Intelligent Tech Channels Issue 62 | Page 38

Cloud security improving all the time

Frank Kim at SANS Institute explains why cloud providers are in a virtuous circle of security improvements providing a foundation for security professionals to build their cloud security programmes .

Rapid innovation is driving organisations to adopt cloud services as critical infrastructure . Cloud acceleration has become a boardroom issue , with non-technical leaders often being vocal proponents of cloud as the route to achieving wide-ranging business objectives . However , cloud innovation can introduce security risks if rushed .

Cloud security providers are constantly improving their security offerings and capabilities . As a result , businesses may be tempted to rely on these cloud-native security services . However , the most effective approaches rely on enterprise security teams building expertise and capabilities in-house to build a proactive security programme .
Security professionals need time and resources to ensure appropriate protection for the business . Here ’ s how they can help their business forge a solid foundation for secure and effective cloud acceleration .
Getting started
Organisations are moving critical assets , data , and processes to the cloud , making it an obvious target for attackers . As such , cybercriminals are growing savvier about how to gain initial entry , compromise
Frank Kim , Fellow and Lead , Cloud Security and Security Leadership curricula , SANS Institute accounts , escalate privileges , take advantage of misconfiguration , and much more .
Security teams need to use threat modelling to keep tabs on cloud attacks and impacts . Understanding adversary tactics and techniques in cloud attack scenarios make it possible to detect breaches before data or assets are exposed and prevent lasting damage .
Cloud threat modelling requires the consideration of a range of factors : adversaries , attack techniques , outcomes and risks , and countermeasures . It is also highly strategic .
First , define what to model threats for , such as an entire system or a component . Second , look at threats – what can go wrong ? An account hijack ? A vulnerable package exploited in a container image ? Third , look at mitigations and controls that can reduce or eliminate risk . Finally , validate that the analysis conducted has been thorough and reasonable .
Demystifying attackers ’ strategies
Many organisations today are leveraging the MITRE ATT & CK model to help frame
38 www . intelligenttechchannels . com