The golden rule of security is to always be prepared.
Say you live in a medieval castle designed to protect the king’s ransom. One day, attackers appear at the gate. If you’ve prepared for this moment by bolstering the castle walls, you’ll be safe.
Then one day, those marauding invaders get smart. They draw up plans for a battering ram capable of knocking down the castle gate. That’s a game-changer. You’ll need to upgrade your “perimeter security” solution. A moat filled with snarling alligators could work.
Fast forward a millennium or so. Your castle has been digitized, it sprawls across the entire kingdom, and it’s in the cloud. Your attack surface is vast. The medieval hordes have been replaced by sophisticated cyberattackers.
The moat isn’t as effective as it used to be. Your kingdom must modify your tactics, tools and procedures for a more geographically diverse and mobile kingdom with much more intelligent adversaries.
Cloud computing is a catalyst for IT modernization. Cloud foundationally changes how we operate, communicate and evolve not just IT – but also our business processes and workforce as well.
And yet concerns about cloud security persist. That’s because the impact of a security breach in the cloud can be disastrous. That’s especially true when a cyberattack spreads throughout a network fabric which links together a low trust public internet with high trust private networks.
With legacy infrastructure, security is primarily an issue of perimeter defense for each data center or network segment – it’s a matter of moats. In the cloud, however, security challenges are more complex. They include:
- Advanced threats that attack along multiple fronts
- Securing applications and data
- Securing controls to new workloads
- Internal traffic visibility
- Cross-cloud monitoring
- Limits of traditional segmentation
- Shared responsibility for security with the cloud provider
- (And) Effective policy and configuration management
As the value of the cloud to government organizations has increased, the impact of lost or stolen data and compromised operations has risen. This increased risk in the new age of cloud is why organizations need to immediately assess their cloud security capabilities and improve their ability to not just detect but prevent compromises.
Visionary leaders understand that vigilance is the price paid every day to maintain a healthy security posture, both on premises and in the cloud. Compared to potential losses incurred in cyberattacks, the cost of vigilance and prevention is pennies on the dollar.
This article is an excerpt from GovLoop Academy’s recent course, “Cloud Security: Defending a Pillar of IT Modernization,” created in partnership with Swish and Checkpoint. Access the full course here.