Live from InfoSecurity Europe 2019: Understanding the Cloud Security Conversation
Lastline is once again participating in Infosecurity Europe in London. And while there are numerous hot topics being discussed, cloud security quickly rose to the top.
Migrating to the cloud and the security of those workloads are understandably a concern for many that are undergoing digital transformations. These organizations know that embracing the cloud is necessary as a means of facilitating business in today’s modern world. This understanding helps to explain why public cloud adoption amongst organizations increased from 89 percent in 2017 to 92 percent a year later, as revealed in the RightScale 2018 State of the Cloud Report.
Even so, migrating to the cloud comes with its fair share of risks. Organizations must specifically grapple with a number of digital security threats that threaten their cloud-based assets and data. Here are just a few of those dangers:
- Exposed S3 buckets: Organizations sometimes misconfigure their Amazon Simple Storage Service (S3) object service buckets and thereby leave their data accessible to the public. Many organizations have already suffered these types of data disclosures. In April 2019, for instance, UpGuard detected an unsecured third-party developed Facebook app dataset belonging to Cultura Colectiva that contained 540 million records including Facebook comments, likes, reactions, account names and IDs at the time of exposure.
- Attacks against CSPs: Bad actors are also going after CSPs as a way of disrupting business and/or exposing the data of a large number of organizations. This is what happened on Christmas Eve 2018 when digital attackers used a Ryuk ransomware infection against cloud hosting provider Dataresolution.net. As reported by KrebsonSecurity, Dataresolution.net was still working on restoring email access and multiple databases for clients more than a week after the attack occurred.
- Abuse of the cloud to launch attacks: Finally, malefactors are using cloud services to stage their own attacks. In May 2019, for instance, Bleeping Computer observed how tech support scams were increasingly migrating to the Microsoft Azure cloud platform. The site reasoned that digital criminals were making this shift because Azure supports easy deployment and inexpensive web hosting, properties which are invaluable to fraudsters when launching a spam campaign.
In response to the digital threats discussed above, organizations are struggling to decide on which security technologies to put in place for the cloud. They’re also trying to learn what new security issues result from the cloud. These challenges raise the following question: what can organizations do to effectively defend themselves against cloud security threats?
A Wealth of Answers at Infosecurity 2019
To answer this question, let’s now turn to several cloud security-themed talks that we attended at Infosecurity Europe 2019. Let’s start at the beginning with “Cloud Risk Decoder Ring: Shared Responsibility & Ways to Avoid Self-Inflicted Harm.” This session emphasized how organizations need to fulfill “security in the cloud” under the shared responsibility model. In other words, the presentation stressed how organizations need to strike a balance between controls and monitoring to secure what data or assets they choose to host in the cloud.
Data security is clearly an important topic when it comes to defending against cloud security threats, a point which came across in “How to Secure Your Data in the Cloud.” This presentation discussed the necessity of both securely encrypting data stored in the cloud and maintaining full control of encryption keys. Reflecting the increasingly mobile workforces that drive business, the session also weighed in on best practices which organizations can use to carefully and easily share sensitive data stored within the cloud.
Of course, cloud security challenges aren’t just a concern in the public and private clouds. In fact, it’s especially challenging for organizations to counter digital threats when they have hybrid clouds. These environments consist of both on-premises and cloud-based assets, a mix which makes the task of uniformly securing these resources a difficult one.
Fortunately, those presenting at Infosecurity 2019 were well-aware of these obstacles. For instance, one talk, “The Key to Securing Your Hybrid Cloud Starts with ‘ABC,’” focused in on the importance of organizations gaining visibility over their networks and optimizing their vulnerability management programs. Another presentation, “Taming the Storm Clouds: Managing Network Security Across the Hybrid & Multi-Cloud Estate,” pointed out that professionals can easily and automatically identify security risks and misconfigurations in their hybrid environments. It also extended this logic and weighed in on how personnel can then use this process to obtain a cross-network-estate risk analysis, a resource which is essential to securing the greater IT environment.
A Dash of Perspective
I’m pleased to see that there was so much discussion about cloud security at Infosecurity 2019. But from what I saw personally, many IT decision makers in attendance were still ill-informed about the risks involved. The fact of the matter is that on-premises security solutions don’t work in the cloud. This is a problem, as companies are migrating workloads to the cloud faster than they’re upgrading their security beyond what platform providers can (insufficiently) deliver. Security teams, therefore, need to step into the cloud debate and slow down the migration until they can implement adequate security solutions. These tools should ideally be capable of delivering unmatched visibility of advanced threats targeting their cloud environments.
Learn how Lastline can provide the necessary level of protection for your public cloud workloads.