Protecting Data and Access in Cloud Environments

An excerpt from the webinar “Cyber Investment Strategies for CISOs: Enabling Your Transforming Enterprise

Featuring:
Samir Sheirf, CISO, F5
Ariel Parnes, COO and Co-Founder, Mitiga
Sean Michael Kerner, technology journalist

Sean Michael Kerner:
When we're talking about this modern era now, what new challenges do you need to address that are different in terms of access, data, and identity that perhaps are different than things you might've had to think about a couple years back?

Samir Sherif:
Absolutely. I think the one way to look at it is when you're operating the cloud, it's not just your solution that's operating the cloud. You're depending on so many different supply chains, SaaS, APIs, and all the connectivity between them, whether it's through your suppliers', data you're sharing with your company and others to really enable that rapid response and scalable infrastructure that you rely on through the cloud services.

So, the challenge, really, is understanding where and how things are moving within that ecosystem and also being able to have the right solution capabilities to really protect all of that. I mean, there is a new thought process around resilience as becoming the central point in thinking about Cloud, and cloud security for security operations. But I always try to come down to the foundational level and say, "We have to be resilient, but the only way we're going to be resilient is if we're able to really protect and respond to threats that may come out of that type of technology."

Ariel Parnes:
Sure. And I think the term that represents the challenge that Samir was mentioning is the shared responsibility concept. And basically, this is introducing a whole new challenge for us as defenders when we are sharing responsibility with third parties, vendors, cloud providers, infrastructure, SaaS and so on, and sharing responsibility in defending our organizations.

It means that, as opposed to in on-prem environments, where eventually you were the master of your domain and were able to get access to or have the visibility that you needed to defend, detect, and respond to attacks—when you live in the cloud, you are sharing this responsibility with others.

It means that the visibility that you have is limited unless you do certain things in advance. And I think visibility is the foundation of cybersecurity. In order to defend, to respond, to recover, you need to have visibility on what is going on in your environment. If you are sharing this responsibility with others, then the challenge increases in terms of having the right information to be able to identify gaps, to identify malicious activities, and to respond. This is a different way of doing business compared to what we were used to in the on-prem environments.

Samir Sherif:
All right, Ariel, I wholeheartedly agree with you. And if you think about the number of organizations within a company that interact and also deliver capabilities— a concept like shadow IT, we call it shadow IT, but it is now distributed across various different organizations. You can have a marketing function that also interacts with the cloud to deliver marketing capabilities and they may manage the solution themselves. How well do these functions understand architecture? Or zero trust architecture configuration? All the identity management, managing the threat, ensuring all the security controls and policies are applied?

It just compounds the complexity of various groups through shared responsibility. Also, now they have to act as engineering functions and IT functions as well and have accountability distributed to them too. And I think that's where it becomes interesting when we think about it's not just the primary groups that manage the infrastructure, but that there are all these other functions within the company that also will now have to contend with the fact that they need to understand the processes all the way down to what an engineer will have to do when operating in the cloud, right? So, the security function, security team, and the CISO organization in particular, all need to make sure that all those various different groups understand security is becoming incredibly important.

Want to hear more about how leaders are contending with the new strategic challenges of securing cloud ecosystems? Watch the full webinar on demand.  

Video

What Is Cloud Investigation? Cyber Terms Explained

Maybe before we dive deep into cloud investigation, let's talk about what is the cloud that we're referring to in cybersecurity? Because the cloud has different parts in your organization.

Video

Mitiga — RSA Conference 2024 Innovation Sandbox

Each year, RSA Conference invites cybersecurity’s boldest new innovators to compete in RSAC Innovation Sandbox, a contest that puts the spotlight on startups with potentially game-changing ideas.

Video

What is Extortionware? Cyber Terms Explained

Extortionware in the cloud usually means that an attacker managed to leak or compromise some of your sensitive data and is threatening to release that data, and also show the world by releasing this data that they have managed to compromise. yyour organization andhurt your reputation.