How to bolster cyber security in cloud-native environments

Remote working has become the new normal, with the Covid-19 pandemic forcing companies globally to switch to a home working model, creating more distributed workforces.

Cloud applications and systems are part of what has made this all possible and kept so many businesses productive while countries, states and cities switch lockdowns on and off.

The IDG’s Cloud Computing Study 2020 report paints a clear picture of the impact of cloud computing on enterprise IT. Over 90% of businesses now rely — at least partly — on the cloud.

It’s no surprise that this efficient and convenient system has its issues, however. A system that runs solely online and can be accessed by anyone, anywhere is going to be more vulnerable and accessible to cybercriminals if left unprotected.

IT teams also must contend with a more complex security environment, being challenged by Shadow IT, sprawl and an absence of container runtime protection. So, how can organisations protect their IT environments while leveraging the full benefits of a cloud-native approach?

A new world order

Although the concept of cloud-native isn’t set in stone, the clue is in the name. Cloud-native platforms are those created specifically for the cloud, rather than integrating old, out-dated tech architecture into a newer model.

In short, these newer systems need a more advanced data protection to pre-existing business servers.

In cloud systems, there are issues that can cause major cyber vulnerabilities — some are simply at the mercy of human nature and error, while others are more integral to the mass scalability of the cloud environment itself.

The cloud demands its own security strategy, otherwise known as a ‘shared responsibility model’, so cloud service providers (CSP) must take responsibility for the protection of the cloud itself. Past this, consumers and businesses alike must ensure their own information within the cloud is secure. If one side lets down the other, data is immediately at risk.

With the rapid transition to remote working during the pandemic, businesses have had to rely more heavily on the cloud and this hasn’t gone unnoticed by cybercriminals. Security breaches have become more of a direct threat to companies than they once were.

According to the 2021 CrowdStrike Global Threat Report, threat actors are increasingly using ransomware tactics using data extortion to hold data “to ransom” for often huge sums of money. In 2020, there were 1,430 attacks detected by CrowdStrike Intelligence team that used data extortion techniques.

Understanding why security breaches occur more frequently in the cloud is key to creating and maintaining a secure IT estate.

Cloud security: The latest thinking, a guide to implementing cloud securely

Cloud offers multiple benefits, including the ability to scale up and down quickly to meet demand. But some firms – especially in highly-regulated industries such as financial services – have been slow to adopt the technology due to concerns over cloud security. Kate O’Flaherty takes up the tale. Read here

Fit-for-purpose security for the cloud

In response to the radical shift in attacker focus, security must be moved forwards in the process and embedded during development — what we call a “shift-left” security strategy.

Simply put, security cannot be an afterthought. The wide availability of cloud architecture is simultaneously one of its greatest strengths and weaknesses.

When taking a “shift-left” approach, IT teams move security to the earliest possible point within the multi-stage CI/CD process when setting up these applications.

Working alongside security developers throughout the CI/CD process allows each step to have its own assured safety procedures, avoiding vulnerabilities opening-up in the first place.

As well as bolstering security early on in the process of design and deployment, a shift-left approach can also increase speed-to-rollout and cut costs.

In fact, research shows addressing security issues in the design phase is six times cheaper than making it an additional feature, and better yet 15 times more cost-effective than making the security changes in the testing phase.

CNAPP: The unrivalled form of cloud-native protection

Traditionally, organisations have relied on two main cloud security tools. ‘CPSM’ (Cloud Security Posture Management) preventing misconfigurations and ensuring compliance during the testing and building stage, followed by Cloud Workload Protection (CWP) to secure the deployment and operation of all applications across the cloud network.

However, these two entities are secular and can leave organisations with vulnerable blind spots that attackers are all too quick to exploit. Whether these products are supplied by the same vendor or not, some organisations may experience issues with interoperability.

This can put a strain on internal IT teams, as they are dealing with two systems that do not integrate well, leaving them with double the workload.

The demand for integrated security stacks is growing with the ever-increasing use of cloud-native infrastructure. The flaws of CSPM and CWP are becoming all too apparent which has led to the development of Cloud-Native App Protection Platforms (CNAPPs).

CNAPPs provide a more consistent level of protection for cloud-native infrastructure, from development through to operation. This seamless lifecycle of protection has transformed the way businesses are able to secure their cloud environments.

Using one protection system removes the complications and barriers, making it easier for organisations to gain a 360-degree view of their cloud environment and identify potential security threats in real time. It also removes room for human error, common when collating and correlating data from different sources.

There are countless advantages to having one comprehensive solution to cloud-native security – minimising the strain on IT teams, cost-reductions and the removal of gaps in protection to name but a few.

Written by David Puzas, Sr. product manager, cloud security at CrowdStrike

Editor's Choice

Editor's Choice consists of the best articles written by third parties and selected by our editors. You can contact us at timothy.adler at stubbenedge.com