Why We’re Here
Cloud security is hard. The only security responsibility that is shifted to the cloud vendor is physical security – secure data centers, redundant power, etc. All the logical security requirements and challenges remain the responsibility of the customer:
Network security (firewalls, segmentation, encryption, DoS)
End-point security (malware, patching, etc)
Data security (encryption at rest, encryption in transit, access control, backups)
Identity Management (password protection, authorization, MFA)
Monitoring (network access, user access, threat detection)
And there are additional challenges related to cloud computing – the same business benefits that lead to cloud adoption create security challenges:
Misconfiguration of public cloud is the biggest security threat
62% of security professionals recognize misconfigurations as the biggest security threat.
Source: 2018 Cloud Security Report, Cybersecurity Insiders
Nearly all successful attacks on cloud services are the result of customer misconfiguration, mismanagement and mistakes. Security and risk management leaders should invest in cloud security posture management processes and tools to proactively and reactively identify and remediate these risks.
– Gartner, Innovation Insight for Cloud Security Posture Management, (01/25/2019)
For security to succeed at scale in the cloud, you must use automation
– Steve Schmidt, Amazon CISO
Data breaches continue to take place at an alarming rate
breaches have been reported in the first half of 2019.
increase year over year.
of records got exposed because of misconfigurations
Source: IBM, Risk Based Security
Does this mean the cloud is less secure than a traditional data center?
No! But it does require a new approach.