Posted on 15/03/2017 by Jay Banghar
I recently interviewed a leading Security expert based in Singapore, in order to understand his position on the challenges and future of Cloud Security.
Top Three Issues
As Singapore accelerates to the cloud, a radical transformation in mind set is occurring in how to address the three principal issues of Security threats Visibility, Selection on Protective Technology and Automation for incident response.
For instance, with the majority of customers operating a Hybrid data center model, the traditional threat of server exposure has shifted toward a focus on ensuring the Protective solution interoperability on cloud platform and Security Software that has been designed for traditional data centers server farms. If we take Amazon AWS as example, AWS release new Linux kernel version every 3 to 4 months and with many Linux flavors. This can cause a significant hindrance on the customer’s decision to choose the right protective technology to protect the workload at the cloud.
When customers utilize ‘out of the box’ Cloud platforms such as AWS or Cloud software such as Office 365, which are known to be exposed to attack like ransomware and APT (Advanced Persistent Threat), they encounter significant security concerns. This is through an inability to achieve complete security coverage on dynamic cloud platforms and threat visibility across hybrid data centers from a single point of view. On the other hand, adopting truly agile security software that can be enabled in seconds to scale security on demand hand in hand with cloud workloads, without draining resources, is the biggest challenge our expert’s customers face.
Hybrid Data Center Security Model
This can be achieved by having the right level of Cloud platform skills to choose the right security technology that fits hybrid data center security model and enact effective security automation and orchestration. To achieve maximum security coverage on dynamic cloud platforms, hybrid data center, centralised threat visibility with Automation to incident response brings the best cost saving and flexibility benefits without compromise to security.
Currently the 'default' security offered by Cloud vendors do not offer this level of security, scalability and Automation. Our expert believes that with the right blend of cross generational Security technology can mitigate attacks on next generation technology and protect the traditional environment, whilst ensuring efficiency.
Market leading security principal vendors, offer Cloud security solutions that are optimised to run within Cloud platforms. Deploying seamlessly across multiple servers to offer tight malware protection and clasping to the work load to deliver strong virtual patching. New players also demonstrate capabilities to thwart attacks that might bypass other software, but deployed in isolation can impact resources.
Cloud Security Skills Shortage
Our expert agrees that as the technology and threat landscape evolves, security professionals must face the realisation that their skills need to become comverged or embrace inertia. Aside from undertaking personal study toward Azure/AWS certifications, the only way this can be achieved is by having an employer with a road map that delivers the training and initiatives needed to become a Cloud Security expert.
What do you think? I would love to hear your thoughts on the issues of Cloud security that are affecting your business or how we can help you in the next stage of your career.
In the next part of this series, I will discuss the issues faced by the public sector on the journey to becoming a Smart Nation.
+65 6589 8787