Getting Aggressive with Cloud Cybersecurity

If your organization isn’t already addressing cloud cybersecurity proactively, it’s risking disaster. Waiting for an attack to happen simply doesn’t make sense.

Proactive cloud security takes active measures to spot potential threats and prevent cyberattacks before they take place, explains Nick Godfrey, senior director and global head, office of the CISO, at Google Cloud, in an email interview. “This is done through practices like continuous identity validation, automating detection and response capabilities, and analyzing threat intelligence to mitigate weaknesses in the cloud network before they can be exploited.

“By taking a proactive approach to cloud security, organizations can mitigate destructive attacks through the discovery of high-risk entry points, threat actor campaign orchestration activity … and validate security control effectiveness against targeted attacks,” Godfrey says. “As a result, organizations will save time, money, and resources that would otherwise be put toward reactive remediation.”

With cloud-native infrastructures deployed across the enterprise, typical endpoint and intrusion detection tools are not sufficient to identify attacks or vulnerabilities in a non-VM infrastructure, cautions Accenture Federal Services’ cyber chief technical officer Dave Dalling via email. “Real-time automated responses can quickly shut off attacks and prevent lateral movement through credential stealing and role escalation.”

Becoming Proactive

The best way to get started is by evaluating vendors that offer proactive cloud security tools and determining their capabilities, Dalling advises. He also suggests reviewing the existing cloud-native inventory and security techniques. “Work with your organization’s security operations center to determine the most effective way to integrate a proactive cloud security tool into their monitoring and incident response workflows,” Dalling adds.

By adopting a proactive cloud security approach, organizations can safeguard themselves against security threats, ensure compliance, and increase customer trust, says Ravi Raghava, vice president of cloud solutions at technology integrator SAIC via email. “This approach is often more cost effective than dealing with the aftermath of a security breach, which can result in substantial financial and reputational losses.” He notes that business partners are more likely to trust organizations that prioritize the protection of their data through proactive security steps. …

Read the rest of this article on Network Computing.