Last Friday, at the last day of EnterConf, Misha Govshetyn from Alert Logic gave a presentation on Cloud Security in 2015. He mentioned the Cloud Security Trends that he has noticed amongst their clients and elsewhere. One thing he mentioned really surprised me, the oldest companies, some over one hundred years old are their biggest clients and they are more willing to adapt and move to the cloud.
Cloud threats require a different approach as you can see below.
New computing models and platforms make it harder for security to keep up. At times things are changing and moving along faster than Moore’s Law which makes it harder for security to stay relevant and up to date.
Misha also mentioned three trends that are shaping cloud security.
Security designed for Cloud Ops.
Security teams are often excluded from cloud projects, if they are not involved until after you have deployed to the cloud, they may not be able to bring much to the table. In order to be relevant security must be specifically designed for the cloud, programmable and automated. The ability to deploy and auto-scale security with minimum effort is also needed.
Big Data Security Analytics
Security logs must be more detailed as incomplete visibility of attacks is limited by rudimentary analytics and relational database performance. If machine data is used you will get 80% more attack indications, which is enabled by grid processing, machine learning and big data analytics techniques.
Cloud Threat Intelligence
Known as one of the most active fields of security research today and the vast majority of threat intelligence is focused on endpoint devices. Cloud focused threat intelligence offers a tremendous opportunity for cloud and security industry collaboration.
In summing up the following facts were also mentioned.
- When you move to the cloud the number one thing on everyone’s lips is security.
- Cloud deployments have fewer attacks.
- Amazon is deployed on discrete networks so it’s hard to find your deployed apps and data if a breach occurs.
- If a hacker breaks into a single server there is a greater chance that they will be able to get data elsewhere.
- If you give cloud security a high priority you will be safe.
- What you do to protect your normal business is different to how you protect your cloud.
- Rapid deployment models are lax with security as security may be slow and clunky.