Security for the Cloud, in the Cloud? Here’s Why It Works

December 5, 2017 Arctic Wolf Networks

Cloud computing hasn’t just changed the way we do business–it’s reshaped our understanding of cybersecurity. Unlike traditional on-premises infrastructure, cloud perimeters are moving targets. Virtual resources can be accessed from multiple endpoints, and a password can be the only layer of defense between an intruder and your data.

That doesn’t mean the cloud is any less secure than on-premises infrastructure, but it does come with a unique set of vulnerabilities. These include:

  • Insider threats
  • Hijacked accounts
  • Distributed denial of service (DDoS)
  • Advanced and persistent malware

These threats can be abated with the right approach to cloud security. The challenge, though, is knowing what that approach looks like.

The Hybrid Problem

According to RightScale’s 2017 State of the Cloud Report, 85 percent of enterprises use multi-cloud deployments. Of those organizations using multiple clouds, 67 percent have hybrid deployments, which means they have some cloud instances that are public and others that are private.

Not all mid-market organizations have the in-house expertise or the right tools to build a SIEM that can unify disparate log flows into a single point of reference. Fewer still have the ability to create a security operations center (SOC) capable of providing threat detection and response capabilities for the entire IT ecosystem. This means 24/7 monitoring, event triaging, incident response and more.There’s more. Some organizations still require on-premises IT deployments. These mismatched IT resources (public, private, on-premises) pose unique challenges for security information and event management (SIEM).

SOC-as-a-Service to the Rescue

In a forthcoming executive brief titled “Cloud Security Management: On-Premises or As-a-Service?,” we show how a managed SOC offering simplifies detection and response in multi-cloud and hybrid IT environments. If the goal is simplicity, then SOC-as-a-service is the way to go.

For more, read our free introductory cloud security white paper.

 

Previous Article
How to Prepare for NIST 800-171
How to Prepare for NIST 800-171

Starting Dec. 31, all organizations and individuals that store, process or transmit CUI will be expected to...

Next Article
How the Security Skills Gap Leads to Data Breaches
How the Security Skills Gap Leads to Data Breaches

The skills gap in cybersecurity is often overlooked as a direct cause of breaches.

×

Want cybersecurity updates delivered to your inbox?

First Name
Last Name
Company
!
Thanks for subscribing!
Error - something went wrong!