional data centers, we are just scratching the surface. Organizations that partner with cloud providers for cloud-specific security solutions are few and far between, but we can expect this to change as cloud adoption becomes more widespread in the years to come.

This article originally appeared in the September 2016 issue of Security Today.

Featured

  • Smarter Access Starts with Flexibility

    Today’s workplaces are undergoing a rapid evolution, driven by hybrid work models, emerging smart technologies, and flexible work schedules. To keep pace with growing workplace demands, buildings are becoming more dynamic – capable of adapting to how people move, work, and interact in real-time. Read Now

  • Trends Keeping an Eye on Business Decisions

    Today, AI continues to transform the way data is used to make important business decisions. AI and the cloud together are redefining how video surveillance systems are being used to simulate human intelligence by combining data analysis, prediction, and process automation with minimal human intervention. Many organizations are upgrading their surveillance systems to reap the benefits of technologies like AI and cloud applications. Read Now

  • The Future is Happening Outside the Cloud

    For years, the cloud has captivated the physical security industry. And for good reason. Remote access, elastic scalability and simplified maintenance reshaped how we think about deploying and managing systems. But as the number of cameras grows and resolutions push from HD to 4K and beyond, the cloud’s limits are becoming unavoidable. Bandwidth bottlenecks. Latency lags. Rising storage costs. These are not abstract concerns. Read Now

  • Right-Wing Activist Charlie Kirk Dies After Utah Valley University Shooting

    Charlie Kirk, a popular conservative activist and founder of Turning Point USA, died Wednesday after being shot during an on-campus event at Utah Valley University in Orem, Utah Read Now

  • The Impact of Convergence Between IT and Physical Security

    For years, the worlds of physical security and information technology (IT) remained separate. While they shared common goals and interests, they often worked in silos. Read Now

Most   Popular

New Products

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure.

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.