Stuart Green is a Cloud Security Architect for Check Point Software Technologies Ltd. Green is currently working with customers and channel partners to build security into cloud architectures of all sizes, automating everything, everywhere! With over 15 years of IT security experience across multiple areas including cloud, networking, security testing and software development, he is enthusiastic about all technology and understanding what makes it work.
In this outstanding interview, Cloud Security Architect, EMEA, Stuart Green discusses all things cloud security. Discover the latest insights into emerging cloud security trends, challenges, new solutions, and best practices. Innovate and advance within your cloud security journey.
Tell us about what you’re currently seeing when it comes to cloud security:
Customer confidence in cloud has grown considerably over the last 12-18 months, with more and more customers using public cloud for deploying their workloads. This has naturally led to more conversations about security and visibility in these platforms where the native tools generally only offer the basics that customers are used to as compared to their traditional on-premises or DC deployments. “Shifting Left” is a very popular discussion with customers who see a lot of sense in making sure that security is automatically part of all deployments.
What are the biggest challenges that organizations are facing in relation to cloud security?
Despite being a popular talking point – the ‘Shift Left’ discussion isn’t one with a simple ‘one size fits all’ answer. There are usually multiple teams within an enterprise setting that have a stake in building such approaches and it has to be adopted widely in the organization to be successful. For example, if only one team in a business has fully integrated Shift Left into their DevOps practice, but everyone else deploys manually and directly into their cloud platform of choice – they’re still likely to produce the same types of risks once deployed, and these will be where any attackers choose to focus.
Top ways in which organizations can strategically mitigate cloud risk right now?
Many organizations I’ve worked with recently have seen great success in using a consolidated platform that gives them one place to view multiple risk areas across their cloud estate. The most valuable feature from such a platform is broad visibility; giving them access to all of the information they need to make informed decisions about which risks to focus on. For example, a cloud account might have thousands of different assets in it, ranging from general object storage to mission-critical databases. If there is a misconfiguration in terms of who can access one of these services and to what degree, that single policy might inadvertently give excess privileges to an unintended or unknown audience — the worst case being allowing public write access to multiple resources.
Best practices for measuring the success of IT cloud security initiatives?
Cloud security can be easier to measure than other areas of security due to how well-defined the majority of services are in the public cloud platform. Take something simple like a cloud virtual machine, for instance. It has a small number of components like a virtual network interface, IP address, security rules and a few others. If these are consistent across all deployments, they’re a lot easier to measure and enforce consistent checks across. Going back to the point about using a consolidated platform for managing cloud assets, if you have a set of well-defined guidelines for what is acceptable and what is a risk, you can deploy these rules across all of your cloud accounts and have confidence that the results seen will be accurate. With accurate data, you can track trends and over time, one clear metric of success with these tools is that the trend for volume of cloud risks decreases. Some of the better platforms will give you the ability to build this data into customized dashboards, reports and will allow you to feed this data into other platforms within the business, enabling all stakeholders to access to the level of information they require.
How should cyber security professionals communicate these wins to stakeholders?
Presenting the data in a way that’s suitable for the intended audience is essential. Your C-suite staff aren’t going to care which version of an open-source module you’re using in your code or that your storage account in cloud platform XYZ has a misconfiguration of some obscure property; they want to know what risk that poses to the business. Inversely, a DevOps engineer isn’t going to find a graphic that says ‘you have 10 critical risks in your cloud’ something they can action and will need more in-depth information. Building custom interfaces to your data is essential to getting a buy-in from the wider business. If the tool you’re interested in works for you from a technical level, but also has value at a management level, it’s going to be a lot easier to get approval of such a tool.
For more from this expert, please see CyberTalk.org’s past coverage. Lastly, to receive cutting-edge cyber security news, insights, best practices and analyses in your inbox each week, sign up for the CyberTalk.org newsletter.