The opportunities and benefits of the cloud have created new business models for organisations. But at the same time, criminal enterprises and other threat actors have reaped a harvest. Cloud is the next battleground for cybersecurity
Cloud-conscious adversaries conduct sophisticated attack chains across cloud and container environments. These attacks don’t just target cloud infrastructure. A cloud conscious adversary targets cloud infrastructure, cloud identity and cloud services within an attack chain. While organisations have been embracing cloud technologies for well over a decade, security strategies are still mired in the past. Detection, defensive and response plans have not kept pace with new attack methods and tools used by today’s threat actors.
The pandemic-driven transition to remote and hybrid work environments rapidly accelerated digital transformation projects with the adoption of cloud and hybrid technologies the default decision when it comes to enterprise systems. But security tools and processes have not kept pace.
Chris Hosking, International Cloud Security Practice Lead for CrowdStrike, explains.
“Organisations often use several different tools or vendors to provide their cloud security capabilities. But these tools were built to create and operate clean environments and are often inadequate for understanding when an attack is happening and to help you to respond. The problem isn’t a lack of security capabilities in cloud environments. It’s that these capabilities aren’t contextual to each other.”
Without a single view of everything in a cloud environment – cloud infrastructure, cloud services and cloud identity – it’s not possible to prevent, detect and respond to attacks. Cloud, DevOps and infrastructure teams need a complete view that enables them to hunt for anomalous behaviour so they can cooperate to protect data and systems. This view needs to span the entire cloud estate in order to detect and combat cloud adversaries.
Technology alone is not the solution. Hosking says it’s also about people and processes. But without that single view, it’s impossible to defend against well-resourced and motivated attackers who understand cloud environments. A unified view that spans every aspect of your cloud infrastructure brings teams closer together to protect your cloud environment.
Today’s defensive capability must be designed specifically for the cloud to be ready for today’s threats. It must protect, detect and respond to cloud-conscious attackers that are playing by a new set of rules and not designed with the assumptions of the past.
Access the full iTnews State of Security report: Here