Getting Aggressive with Cloud Cybersecurity

Cloud cybersecurity should be addressed proactively in order to detect lurking vulnerabilities before threat actors can attack. Here’s what IT leaders need to know to get the upper hand on cloud cybersecurity.

John Edwards, Technology Journalist & Author

November 6, 2023

4 Min Read
Man wrestles with steer as cloud of dust picks up.
Charles Mistral via Alamy Stock

At a Glance

  • Organizations should not wait to address cloud cybersecurity.
  • IT leaders should examine their existing cloud security tools as they examine new vendors.
  • Avoiding cloud missteps will help organizations take a more aggressive approach to security needs.

If your organization isn’t already addressing cloud cybersecurity proactively, it’s risking disaster. Waiting for an attack to happen simply doesn’t make sense.

Proactive cloud security takes active measures to spot potential threats and prevent cyberattacks before they take place, explains Nick Godfrey, senior director and global head, office of the CISO, at Google Cloud in an email interview. “This is done through practices like continuous identity validation, automating detection and response capabilities, and analyzing threat intelligence to mitigate weaknesses in the cloud network before they can be exploited.”

“By taking a proactive approach to cloud security, organizations can mitigate destructive attacks through the discovery of high-risk entry points, threat actor campaign orchestration activity ... and validate security control effectiveness against targeted attacks,” Godfrey says. “As a result, organizations will save time, money, and resources that would otherwise be put toward reactive remediation.”

With cloud native infrastructures deployed across the enterprise, typical endpoint and intrusion detection tools are not sufficient to identify attacks or vulnerabilities in a non-VM infrastructure, cautions Accenture Federal Services’ cyber chief technical officer Dave Dalling via email. “Real-time automated responses can quickly shut off attacks and prevent lateral movement through credential stealing and role escalation.”

Related:Quick Study: Security and the Cloud

Becoming Proactive

The best way to get started is by evaluating vendors that offer proactive cloud security tools and determining their capabilities, Dalling advises. He also suggests reviewing the existing cloud-native inventory and security techniques. “Work with your organization’s security operations center to determine the most effective way to integrate a proactive cloud security tool into their monitoring and incident response workflows,” Dalling adds.

By adopting a proactive cloud security approach, organizations can safeguard themselves against security threats, ensure compliance, and increase customer trust, says Ravi Raghava, vice president of cloud solutions at technology integrator SAIC via email. “This approach is often more cost effective than dealing with the aftermath of a security breach, which can result in substantial financial and reputational losses.” He notes that business partners are more likely to trust organizations that prioritize the protection of their data through proactive security steps.

Raghava narrows-down proactive cloud security to three basic steps:

Related:5 Big Cloud Security Deals Shaping the Industry in 2023

  1. Continuous monitoring. Continuously assess and monitor the current security posture and identify any gaps and security control needs. The implementation of continuous monitoring, strong identity and access controls, and multi-layered cloud services security all aid in the early detection of potential breaches or mistakes, allowing timely responses and mitigations.

  2. Logging and analysis. Regular analysis of the log data, such as network traffic data and Software as a Service (SaaS) solutions data, will help to identify any suspicious activities or anomalies.

  3. Integrating threat intelligence. Using the insights gained from monitoring and log data analysis allows cloud consumers to make informed risk-based decisions and take appropriate actions to protect their data and assets. Use threat intelligence to proactively adjust the security posture and respond to evolving threats.

Getting it Right

An organization can’t be truly proactive unless it has a strong understanding of its cloud environment, its assets, and what’s exactly running on their network, Godfrey says. “Leaders must establish this baseline inventory before they can be proactive in their cloud security strategy.”

All security tools should align with the organization’s security architecture roadmap, as well as cloud environments, Dalling says. “Some vendors or tools are much stronger for specific hyperscalers or workloads,” he notes. “Selecting the appropriate tool is critically dependent on a full analysis of the organization’s cloud-native infrastructure.”

Related:9 Questions for IT Leaders to Ask About Cloud Cybersecurity

The most common cloud security missteps are the misconfiguration of cloud services, exposing sensitive data, as well as undetected persistent threats due to misguided implicit trust, Raghava says. “Overly permissive access to storage services has led to massive breaches of private citizens’ data,” he explains. Improper cloud network configuration, a lack of thorough security testing, and a failure to deploy security access controls, can also result in threats that may potentially put critical infrastructure components at risk of attack.

Evolving and Exciting

Proactive cloud security will enable security teams to protect users, devices, and company data from cyberattacks before they occur, and enable them to quantify, report on, and mitigate risk, Godfrey says.

Proactive cloud security is an exciting and evolving field, Dalling observes. “There are many opportunities to further integrate cloud operational capabilities into larger cloud management stacks to bridge security, FinOps, and compliance into a unified platform,” he says. “This gives IT leaders a single pane of glass from which to review the state of their cloud infrastructure.”

About the Author(s)

John Edwards

Technology Journalist & Author

John Edwards is a veteran business technology journalist. His work has appeared in The New York Times, The Washington Post, and numerous business and technology publications, including Computerworld, CFO Magazine, IBM Data Management Magazine, RFID Journal, and Electronic Design. He has also written columns for The Economist's Business Intelligence Unit and PricewaterhouseCoopers' Communications Direct. John has authored several books on business technology topics. His work began appearing online as early as 1983. Throughout the 1980s and 90s, he wrote daily news and feature articles for both the CompuServe and Prodigy online services. His "Behind the Screens" commentaries made him the world's first known professional blogger.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights