The importance of embedding security into cloud migration. 

21st September 2022

There can be no denying that the pandemic changed business and enterprise life forever. Organizations were thrust into the unknown when stay-at-home orders were put in place, leaving them to grapple with a way to continue to operate with an almost entirely remote workforce. Fortunately, technology came to their aid. Through the deployment of cloud-based services and products, these organizations implemented a way to provide staff with access to all the systems and infrastructure they need to perform their jobs remotely. Literally transforming them into virtual organizations overnight.

Digital transformation accelerated at such a pace that the CEO of Microsoft, Satya Nadella, stated he’d seen two years’ worth of development in two months. And it didn’t stop there, according to Gartner, spending on public cloud services grew 20.4% from $410.9 billion in 2021 to $494.7 billion in 2022 and it is expected to reach nearly $600 billion by 2023. 

These figures highlight that cloud adoption is growing faster than anyone could have ever predicted. 

However, as organizations hastily adopted the cloud with the primary objective of needing to ensure their business can maintain BAU (or as close to as possible) in a period of extreme disruption, security was quite rightly seen as a lower priority. However, as business processes were established, security needed to be a close second on the priority list. 

The future of technology within health and social care
Trending
The future of technology within health and social care

Cloud in-security

As organization’s networks began to spread far beyond their traditional corporate perimeter, this widened their attack surface offering criminals new attack paths to reach sensitive data or systems. 

Furthermore, these cloud deployments were often installed without the proper security policies or guardrails in place, meaning not only has the attack surface expanded but the likelihood of a poorer security posture had also grown. In fact, according to data from a recent survey commission by Adarma and carried out by Computing, which studied 150 IT leaders from a variety of sectors including education, technology, finance and the public sector, cloud misconfigurations and lack of resources both received 32% of the vote when respondents selected the issue that posed the most risk to their organization. 

The study also highlighted that 58 percent of respondents agreed that the amount of data their organization stores in the cloud increased because of the COVID-19 pandemic. Interestingly a couple of the top risks highlighted by respondents was related to the human factor, lack of cyber security awareness and a lack of appropriately skilled cyber security resources. From a technical control’s perspective, there is still a lack of visibility on whether the basics are being done, cloud misconfigurations are still one of the top risks that are a key concern. 

When it comes to securing data in the cloud, the study also highlighted that 39 percent of organizations have not extended their managed detection and response solution to the cloud, while only ten percent strongly agree that they have the required resources to secure their growing attack surface. 

Many organizations have expanded their supply chain to integrate with third-party organizations in the cloud, exposing them to additional risk as their digital interconnected eco-systems proliferate, further increasing their attack surface. Worryingly the survey also revealed that 13 per cent said their organization has experienced a third-party supply chain attack that went on to compromise their security. Given the increased attack surface, it is vital that organizations have a clear understanding of their attack surface and what do they need to do to be able to defend it. Having clear responses to the following questions will most certainly help: what am I protecting and why? who threatens us and how? Am I secure and how do I know I am secure? 

Taking a threat-led approach

Adarma advocates organizations take a threat-led approach towards improving and maintaining the defensibility of their environment. This approach encourages an organization’s cyber security SMEs to take an attacker’s perspective. Thus, ensuring an organization’s various environments are not treated as individual silos, but instead as a single attack surface that could be exploited. 

Cyber threat intelligence (CTI): 

Having a strong CTI capability is vital to ensuring an effective threat-led approach. CTI is the foundation upon which everything will be built. Activities executed within this domain area will enable you to know what you are protecting; understand why you are protecting it. CTI will also enable you to understand who threatens your organization, allow you to be aware of your threat landscape and the actions and capabilities of the threat actors. 

Attack surface management (ASM): 

The outputs from CTI will feed directly into ASM. Key activities within ASM are to understand, monitor and assess your attack surface relative to the threats you face as an organization. Assess your defensive controls and provide a level of confidence into the effectiveness of your controls. 

Detection and response (D&R) 

The outputs from CTI will feed directly into D&R. Key activities within D&R are to ensure detective controls are in place to detect known threat activity, identify previously unknown threat activity via threat hunting, and have a robust response and recovery plan if a breach has been detected. 

Threat centric risk management: 

Activities in this domain area drive efficient risk reduction and informs the development of the cyber security strategy. Key metrics and reports are collected from CTI, ASM, and D&R to support evidence-based cyber resiliency and reporting upwards into the business. 

Improving security in cloud environments

To fully embrace the benefits that the cloud can offer while not leaving your organization vulnerable to adversaries, a well-planned strategy for security monitoring and response strategy is essential. Not only should security monitoring tools have visibility across the entire cloud environment, but they should also carry out continuous discovery, monitoring, evaluation, prioritization and remediation of attack vectors. 

A centralized security monitoring solution that works across the cloud and on-prem, can help organizations identify and respond to evolving threats as they present themselves. Taking steps to ensure your cloud environment does not expand without the proper security policies in place is also key, as is mitigating blind spots and improving visibility. Organizations’ security strategy should encompass all parties in their supply chain, as weak links can have serious consequences for the security of all those involved. 

The cloud offers many benefits to organizations, but security of the expanding environment is essential. This means organizations must role out security in tandem with cloud migration, to avoid increasing their risk exposure at the same rate as their cloud footprint. 

We think you'll like:

Fayaz Khaki

Practice lead at Adarma

What is a User Journey

Erin Lanahan • 19th April 2024

User journey mapping is the compass guiding businesses to customer-centric success. By meticulously tracing the steps users take when interacting with products or services, businesses gain profound insights into user needs and behaviors. Understanding users’ emotions and preferences at each touchpoint enables the creation of tailored experiences that resonate deeply. Through strategic segmentation, persona-driven design,...

From Shadow IT to Shadow AI

Mark Molyneux • 16th April 2024

Mark Molyneux, EMEA CTO from Cohesity, explains the challenges this development brings with it and why, despite all the enthusiasm, companies should not repeat old mistakes from the early cloud era.

Fixing the Public Sector IT Debacle

Mark Grindey • 11th April 2024

Public sector IT services are no longer fit for purpose. Constant security breaches. Unacceptable downtime. Endemic over-spending. Delays in vital service innovation that would reduce costs and improve citizen experience.

Best of tech to meet at VivaTech in May

Viva Technology • 10th April 2024

A veritable crossroads for business and innovation, VivaTech once again promises to show why it has become an unmissable stop on the international business calendar. With its expanding global reach and emphasis on crucial themes like AI, sustainable tech, and mobility, VivaTech stands as the premier destination for decoding emerging trends and assessing their economic...

Enabling “Farm to Fork” efficiency between supermarkets & producers

Neil Baker • 03rd April 2024

Today, consumers across the UK are facing a cost of living crisis. As a result, many retailers and supermarkets are striving to keep their costs down, so that they can avoid passing these onto shoppers. Within this, one area that is increasingly under scrutiny for many organisations surrounds how to improve supply chain efficiency. This...

Addressing Regulatory Compliance in Government-Owned, Single-Use Devices

Nadav Avni • 26th March 2024

Corporate-owned single-use (COSU) devices, also known as dedicated devices, make work easier for businesses and many government agencies. They’re powerful smart devices that fulfil a single purpose. Think smart tablets used for inventory tracking, information kiosks, ATMs, or digital displays. But, in a government setting, these devices fall under strict regulatory compliance standards.

Advantages of Cloud-based CAD Solutions for Modern Designers

Marius Marcus • 22nd March 2024

Say goodbye to the days of clunky desktop software chaining us to specific desks. Instead, we’re stepping into a new era fueled by cloud CAD solutions. These game-changing tools not only offer designers unmatched flexibility but also foster collaboration and efficiency like never before!