A good wall used to mean a lot more than it does in the age of airplanes and ballistic missiles. As an invention, the cloud is similar in its impact on endpoint security. We can no longer expect the endpoint protection we invested in two decades ago to protect us. You might have heard about concepts like Zero Trust and AI in cybersecurity. Now you are about to understand why tools and strategies like these are absolutely necessary, whether your organization embraces the cloud or not.
Why do cloud orgs need to change security practices?
Let’s start with the business that leverages the cloud. Organizations like these are the first to need advanced protection. It’s not because the cloud is insecure. It is because utilization of private and public cloud infrastructure usually occurs alongside two major changes.
- More inter-network traffic — A mix of private and public cloud means that users are often splayed across networks, and more activity moves across networks. The amount of traffic crossing endpoints increases exponentially as compared with traditional business networks.
- Change itself — By utilizing public and private cloud, the organization becomes much more flexible and capable of change. Need a new application for Sales? The most complicated process is the purchase of the tool. Unwrapping it and putting it to use takes remarkably little time for simple applications. The rate of change makes cloud networks a rapidly growing and changing target for security teams to protect.
We need to acknowledge the impact that these cloud-driven practices have on network security, as they not only mean that network security practices need to change; they also mean that the resources used to protect the network need to change.
If a CEO says, we need to start selling in China, the company will understand that more salespeople are needed, and Sales will need to consider a whole host of new challenges, allocating resources and setting infrastructure accordingly.
Many organizations are unaware that cloud-driven practices place increased pressure on network security – not because the cloud is insecure, but because there is so much increased activity. We do not mean that businesses should stay inside their private networks in order to protect themselves. The cloud is a powerful tool that competitors — and even hackers — use.
Small Businesses Can’t Hide from the Cloud
Traditional network protection is no longer an adequate repellent to modern cyberattacks. Ransomware as a Service (RaaS) has become increasingly commonplace on the dark web, enabling even the most inexperienced hackers to deploy the world’s most cutting-edge malware to cripple and extract ransom from their intended victims (Forbes, “The Destructive Rise of Malware as a Service).
Competitors are also using multi-cloud deployments, taking advantage of Customer Relationship Management (CRM) tools, Microsoft 365, and other cloud-only products that build sophisticated new tools into their feature sets. There is some Marketing fluff around many of these products, but there is also a foundational business value that is driving more productivity to cloud businesses.
Staying behind endpoint security is no way to remain productive and profitable as a business. Using the cloud intelligently, is. “Intelligently” simply means acknowledging the impact that the cloud has on security and taking adequate actions to maintain defense.
Cloud Cybersecurity Requires a Zero Trust Mindset
The flexibility that cloud affords leads us to a position where enforcing endpoints is no longer easy, and the level of interpenetrating network traffic means that we need to expand resources to protect the network from the inside, as well. That is Zero Trust.
Plenty of Zero Trust tools exist and are commonly used today, such as Multi-Factor Authentication, Zero Trust Identity and Access Management (IAM), Role-Based Access Control (RBAC), and more. These are like the anti-aircraft guns and missile silos that you would deploy to help defend that old wall of yours.
In addition to these technologies, protecting networks also requires continuous activities that seek out malicious activity. You need systems and processes to actively seek out Indicators of Compromise (IoCs), as well as common Tactics, Techniques and Procedures (TTPs). This also requires the ability to investigate and understand cloud systems.
A mindset needs people
These activities can be conducted by tools, to some extent. There are sophisticated tools that utilize AI to perform these functions and report. However, a human is still needed, so that when a tool does alert to suspicious activity, a professional can either invalidate or investigate further.
With the increasing level of network activity and the rapid evolution of the hacker toolset, we do need experienced personnel to prioritize network protection. For large organizations, this means more IT security specialists. For small businesses, this often means a modern Managed Security Services Provider.
If you have any questions about how to improve your security posture efficiently and effectively, please email david@platteriver.com.