Intelligent CISO Issue 74 | Page 39

f

e

a

t

u

r

e

approach to security , providing organisations with enhanced visibility , control , and resilience across hybrid and multi-cloud environments .
With ZTS organisations can easily visualise their cloud workload connectivity , including traffic flows across managed and unmanaged workloads . It also allows proactive segmentation of the network which makes it easier to contain attacks and reduces the area needed to investigate in the response process .
Aside from investing in new tools , CISOs must ensure that teams are educated on effective cloud security measures . This avoids the common oversight of employees not being able to identify and rectify misconfigurations which can open the floodgates to a breach . Organisations should work to transform employees from potential security risks into active and informed participants within the security posture .
This is best achieved through regular training sessions and keeping staff updated with new trends in the threat landscape . A well-informed team can significantly mitigate an organisation ’ s risk and increase overall cyber-resilience , helping any CISO to sleep at night .
Stefan Schachinger , Senior Consulting Engineer , Network Security , Barracuda Networks
Cloud computing offers businesses the ability to implement IT activities faster , more efficiently , and at scale , without having to invest in and manage costly infrastructure . Today , cloud computing underpins business innovation , growth and agility , supporting communications , collaboration , application – and data – platforms , and as-a-service offerings , including AI tools . Gartner estimates that worldwide spending on public cloud services alone will increase by a fifth in 2024 , to total US $ 678.8 billion .
Cloud environments are a growing target for cyberattack . There are number of reasons for this . The first is simple : attackers go where businesses go . In February 2024 the UK ’ s NCSC and the U . S . NSA jointly issued a warning that advanced threat actors were targeting intelligence hosted in cloud environments because a growing number of their targets store data in the cloud .
Further , cloud environments can be complex . Organisations often have private , public or hybrid clouds , and multi-cloud set ups involving different providers . Such environments are resourceintensive to manage and can limit overall visibility , making it is harder for defenders to detect and respond to a security alert or incident .
Any security oversight represents a potential access point for attackers . Weak access and authentication measures can allow attackers to break in using stolen or brute-forced credentials . Under-protected APIs , misconfigured cloud resources , open Internetfacing assets , unaddressed software vulnerabilities , insecure third-party resources , and system vulnerabilities can also all lead to unauthorised service access , data breaches and leaks .
CIOs need to understand and address the different and often interrelated risks facing their cloud environments . Data protection is critical . Cloud providers are responsible for securing the infrastructure , but customers are responsible for protecting their own data within the cloud . Robust access and authentication measures , including least-privilege access and restricted rights are key to preventing unauthorised access to data , and limiting the potential for lateral movement and extended impact . Multifactor authentication should be the minimum standard , and many organisations are moving towards a Zero Trust approach .
Zero Trust involves tools and processes that continuously verify both the user and their trusted devices and matches these with the assets the user is permitted to access . This means that only authorised individuals can access specific resources in the cloud . Data should always be encrypted .
These measures should sit within defence-indepth security technologies that work seamlessly across on-premises , public , private and hybrid cloud implementations . Consider implementing immutable cloud-to-cloud back up to protect data from tampering and loss , and web application firewalls to protect APIs .
All of this should be underpinned by continuous employee awareness training and security assessments to identify and mitigate potential vulnerabilities , from misconfigurations to software bugs .
Cloud environments are a growing target for cyberattack .
The second reason is related to the speed and nature of many cloud deployments . When IT teams are under pressure to implement cloud-hosted services quickly , looking for and addressing security gaps can take second place .
Reports show that in 2023 , 48 % of businesses stored their most important data in the cloud and the average employee now uses 36 cloud-based services every day . Cloud-based IT is business critical and deserves to be protected accordingly .
WWW . INTELLIGENTCISO . COM 39