Richard Flanders has 35 years’ experience in advising clients on all aspects of enterprise IT. He has held senior roles at VMware, Fujitsu and Computacenter and others and is currently leading Check Points’ cloud security business in Eastern EMEA and Africa. He has been in this role at Check Point for seven years.
In this outstanding CyberTalk interview, cloud security expert Richard Flanders shares perspectives surrounding the latest cloud security architecture trends and challenges. He also speaks to the integration of AI into cloud security and how your organization can develop and implement best-in-class cloud security strategies.
There’s a tremendous wealth of information to unpack here and it’s sure to benefit you, your security, and your organization’s overall growth. Don’t miss this!
What are some of the latest trends in cloud security architecture, and how do they differ from previous approaches?
The main theme of cyber security that has emerged in the last 3 years is that of prevention instead of just alerts. What this means is that cyber security tools are now required to have a high level of intelligence built into them so that they can predict attacks and take positive action to nullify those attacks before they do any damage to the cloud infrastructure itself. Cloud users need to be able to take a “hands-off” approach to the day-to-day management of their security environment and must be able to rely on solutions that are proactive and automated.
How can businesses effectively navigate the challenges posed by new landscapes in cloud security?
Businesses need to focus on the security aspects of any cloud project as early as possible; in the planning phase of the cloud migration project. Security should not be an afterthought – it is integral to the safe and effective recognition of value from any cloud utilization.
With the rise of multi-cloud environments, how are organizations adapting their cloud security strategies to maintain consistent protection?
Most organizations are realizing that they need to invest in cloud security that will span multiple cloud environments and that will be manageable from a single console. This is harder than it sounds, as each cloud provider has a slightly different approach to securing their environment. It is also key to remember that each cloud provider has a “shared-responsibility” model, whereby they will not guarantee to protect customer data and applications in their cloud environments. The customer is responsible for deploying the appropriate solutions that will protect them from potential attacks.
Those solutions must be applicable across all of the cloud platforms that the customer is using and must provide the customer with a complete picture of the security environment/situation at all times. Organizations continue to rely on multi-cloud solutions with 76% of cloud users engaging two or more cloud providers, compared to just 62% from the previous year. While cost (61%) and ease of use (58%) initially drove their security decision between cloud-native versus independent cloud security solutions, managing multiple cloud vendors has created a greater complexity than first imagined.
How are advances in machine learning and AI being leveraged to enhance cloud security and what benefits do they offer over traditional approaches?
Advances in AI have led to a massive improvement in the ability of solutions to detect and prevent attacks right across the cloud computing spectrum. The idea of leveraging a database of attack information and using learned-experience to assess when an attack is coming is vital to enhancing threat prevention capabilities within the cloud. Check Point CloudGuard Cloud Intelligence and Threat Hunting, part of the CloudGuard Cloud Native Security platform, provides cloud native threat security forensics through rich, machine learning visualization, giving real-time context of threats and anomalies across multi-cloud environments.
What role do DevOps practices play in cloud security, and how can organizations integrate security into their DevOps workflows?
There is a vital role for DevOps within the cloud security space, in as much as those developers need to ensure, as far as possible, that they are not introducing security vulnerabilities into an application as they are writing it. There are solutions that will scan and assess code as it is being written – applying threat prevention techniques to every line of code produced. As an example, the Check Point shift-left solution enables the DevSecOps team, whilst allowing the incorporation of security and compliance into how a cloud solution is built, deployed and runs applications, without sacrificing agility.
What are some best practices for developing a comprehensive cloud security strategy that can address unique organizational needs?
Cloud platform users need to address a number of different factors when designing and deploying their cloud environment. In brief, these are:
- Ensuring that all workloads and cloud objects are properly protected by whatever solution is chosen. The chosen solution must be able to work across different cloud platforms.
- The chosen solution is capable of using AI and learned-knowledge to predict and nullify potential cyber attacks.
- Security is treated as the number one priority when first considering a transition to private or public cloud environments.
- Ensure that DevOps are part of the early design conversation and ensure they are included as part of the decision-making process.
- Invest in cloud capabilities within the organization itself, and choose a partner and vendor who understands the challenges of deploying cloud-based applications and can properly support the environment.
Many thanks to Richard Flanders for this exclusive interview. If you would like to see additional exclusive conversations featuring some of the world’s most influential and thoughtful cyber security experts, please see our past coverage.
Want to stay up-to-date with trends in technology? Check out the CyberTalk.org newsletter. Sign up today to receive top-notch news articles, best practices and expert analyses; delivered straight to your inbox.