Digital transformation and technology trends have shaped how we live, communicate, and do business. Organisations are becoming more agile, embracing technologies like artificial intelligence (AI), machine learning (ML), mobile and cloud computing to scale efficiency and profitability, while remaining competitive at the same time. Cloud computing offers the resources to enable business model transformation, to deliver services and solutions at a more flexible and faster pace.
Today more than 90% of enterprises use some type of cloud service, with some enterprises using three to four cloud providers, on average. And although embracing digital transformation opens new business opportunities, the growing migration to public cloud environments has led to an increase in cyber-attacks. More importantly, moving to a public cloud brings on a new set of challenges and responsibilities that puts ownership and burden on the user to secure their own data, applications and workloads.
According to Check Point 2020 Cyber Security Report, 67% of security teams complained about lack of visibility into their cloud infrastructure, security, and compliance. In addition, unauthorised access, insecure interfaces and lack of holistic visualisation are outlined as some of the biggest issues in the public cloud. Hackers compromising cloud resources to exfiltrate and sell private data is considered one of the most well-known cybersecurity trends, along with crypto jacking, which targets comprised cloud infrastructures for crypto mining purposes. Container management platforms, cloud APIs, and control panels were among the most common cloud infrastructures targeted by attackers; and although companies have precautions and security policies to protect these, it takes an average of around 200 days for organisations to detect a security threat. This is because one of the main challenges of the cloud is visibility.
Surprisingly, the 2019 Cloud Security report pointed out that while 54% of organisations believe their cloud instances were not hacked, 25% of the organisations surveyed did not even know that they’ve been hacked.
With digital transformation, and the rapid development of applications and services into the cloud, DevOps teams are now playing a more important role in organisations, in turn adding an increasing challenges for traditional Security IT to now manage the security risk of the business.
Adopting public cloud infrastructure means security is now a shared responsibility between the client and their cloud provider.
According to Check Point 2019 Cloud Security Report, the top four public cloud vulnerabilities cited by respondents were (1) unauthorised cloud access, (2) insecure interfaces, (3) misconfiguration of the cloud platform and (4) account hijacking. As organisations are moving critical applications and processes to the cloud, how are they securing those cloud environments, the sensitive data and intellectual property stored there?
What’s needed are automated and elastic public cloud network security solutions to keep assets and data protected while staying aligned to the dynamic needs of public cloud environments. A good set of characteristics to look for in a cloud security solution include:
- Support for the broadest range of cloud infrastructures, including the big providers such as AWS, Azure, Google Cloud Platform, VMware Cloud and more
- Auto-provisioning and auto-scaling along with automatic policy updates to ensure security protections keep pace with all changes to your cloud
- A single and unified console that can deliver consistent visibility, policy management, logging, reporting and control across all cloud environments and networks
As was previously mentioned, according to the Check Point 2020 Cyber Security Report, 67% of security teams complained about lack of visibility in the cloud. Visibility and contextual insights into cloud operations are absolutely essential for protecting assets and uncovering suspicious activities. Real-time cloud security monitoring powered by machine learning (ML) and artificial intelligence (AI) offers contextualised visualisation that enables organisations to better protect their assets and prevent attacks. The most important attributes to look for in a reliable cloud security monitoring and analytics solution include:
- Real-time cloud security monitoring, automated to detect and remediate attacks and anomalies across different SaaS applications and cloud environments. These include environments such as Amazon AWS, Microsoft Azure, and Google Cloud (GCP)
- Advanced cloud security intelligence powered by AI and ML to assist in the investigation of big data containing Incidents of Compromise (IoCs)
- Simplified and contextualised visualisation, to help with visibility into complex multi-cloud environments.
- Dynamic Log management and event correlation tools that efficiently deliver the high-quality actionable forensics and contextualised information required to identify and analyse an attack
- Relevant intrusion alerts, intuitive querying, and notifications for policy violations.
- Seamless integration with cloud-native tools and SIEMs.
Cloud security posture management is crucial to properly address vulnerabilities and security treats in the cloud. While creating the required policies to manage cloud security posture, it is key to:
- Analyse the current security posture, enforcing gold standard policies across accounts, projects, regions and virtual networks where needed
- Ensure that your public cloud infrastructure conforms to regulatory compliance requirements and security best practices
- Protect against compromised credentials and identity theft
- Restrict cloud environments from unauthorised access, so as to prevent security configuration drift from the gold standard.
In summary, digital transformation empowers organisations to expand business opportunities, increase profitability and efficiency, while reducing operational costs. However, digital transformation can also expose enterprises to a variety of vulnerabilities and challenges that if not properly addressed could result in financial loss, identity theft and leakage of private and sensitive information.
As enterprises scale in multi-cloud environments, and move critical applications and processes to the cloud, it is important to effectively align resources and strategies that include: Implementing preventive security measures, incorporating effective cloud security posture management, as well detecting and auto-remediating attacks in multi-cloud public cloud environments.
The cloud, its services and flexibility is what makes digital transformation possible. Check Point has a variety of cloud security solutions to secure digital transformation of large and small enterprises, online and in physical retail, government, healthcare and in educational institutions of any size. Check Point cloud security portfolio includes private and public cloud security, email security, serverless, security compliance and posture management, and advanced cloud security intelligence and analytics. They can be easily integrated with most of deployments in the market, and is natively integrated with large cloud ecosystems such as Amazon AWS, Microsoft Azure, and Google Cloud GCP.
By Gui Alvareng, Product Marketing Manager, Check Point Software Technologies