It’s a familiar story in\ntech: new technologies and shifting preferences raise new security challenges.\nOne of the most pressing challenges today involves monitoring and securing all\nof the applications and data currently undergoing a mass migration to public\nand private cloud platforms.<\/p>\n\n\n\n
Malicious actors are\nmotivated to compromise and control cloud-hosted resources because they can gain\naccess to significant computing power through this attack vector. These\nresources can then be exploited for a number of criminal money-making schemes<\/a>, including\ncryptomining, DDoS extortion, ransomware and phishing campaigns, spam relay,\nand for issuing botnet command-and-control instructions. For these reasons\u2014and\nbecause so much critical and sensitive data is migrating to cloud platforms\u2014it\u2019s\nessential that talented and well-resourced security teams focus their efforts\non cloud security.<\/p>\n\n\n\n The cybersecurity risks\nassociated with cloud infrastructure generally mirror the risks that have been\nfacing businesses online for years: malware, phishing, etc. A common\nmisconception is that compromised cloud services have a less severe impact than\nmore traditional, on-premise compromises. That misunderstanding leads some\nadministrators and operations teams to cut corners when it comes to the\nsecurity of their cloud infrastructure. In other cases, there is a na\u00efve belief\nthat cloud hosting providers will provide the necessary security for their\ncloud-hosted services.<\/p>\n\n\n\n Although many of the leading cloud service providers are beginning to build more comprehensive and advanced security offerings into their platforms (often as extra-cost options), cloud-hosted services<\/a> still require the same level of risk management, ongoing monitoring, upgrades, backups, and maintenance as traditional infrastructure.\u00a0For example, in a cloud environment, egress filtering is often neglected. But, when egress filtering is invested in, it can foil a number of attacks on its own, particularly when combined with a proven web classification and reputation service. The same is true of management access controls, two-factor authentication, patch management, backups, and SOC monitoring.\u00a0Web application firewalls, backed by commercial-grade IP reputation services<\/a>, are another often overlooked layer of protection for cloud services.<\/p>\n\n\n\n Many midsize and large\nenterprises are starting to look to the cloud for new wide-area network (WAN)\noptions. Again, here lies a great opportunity to enhance the security of your\nWAN, whilst also achieving the scalability, flexibility, and cost-saving\noutcomes that are often the primary goals of such projects. When selecting these types of solutions, it\u2019s\nimportant to look\nat the integrated security options<\/a> offered by vendors.<\/p>\n\n\n\n Another danger of the\ncloud is the ease and speed of deployment. This can lead to rapidly\nprototyped solutions being brought into service without adequate oversight from\nsecurity teams. It can also lead to complacency, as the knowledge that a\ncompromised host can be replaced in seconds may lead some to invest less in upfront\nprotection. But it\u2019s critical that all infrastructure components are\nproperly protected and maintained because attacks are now so highly automated\nthat significant damage can be done in a very short period of time. This\napplies both to the target of the attack itself and in the form of collateral\ndamage, as the compromised servers are used to stage further attacks.<\/p>\n\n\n\n Finally, the utilitarian\nvalue of the cloud is also what leads to its higher risk exposure, since users\nare focused on a particular outcome (e.g. storage) and processing of large\nvolumes of data at high speeds. Their solutions-based focus may not accommodate\na comprehensive end-to-end security strategy well. The dynamic pressures\nof business must be supported by newer and more dynamic approaches to security that\nensure the speed of deployment for applications can be matched by automated\nSecOps deployments and engagements.<\/p>\n\n\n\n If you haven\u2019t recently\nhad a review of how you are securing your resources in the cloud, perhaps now\nis a good time. Consider what\u2019s allowed in and out of all your infrastructure\nand how you retake control. Ensure that the solutions you are considering have\nintegrated, actionable threat intelligence for another layer of defense in this\ndynamic threat environment. <\/p>\n\n\n\nHaste makes waste<\/h2>\n\n\n\n
Time for action<\/h2>\n\n\n\n