To succeed in today’s economy, companies need to become incredibly sophisticated organisations. They need to be non-hierarchical, highly productive and full of agile, flexible and proactive individuals working independently towards the objectives of the group.
Luckily, the growth of cloud adoption is enabling just that. 86% of organisations now have a cloud-first policy to empower workers across the business. In most cases, cloud-first results in multi-cloud approaches.
The rise of multi-cloud is creating a whole host of security challenges. Multi-cloud means an organisation’s potential attack surface is huge – and keeping on top of threats is complex and can require a lot of manpower.
Security teams need policies that will leave workers with the benefits of the cloud while keeping their data and business safe. Luckily, as we heard at Fujitsu Forum last November, innovative new technologies are helping us do just that.
The present-day perimeter
There’s no denying that enterprise security has become much more challenging in recent years, especially with the advent of the cloud. The cloud is, by definition, more internet facing than traditional IT networks, so it immediately increases the attack surface of the organisation.
Gone are the days when IT teams could create a strong perimeter around a trusted data centre and network, shoring up the business with firewalls. Today, organisations are increasingly putting more data in the cloud than their own data centre.
Now, cloud services are effectively the perimeter – which is even more problematic when users might be using web applications “unofficially”, through shadow IT. Similarly, users might access services through work devices and personal devices, creating greater vulnerability.
In this varied landscape, it can be difficult for security teams to know how much responsibility to take for data in the cloud – and what lies with the cloud service provider. Irrespective of the security capabilities of the cloud provider, an organisation retains full responsibility for securing its data housed in the cloud. This makes it increasingly complex to manage data in the cloud, as many cloud providers do not disclose details of their security. That is why we at Fujitsu recommend organisations chose cloud providers that have independent security certifications with ISO, NIST, PCI and similar frameworks.
And of course, all this is taking place in an environment where cyber criminals are more interested in business data than ever before – and there are hefty regulatory and reputational penalties for organisations that slip up. Data is, after all, the currency of the digital economy. It is data that is transforming how we consume services, interact and operate. This data has huge value, and because of that, it needs to be protected.
No one technology can do everything and cybersecurity experts are in short supply: by 2022, it’s predicted that there will be a shortfall of two million cybersecurity professionals worldwide.
So how can organisations keep themselves safe?
Design, visibility, and context
During the session on avoiding a multi-cloud monster, Darren Gaile at Fujitsu shared several tips for creating a secure ecosystem:
- Become secure by design
The current threat landscape is too complex for organisations to take a piecemeal approach, by simply patching gaps or responding to individual threats. Instead, IT teams should focus on the root cause of security issues by creating a secure infrastructure from day zero. They need to protect their identity perimeter, create baseline cloud configurations and scan source code for vulnerabilities during development. In essence, become secure by design.
- Know your landscape
The best cloud strategies are iterative, as organisations evolve their multi-cloud mix to keep up with changes in the business. It’s vital then for IT teams to keep a clear view of their attack surface. Tools like cloud security posture management will help IT teams to keep up with their threat profile as it evolves.
- Take an intelligence-led approach
Every organisations’ threat profile is different; the biggest challenges for a multinational insurance provider will be very different to a mid-sized smart-factory. It’s thus crucial to understand the context of threats and where new ones might be coming from and how this fits within your cyber risk appetite. Working with a managed service provider can provide live threat intelligence and insight into any security events that could impact the organisation.
Inevitably, organisations will continue to face threats. Human intervention will be critical for handling large volumes of alerts and rapid responses when needed.
Luckily, security professionals have another incredibly powerful tool at their disposal to assess and prioritise threats: Security, Orchestration, Automation and Response (SOAR) technologies are designed to simplify the incident response process.
The system brings together disparate technologies and incident handling processes into a coordinated set of security actions and operational processes. Thanks to machine learning, SOAR can appropriately prioritise the most important threats for analysts to deal with.
This automated incident handling reduces alert fatigue and frees up Security Operations Centre staff to deal with more complex and rewarding analytical work. Importantly, the Mean Time to Respond is decreased, ensuring that the business can reduce the impact of attacks. Watch Steve Pye share more about the benefits of SOAR at Fujitsu Forum:
A secure future
Organisations are changing – and technology is enabling whole new behaviours and capabilities. It’s vital that organisations enable this new age of agility and dexterity, while still ensuring they keep their data and systems, safe. With the right mix of a human-centric approach along with the very latest technology, security teams can keep their organisations safe.