In 2019, more enterprise workloads were executed in the cloud than on premises for the first time.
To be precise: 56% of workloads were executed in the cloud -- either as IaaS, PaaS or SaaS -- compared to 44% on premises (of that, 40% were in the data center and 4% in branch offices).
This tells us that organizations must get serious about cloud threat protection, and that requires tackling two things: protecting cloud-based resources and using cloud-based services to do so. Doing both requires making organizational, operational and funding changes -- plus investing in the right technologies.
Let's address these necessary changes in order.
One of the best success metrics for cybersecurity organizations -- and the metric that Nemertes Research, where I work, relies on to measure cybersecurity success -- is mean total time to contain (MTTC) security breaches. MTTC includes the sum of the time required to detect a potential attack, understand that it is in fact an attack and contain it. Nemertes' analysts measure MTTC annually, most recently in our 2019-2020 "Cloud and Cybersecurity Research Study," in which we assessed MTTC for 335 firms in 11 countries, across 24 industry verticals.
The median MTTC across all of the companies Nemertes studied is 180 minutes. We selected the organizations in the 80th percentile and above as our success group. The companies in this group have an MTTC of 20 minutes or fewer.
While it's far from the only relevant metric, MTTC is a good measure of a cybersecurity organization's maturity; cybersecurity organizations with a low MTTC generally have better security practices than those with a higher MTTC.
Practices that correlate with lowering MTTC for cloud-enabled organizations include the following:
So far, so good. But what technologies should be included in that budget and architecture?
The following technologies correlate with a measurable improvement in MTTC and, thus, should be considered by cloud-enabled organizations:
Cloud-based identity and access management (IAM) provides a platform for single-credential and single sign-on authentication across multiple cloud platforms, and possibly internal systems. Vendors that provide IAM as a service include Microsoft, Okta, OneLogin and Ping Identity. Using IAM as a service correlates with 50% improvement in MTTC.
Cloud access security brokers (CASBs) provide additional security controls on and visibility into enterprise use of cloud resources. They can be in-line proxy-style intermediaries through which cloud-bound traffic passes, or they can be API-based services that are called upon by cloud services for authentication and authorization of user access -- and to which cloud services send monitoring event information on use of the service.CASBs are available from Bitglass, Netskope, Microsoft and McAfee. Using CASBs correlates to 50% improvement in MTTC.
Behavioral threat analytics (BTA), sometimes referred to as user and entity behavioral analytics, integrates multiple sources of data -- such as logs, analytics platforms and SIEM -- to capture and display anomalous behavior of users, devices and systems. BTA examples includeBroadcom Bay Dynamics, Gurucul, Exabeam and Splunk. Using BTA correlates to 41.7% improvement in MTTC.
Cloud-based firewalls are virtual entities in the cloud, as opposed to physical devices in physical locations. Most major firewall providers (including Palo Alto, Cisco, Check Point and others) offer cloud-based versions of their services. Most major telcos and cloud security providers -- like Verizon, AT&T, CenturyLink and Masergy Communications -- offer cloud-based firewall services. Using cloud-based firewalls correlates with a 50% improvement in MTTC; 60% of organizations studied by Nemertes had enabled cloud-based firewalls.
Secure Access Service Edge (SASE) tools enable mobile and home users and sites to connect via a secure point of presence to a secured network operator's core network. These tools then apply security policies to control access to resources on premises or in the cloud. SASE products include Cisco Umbrella and Palo Alto Prisma. The use of SASE correlates with a 17% improvement in MTTC.
What does this mean for enterprise security professionals? First, if you don't yet have cloud security specialists, hire them or grow your own via training and certification. This step is essential even if it means increasing headcount in the cybersecurity organization. If you can get there by trimming headcount in other areas, so much the better, but, regardless, having a team in place is the first step toward success.
The era of cloud cybersecurity is dawning.
Second, ensure the cloud security team is well funded. The greatest improvements in MTTC correlate with having line items for this team's budget in both the cloud and cybersecurity budget. Either one is good; both is best.
Third, the cloud security team's first act should be to develop a cloud security architecture and strategy. Which critical technologies listed above do you plan to implement, and how will they be integrated together? This architecture and strategy should include fundamental technology principles that will be used to drive vendor and product selection. It should also generate a roadmap laying out the sequence of procuring and installing the technology.
Fourth, based on that cloud security strategy, architecture and roadmap, the cloud cybersecurity team should begin selecting and implementing the key technologies.
Fifth and finally, teams shouldn't neglect documenting and implementing the cybersecurity operational changes driven by the move to cloud threat protection. For example, cloud security providers need to be fully integrated into an organization's incident response policy.
The bottom line: As workloads move to the cloud, so should the means of protecting them. The era of cloud computing is here. The era of cloud cybersecurity is dawning.
Here is the original post:
Enhance your cloud threat protection with 5 tools, and more - TechTarget
- Roundup Of Cloud Computing Forecasts, 2017 - Forbes - May 3rd, 2017 [May 3rd, 2017]
- RCom arm in tie-up for cloud computing - Moneycontrol.com - May 3rd, 2017 [May 3rd, 2017]
- How Do You Define Cloud Computing? - Data Center Knowledge - May 3rd, 2017 [May 3rd, 2017]
- 5 Cloud Computing Stocks to Buy - TheStreet.com - May 3rd, 2017 [May 3rd, 2017]
- Cloud Computing Continues to Influence HPC - insideHPC - May 3rd, 2017 [May 3rd, 2017]
- Red Hat's New Products Centered Around Cloud Computing, Containers - Virtualization Review - May 3rd, 2017 [May 3rd, 2017]
- Adobe bets big on cloud computing for marketing, creative professionals - Livemint - May 3rd, 2017 [May 3rd, 2017]
- Verizon sells cloud services to IBM in 'unique cooperation between ... - Cloud Tech - May 3rd, 2017 [May 3rd, 2017]
- How Cloud Computing Is Turning the Tide on Heart Attacks - Fortune - May 3rd, 2017 [May 3rd, 2017]
- Hospital CIOs see benefits of healthcare cloud computing - TechTarget - May 3rd, 2017 [May 3rd, 2017]
- Trends In Cloud Computing - Business Solutions Magazine - June 6th, 2017 [June 6th, 2017]
- A deeper dive into cloud security as a service: Advantages and issues - Cloud Tech - June 6th, 2017 [June 6th, 2017]
- OpenText buys cloud computing firm for US$103 million - TheRecord.com - June 6th, 2017 [June 6th, 2017]
- Belfast IT firm celebrates cloud computing success in 57 countries ... - Belfast Telegraph - June 6th, 2017 [June 6th, 2017]
- Meet The Cloud Wars Top 10: The World's Most-Powerful Cloud-Computing Vendors - Forbes - June 6th, 2017 [June 6th, 2017]
- How to approach cloud computing and cyber security in 2017 - Information Age - June 6th, 2017 [June 6th, 2017]
- CFOs have discovered the big stick of cloud computing - InfoWorld - June 6th, 2017 [June 6th, 2017]
- Belmont Stakes Odds 2017: Latest Vegas Betting Lines Before Post Positions Draw - Bleacher Report - June 7th, 2017 [June 7th, 2017]
- Cloudistics Announces New Cloud Computing Program That Enables High Margin Reoccurring Revenue Models for ... - Marketwired (press release) - June 7th, 2017 [June 7th, 2017]
- CloudCheckr, cloud computing company expects rapid growth in Rochester - WXXI News - June 7th, 2017 [June 7th, 2017]
- IBM Losing Facebook's WhatsApp as Cloud Customer, says CNBC - Barron's - June 7th, 2017 [June 7th, 2017]
- What My Father Taught Me About Cloud Computing - Virtualization Review - June 7th, 2017 [June 7th, 2017]
- Workday Phenomenon Goes Global As Cloud Computing Goes Mainstream - Forbes - June 7th, 2017 [June 7th, 2017]
- New Cloud Computing and IT Outsourcing Requirements in the Financial Sector - JD Supra (press release) - June 9th, 2017 [June 9th, 2017]
- 3 Things You Should Know About Cloud Computing Right Now - Fortune - June 9th, 2017 [June 9th, 2017]
- Learning in the Sky: Collaborative Robots Embrace Cloud Computing - Machine Design - June 9th, 2017 [June 9th, 2017]
- Best Practices To Manage Your Hybrid Cloud - Forbes - June 9th, 2017 [June 9th, 2017]
- Here's how venture capitalists are thinking about cloud computing companies and technologies - GeekWire - June 9th, 2017 [June 9th, 2017]
- Amazon is helping veterans find jobs in cloud computing - Marketplace - Marketplace.org - June 9th, 2017 [June 9th, 2017]
- New Cloud Computing and IT Outsourcing Requirements in the Financial Sector - Lexology (registration) - June 9th, 2017 [June 9th, 2017]
- Growing Patent Claim Risks in Cloud Computing - Lexology (registration) - June 9th, 2017 [June 9th, 2017]
- The benefits of cloud computing, Rust 1.18, and intelligent tracking prevention in WebKit SD Times news digest ... - SDTimes.com - June 9th, 2017 [June 9th, 2017]
- Edge Computing Is New Cloud Computing Tech Investors Should Track - GuruFocus.com - June 9th, 2017 [June 9th, 2017]
- Real Estate Weekly: Digital Realty Becomes A Cloud Computing Giant - Seeking Alpha - June 9th, 2017 [June 9th, 2017]
- Virtualization admin? Pivot -- pivot now -- to a cloud computing career - TechTarget - June 10th, 2017 [June 10th, 2017]
- Why isn't Cloud Computing in the 2017 Belmont Stakes? - FanSided - June 11th, 2017 [June 11th, 2017]
- Cloud Computing Companies Move Into Medical Diagnosis (GOOG, IBM) - Investopedia - June 11th, 2017 [June 11th, 2017]
- China's cloud industry moving to new era with emergence of unicorns - TechNode (blog) - June 12th, 2017 [June 12th, 2017]
- Terry Crews Is On Crackdown 3 Trailer, No Cloud Computing For Single Player - EconoTimes - June 12th, 2017 [June 12th, 2017]
- The Risks and Perquisites of Cloud Computing - DATAQUEST - June 12th, 2017 [June 12th, 2017]
- Alibaba Cloud announces launch of data centres in India and Indonesia - Cloud Tech - June 12th, 2017 [June 12th, 2017]
- Indonesia banks have yet to implement cloud computing - Jakarta Post - June 13th, 2017 [June 13th, 2017]
- 'Sweden is heaven for cloud computing': Amazon Nordic chief - The ... - The Local Sweden - June 14th, 2017 [June 14th, 2017]
- Amazon.com to open second government cloud-computing region ... - The Seattle Times - June 14th, 2017 [June 14th, 2017]
- Shadow raises $57 million for its cloud computing service for ... - TechCrunch - June 14th, 2017 [June 14th, 2017]
- Amazon Still Leads Cloud Rankings, But Competition Is Coming On Strong - Fortune - June 16th, 2017 [June 16th, 2017]
- Alibaba to enter European cloud computing market in mid-2017 | Air ... - Air Cargo World (registration) - June 17th, 2017 [June 17th, 2017]
- Alibaba to enter European cloud computing market in mid-2017 - Air Cargo World (registration) - June 17th, 2017 [June 17th, 2017]
- Pressing Tech Issue: Enterprise Software Vs. Cloud Computing? - Credit Union Times - June 17th, 2017 [June 17th, 2017]
- 7 Tips for Securely Moving Data to the Cloud - Government Technology (blog) - June 20th, 2017 [June 20th, 2017]
- Chinese tech giant Alibaba joins key open-source cloud computing foundation - GeekWire - June 20th, 2017 [June 20th, 2017]
- Microsoft Could Surpass Amazon in Cloud Computing This Year (AMZN, MSFT) - Investopedia - June 20th, 2017 [June 20th, 2017]
- GDS Holdings Limited (GDS) Announces Strategic Partnership with Tencent Cloud - StreetInsider.com - June 20th, 2017 [June 20th, 2017]
- Cloud first - Philippine Star - June 20th, 2017 [June 20th, 2017]
- Three Considerations for Reducing Risk in Cloud Computing - CIOReview - June 21st, 2017 [June 21st, 2017]
- Cloud Computing and Digital Divide 2.0 - CircleID - CircleID - June 21st, 2017 [June 21st, 2017]
- Microsoft will ride artificial intelligence, cloud computing to higher ... - CNBC - June 21st, 2017 [June 21st, 2017]
- Cloud-Computing Business Lifts Oracle's Profit -- Update - Fox Business - June 21st, 2017 [June 21st, 2017]
- Report affirms continued cloud spend for US businesses in 2017 - Cloud Tech - June 22nd, 2017 [June 22nd, 2017]
- Catching up with an interconnected federal cloud - GCN.com - June 22nd, 2017 [June 22nd, 2017]
- Cloud-Computing Business Lifts Oracle's Profit -- 2nd Update - Fox Business - June 22nd, 2017 [June 22nd, 2017]
- Cisco adapts to the rise of cloud computing - The Economist - June 22nd, 2017 [June 22nd, 2017]
- Amazon accuses Walmart of bullying in cloud computing clash - BBC News - June 22nd, 2017 [June 22nd, 2017]
- Companies plan to spend more on cloud computing services this year, higher prices among drivers: Clutch - Canadian Underwriter - June 23rd, 2017 [June 23rd, 2017]
- Survey: businesses ramp up spending on cloud computing DC ... - DC Velocity - June 24th, 2017 [June 24th, 2017]
- Morgan Stanley: Cloud computing is at 'an inflection point' but how big will it get? - GeekWire - June 26th, 2017 [June 26th, 2017]
- How the cloud has changed education and training - TNW - June 26th, 2017 [June 26th, 2017]
- Cloud computing key to 4th industrial revolution - News VietNamNet - VietNamNet Bridge - June 26th, 2017 [June 26th, 2017]
- Lady Eli, Cloud Computing Among Workers for Brown - BloodHorse.com (press release) (registration) (blog) - June 26th, 2017 [June 26th, 2017]
- Microsoft signs cloud-computing partnership with Box - The Seattle Times - June 27th, 2017 [June 27th, 2017]
- Microsoft Signs Cloud Computing Partnership with Box - CIO Today - June 30th, 2017 [June 30th, 2017]
- US action on Microsoft email case could devastate cloud computing - Irish Times - June 30th, 2017 [June 30th, 2017]
- Cloud computing challenges today: Planning, process and people - TechTarget - July 2nd, 2017 [July 2nd, 2017]
- Five podcasts to catch up on the latest trends in cloud computing - TechTarget - July 2nd, 2017 [July 2nd, 2017]
- Microsoft reportedly set to lay off thousands as part of massive sales reorganization - GeekWire - July 3rd, 2017 [July 3rd, 2017]
- VMware to surge more than 20 percent because the Amazon cloud ... - CNBC - August 25th, 2017 [August 25th, 2017]
- Google Unveils Custom Hardware Chip for Cloud - Investopedia - August 25th, 2017 [August 25th, 2017]
- Cloud Computing Confirmed for Travers | TDN | Thoroughbred Daily ... - Thoroughbred Daily News - August 25th, 2017 [August 25th, 2017]
- Why 2017 Is The Year To Understand Cloud Computing - Nasdaq - August 25th, 2017 [August 25th, 2017]
- Biz Cloud Computing - Four States Homepage - August 25th, 2017 [August 25th, 2017]