Logo Header Menu

How to bolster cyber security in cloud-native environments

David Puzas, Sr. product manager, cloud security at CrowdStrike, explains how to bolster cyber security in cloud-native environments How to bolster cyber security in cloud-native environments image

Remote working has become the new normal, with the Covid-19 pandemic forcing companies globally to switch to a home working model, creating more distributed workforces.

Cloud applications and systems are part of what has made this all possible and kept so many businesses productive while countries, states and cities switch lockdowns on and off.

The IDG’s Cloud Computing Study 2020 report paints a clear picture of the impact of cloud computing on enterprise IT. Over 90% of businesses now rely — at least partly — on the cloud.

It’s no surprise that this efficient and convenient system has its issues, however. A system that runs solely online and can be accessed by anyone, anywhere is going to be more vulnerable and accessible to cybercriminals if left unprotected.

IT teams also must contend with a more complex security environment, being challenged by Shadow IT, sprawl and an absence of container runtime protection. So, how can organisations protect their IT environments while leveraging the full benefits of a cloud-native approach?

A new world order

Although the concept of cloud-native isn’t set in stone, the clue is in the name. Cloud-native platforms are those created specifically for the cloud, rather than integrating old, out-dated tech architecture into a newer model.

In short, these newer systems need a more advanced data protection to pre-existing business servers.

In cloud systems, there are issues that can cause major cyber vulnerabilities — some are simply at the mercy of human nature and error, while others are more integral to the mass scalability of the cloud environment itself.

The cloud demands its own security strategy, otherwise known as a ‘shared responsibility model’, so cloud service providers (CSP) must take responsibility for the protection of the cloud itself. Past this, consumers and businesses alike must ensure their own information within the cloud is secure. If one side lets down the other, data is immediately at risk.

With the rapid transition to remote working during the pandemic, businesses have had to rely more heavily on the cloud and this hasn’t gone unnoticed by cybercriminals. Security breaches have become more of a direct threat to companies than they once were.

According to the 2021 CrowdStrike Global Threat Report, threat actors are increasingly using ransomware tactics using data extortion to hold data “to ransom” for often huge sums of money. In 2020, there were 1,430 attacks detected by CrowdStrike Intelligence team that used data extortion techniques.

Understanding why security breaches occur more frequently in the cloud is key to creating and maintaining a secure IT estate.

Cloud security: The latest thinking, a guide to implementing cloud securely

Cloud offers multiple benefits, including the ability to scale up and down quickly to meet demand. But some firms – especially in highly-regulated industries such as financial services – have been slow to adopt the technology due to concerns over cloud security. Kate O’Flaherty takes up the tale. Read here

Fit-for-purpose security for the cloud

In response to the radical shift in attacker focus, security must be moved forwards in the process and embedded during development — what we call a “shift-left” security strategy.

Simply put, security cannot be an afterthought. The wide availability of cloud architecture is simultaneously one of its greatest strengths and weaknesses.

When taking a “shift-left” approach, IT teams move security to the earliest possible point within the multi-stage CI/CD process when setting up these applications.

Working alongside security developers throughout the CI/CD process allows each step to have its own assured safety procedures, avoiding vulnerabilities opening-up in the first place.

As well as bolstering security early on in the process of design and deployment, a shift-left approach can also increase speed-to-rollout and cut costs.

In fact, research shows addressing security issues in the design phase is six times cheaper than making it an additional feature, and better yet 15 times more cost-effective than making the security changes in the testing phase.

CNAPP: The unrivalled form of cloud-native protection

Traditionally, organisations have relied on two main cloud security tools. ‘CPSM’ (Cloud Security Posture Management) preventing misconfigurations and ensuring compliance during the testing and building stage, followed by Cloud Workload Protection (CWP) to secure the deployment and operation of all applications across the cloud network.

However, these two entities are secular and can leave organisations with vulnerable blind spots that attackers are all too quick to exploit. Whether these products are supplied by the same vendor or not, some organisations may experience issues with interoperability.

This can put a strain on internal IT teams, as they are dealing with two systems that do not integrate well, leaving them with double the workload.

The demand for integrated security stacks is growing with the ever-increasing use of cloud-native infrastructure. The flaws of CSPM and CWP are becoming all too apparent which has led to the development of Cloud-Native App Protection Platforms (CNAPPs).

CNAPPs provide a more consistent level of protection for cloud-native infrastructure, from development through to operation. This seamless lifecycle of protection has transformed the way businesses are able to secure their cloud environments.

Using one protection system removes the complications and barriers, making it easier for organisations to gain a 360-degree view of their cloud environment and identify potential security threats in real time. It also removes room for human error, common when collating and correlating data from different sources.

There are countless advantages to having one comprehensive solution to cloud-native security – minimising the strain on IT teams, cost-reductions and the removal of gaps in protection to name but a few.

Written by David Puzas, Sr. product manager, cloud security at CrowdStrike

Latest news

divider
Cybersecurity
Mitigating security risks when returning to the office

Mitigating security risks when returning to the office

20 April 2021 / It’s over a year ago that companies all over the globe kickstarted an unprecedented mission [...]

divider
Cybersecurity
The security impact of shadow IT

The security impact of shadow IT

20 April 2021 / Shadow IT is invisible to you. It might not be covered on your asset lists, [...]

divider
People Moves
Mollie appoints new chair and board member

Mollie appoints new chair and board member

20 April 2021 / New Mollie chair Leenaars is currently vice-chairman of global wealth management at UBS, and will [...]

divider
People Moves
Kpler appoints Mark Cunningham as chief financial officer

Kpler appoints Mark Cunningham as chief financial officer

19 April 2021 / Joining today, new Kpler hire Cunningham, who will be based in Edinburgh, arrives from Wood [...]

divider
AI & Machine Learning
How to sharpen machine learning with smarter management of edge cases

How to sharpen machine learning with smarter management of edge cases

19 April 2021 / Machine learning (ML) applications are transforming business strategy, popping up in every vertical and niche [...]

divider
Cybersecurity
The next SolarWinds crisis is closer than you think

The next SolarWinds crisis is closer than you think

19 April 2021 / We all need to learn the hard way sometimes. Whether it’s forgetting to stretch after [...]

divider
Cybersecurity
The next wave of cyber adversaries, and how to protect against them

The next wave of cyber adversaries, and how to protect against them

16 April 2021 / Research in CrowdStrike’s 2021 Global Threat Report highlights that eCrime attacks made up 79% of [...]

divider
Blockchain
What is the market opportunity for NFTs?

What is the market opportunity for NFTs?

15 April 2021 / Blockchain has become the centre of the tech space in recent years, and is here [...]

divider
Telecoms
O2-Virgin merger “a boon for the UK telecoms industry” — NTT DATA UK CEO

O2-Virgin merger “a boon for the UK telecoms industry” — NTT DATA UK CEO

15 April 2021 / The merger of O2 and Virgin Media was approved by the Competition and Markets Authority [...]

Information Age

Pin It on Pinterest