– By Gunter Ollmann, CSO, Devo
A recent report by ESG, Beyond Cloud Adoption: How to Embrace the Cloud for Security and Business Benefits, is based on a survey of 500 IT and security professionals working in the security operations center (SOC) chain of command. It found that many organizations have reached the tipping point for cloud proliferation, meaning businesses are starting to overcome barriers that have traditionally prevented their shift to the cloud.
However, this rise in cloud adoption increased security complexity and amplified visibility gaps for many businesses. While deploying workloads and applications in the cloud has become more common, comprehensive cloud security strategies are still out of reach. To solve common cloud adoption challenges, security operations teams must map out their cloud transition plans in detail and consider how they’ll move security technologies to the cloud, too.
Cloud adoption trends
Businesses had no choice but to expedite their cloud adoption plans to meet remote workers’ needs throughout the pandemic. 80% of organizations accelerated their timelines, which is pretty astounding. Now, more than a third of organizations claim that at least half of their applications and workloads reside in the public cloud, and nearly 50% say they’ll reach that milestone within two years.
As the shift to the cloud continues, two new cloud policies have emerged — cloud-first and cloud-preferred.
- Cloud-First: 41% of organizations have adopted cloud-first policies, meaning they deploy new applications and workloads using public cloud services by default.
- Cloud-Preferred: We’ve also seen many organizations adopt cloud-preferred policies, which take existing on-premises and hybrid investments into consideration.
Either way, it’s becoming evident that many organizations are moving away from only having workloads and applications on premises. According to the survey, only 14% of organizations maintain an on-premises-first policy.
Cloud adoption maturity personas and challenges
Different types of cloud maturity personas have emerged as organizations adopt cloud technologies more rapidly:
- Cloud Adopters are businesses adopting cloud computing for business applications/workloads but not cloud-based security controls.
- Cloud Antagonists are not aggressively adopting either.
- Cloud Evangelists are at the forefront of realizing the benefits of cloud computing and cloud security. They are organizations that are adopting cloud computing for applications/workloads and cloud-based security controls. While they experience materially better security outcomes, that doesn’t mean they don’t face challenges.
Increased complexity is one of the biggest hurdles Cloud Evangelists face on their cloud journey. Nearly 30% believe public cloud computing has made their IT and security operations more complex. Further, almost one-third said their adoption of cloud computing exposed limitations in their existing security tool sets. Nearly 40% also said they experienced an increase in security data for analysis. Because of this, many have started to consider investing in specialized cloud security technologies.
Security visibility and cloud-resident workloads
While your immediate reaction might be “shifting to the cloud sounds like more trouble than it’s worth,” you couldn’t be further from the truth. Even though the shift to the public cloud created challenges and exposed security limitations:
- 56% of Cloud Evangelists are very confident their organization’s tools provide adequate security visibility into cloud-resident workloads.
- Only 38% of Cloud Adopters…
- …and 23% of Cloud Antagonists can say the same.
Nearly 70% of Cloud Evangelists also report public cloud computing has had a significantly positive impact on their business. Cloud adoption also drives technological innovation across the organization. Slightly more than 60% of Cloud Evangelists also said cloud computing had a significantly positive impact on the pace of adopting new technologies at their companies.
The fact of the matter is that security complexity challenges arise because of the gap between cloud-native and legacy on-premises tools. It’s quite a big leap; cloud security tools have simply advanced at a much faster pace than on-premises technologies. To overcome cloud transition hurdles, Cloud Evangelists must take quick, decisive action to implement cloud security best practices.
Recommended actions for Cloud Computing Evangelists
Cloud Evangelists are aware of the fact they must make adjustments. They have already started to take additional actions to solve their security complexity conundrum. About 60% supplement their security information and event management (SIEM) solution with cloud-native security monitoring tools, giving them a more detailed view of their cloud security posture and behavior. Further, about half are actively adding more capacity and resources dedicated to cloud security.
While these are strong first steps, CISOs and their security teams also should consider:
- Investing in automation technologies: While adding headcount and resources are good measures, there’s too much security data to collect and analyze manually. Security automation technologies can provide speed and scalability by automating security content, workflows and contextual intelligence.
- Testing controls for cyberattacks that target cloud-resident data: Security operations teams should establish repeatable, robust and automated processes to ensure they can withstand cyberattacks targeting the cloud. Often, humans are the bottleneck in the security response. That’s why your security operations team must apply automation and machine learning to prevent modern attacks from propagating at machine speeds.
- Adopting cloud-native monitoring tools and assessing whether your SIEM can meet cloud-driven requirements: Cloud providers are constantly innovating and improving their performance, so it’s unlikely that on-premises solutions could come close to matching what they offer. Cloud-native SIEM solutions are often easier to set up because all the connection work rests with the SaaS provider. The ease of use and performance is unmatched.
- Improving security visibility across the entire IT infrastructure: Your security operations team should implement processes to define and measure your security visibility across every aspect of your IT infrastructure. Doing this requires cloud-scale SIEM capabilities for data ingestion, high-performance query capabilities, and an intuitive user interface for security operations processes.
While public cloud computing no doubt introduced increased security complexity, the benefits it brings far outweigh any potential temporary drawbacks that may arise during the transition. Those who move to the cloud and simultaneously implement the appropriate security measures will ultimately come out on top. The survey conclusively found that leading companies are starting to increase budgets for security training and are investing in security monitoring for cloud-based workloads and applications.
As the shift to the cloud continues to take place, hybrid IT environments will become the norm, and we’ll see multi-cloud environments crop up more often, too. Adopting security solutions built to handle the needs of this fast-moving space — no matter where businesses decide to deploy their applications and workloads — is the key to success during this transition period.
As long as enterprise security operations teams are pragmatic and thoughtful about their cloud security approach, they can help their organizations reap all the benefits the cloud offers while keeping data safe.
Devo was shortlisted in the 2021 SaaS Awards in the Security category. The 2021-22 Cloud Awards has two categories recognizing excellence in cloud security — one for SMBs, and one aimed at larger organizations.