Indian enterprises identify cloud infrastructure, particularly in the public and multi-cloud domains, as the primary source of cyber risk within their operations. The article explores whether they are ticking all the correct boxes.
By Sudeep Das, Head Security Engineer, India & SAARC, Tenable
With over 22 years of solid experience in the security industry, Sudeep has been leading technology teams that help companies achieve business benefits through comprehensive security programs. His specialization is program architecture for large scale security deployments around Security Operations Centre, Identity and Data Security frameworks. Prior to joining Tenable, Sudeep led the Pre-Sales function for IBM Security for India, South Asia. Before that he was the managing RSA Pre-Sales team and prior to that he was working as a consultant for Tata Consultancy services for 10 years.
Widespread cloud adoption has significantly benefited Indian businesses, yielding fruitful outcomes. However, amid these gains, a critical challenge arises: How can organisations ensure the security of their cloud infrastructure? According to a recent Forrester Consulting study commissioned by Tenable, 70% of Indian enterprises identify cloud infrastructure, particularly in the public and multi-cloud domains, as the primary source of cyber risk within their operations.
This concern is well-founded, considering that cybercriminals consistently devise new strategies to infiltrate organisations by exploiting cloud misconfigurations. An IBM report highlighted that when data breaches span multiple environments, they incur the highest associated breach costs and typically require nearly a year to detect and contain.
What makes cloud security so challenging?
Many organisations need comprehensive visibility into their cloud environments, leaving security practitioners needing a roadmap for securing them. Effectively securing the cloud demands a profound understanding of its components to navigate the complexities it presents, allowing for the identification and mitigation of vulnerabilities, misconfigurations, and other risks. In a multi-cloud environment, the challenge intensifies due to increased blind spots; for example, managing security across clouds necessitates insight into each cloud vendor’s distinct identity and access management model.
Compounding this complexity are organisational silos. Cloud responsibility isn’t confined to a single team or individual within an organisation. Effectively managing the cloud requires extensive collaboration among security, IT, DevOps, DevSecOps, IAM and various business units. Issues arise when security teams lack control over cloud environments and are seldom consulted during the deployment of cloud services. In India, 42% of organisations report that cybersecurity teams are not involved early enough in the selection and deployment of cloud services, while nearly 60% state that business and engineering teams acquire and deploy cloud services without informing the cybersecurity team. The lack of knowledge of the cloud within teams results in a lack of processes and tools essential for effective cloud security.
Crucially, in cloud environments, identity serves as the new perimeter. Both humans and software services (often called service principals) use identities to access cloud resources, which are often directly accessible from the internet, unlike traditional on-premises systems. As IT and security teams grapple with managing tens of thousands of new digital identities and associated permissions, there is reduced visibility into the realm of unknown unknowns. This scenario also facilitates cybercriminals in gaining unauthorised access, providing them with the capability to seize control of entire cloud environments, extract data from databases, encrypt data for ransom, and execute other malicious activities.
Securing the cloud: Where do organisations begin?
Organisations can begin one of three ways. First, by restricting cloud usage, second by training more security and DevSecOps people and third, by adopting automated solutions. Automated solutions embrace cloud security risk and present it in an easy, consumable and actionable way, without requiring deep technical know-how on the part of teams. Such security tools provide teams with the ability to understand, investigate and navigate risk amid the complexity. With the right automated solutions like exposure management, organisations can:
Gain Full Visibility: Automated solutions visually map all cloud assets, configurations, digital identities and associated permissions. This contextual view provides teams with the visibility necessary to understand cloud resource configurations, as well as permissions assigned to identities and resources, and identifies those in active use. This map of the cloud infrastructure ensures precise risk analysis and insights, enabling security teams to offer targeted recommendations for implementing a zero-trust model.
Address Multi-Cloud Challenges: Each public cloud provider (e.g., AWS, Azure) manages and configures cloud components differently, resulting in inconsistencies in continuous security monitoring. Organisations require a cloud security solution that consolidates information from all public cloud providers into a unified monitoring and management space. Such a solution should understand the diverse mechanisms at play, including the infrastructure of the cloud provider and the permissions model, laying the groundwork for consolidated and precise remediation recommendations.
Prioritisation and Automated Remediation: An effective cloud security solution should possess a deep understanding of true risk severity. Cloud security tools need the capability to accurately prioritise risk, instilling confidence in security teams regarding the insights provided and most importantly, enabling them to focus their limited time on what matters most. A robust solution serves as an advisor, offering insights into vulnerabilities or misconfigurations requiring immediate attention. It must also deliver actionable insights for informed decision-making about risk mitigation and tools to automate and accelerate remediation. Auto-remediation scales security functions.
Eliminate Silos in People, Processes, and Technology: The right cloud security solutions should be user-friendly and standardise cloud security across various business units. A practical solution serves as a single point of reference for Security, DevOps, DevSecOps, SOC, IT, and developers, minimising friction between IT and security. This ensures swift decision-making based on accurate recommendations that everyone can comprehend.
While searching for the right cloud security solutions, organisations should prioritise those that reduce complexity and risk, rather than those promising 100% cloud security. A solution that makes cloud security achievable offers enhanced visibility, and provides actionable and precise insights for universal understanding is crucial for bridging organisational and technological silos, enhancing cloud security posture, and mitigating risk effectively.
