Why it’s time to take control of cybersecurity in the cloud (Guest blog from Illumio)

Author: Raghu Nandakumara, Head of Industry Solutions, Illumio

Cloud applications have become the lifeblood of organisations, especially in the past few years of rapid digital transformation. These applications running in the cloud, whether they be on virtual servers, containers, serverless computing, or other services, offer unprecedented agility and scalability.  

However, the pace of cloud migration is also exposing organisations to cloud blind spots. Many are now running a mix of cloud architectures, each needing different tools and requiring different capabilities, leading to security gaps. 

Traditional perimeter-based security models struggle to keep up with the dynamic and decentralised nature of cloud workloads. Attack surfaces expand exponentially, leaving organisations vulnerable to data breaches, lateral movement, and insider threats. This demands a change in thinking in security strategies. 

Understanding cloud security pitfalls

According to Illumio research, 47% of all data breaches in the past year originated in the cloud.  Yet still organisations continue to take the same lift-and-shift approach to cloud security that they do moving applications into the cloud, often transferring existing on-premises security processes to the cloud untested. 

It's an attractive strategy that offers a quick and seemingly effective solution for those facing tight deadlines and limited budgets. However, it’s also an approach almost certainly resulting in critical security and visibility gaps. Without taking a modern, proactive approach to securing cloud environments, businesses will find it increasingly difficult to stop breaches before it’s too late.

Many organisations are now turning towards existing cloud security capabilities , such as cloud native application platforms (CNAPPs), cloud workload protection platforms (CWPPs) and cloud security posture management (CSPM) to bolster their defences. But while such tools address many cloud security requirements, they still leave a significant gap when it comes to helping organisations understand how resources across hybrid and multi-cloud environments interact. These gaps are only exacerbated as workloads travel between different environments, whether those be within and across clouds or between cloud and on premises, and this makes it easier for attackers to move laterally through environments undetected.

Regaining confidence with Zero Trust 

The limitations of existing cloud security tools are also reflected in organisations’ confidence in cloud security. According to Illumio research, 63% think their cloud security poses a severe risk to the business, with visibility into third-party software connectivity and quicker reaction times to cloud breaches being key areas for improvement. 

To boost cyber resilience in the cloud, organisations must be able to control cloud connectivity and effectively contain the spread of an attack. And given the existential risk that any cloud workload is just one misconfiguration away from being exposed to the internet, adopting a security strategy that enables safe productivity in such an untrustworthy environment is a must. 

While existing cloud security tools are great for wholly cloud-native (and more often single-cloud) environments, they cannot provide the granular control and visibility needed across the hybrid attack surface. This makes it time consuming for IT teams to protect applications in real-time, as well as difficult to deliver consistent security policy across hybrid environments. What organisations need is consistent, context-based visibility and granular segmentation everywhere, all the time – and this can only be achieved with new and modern security strategies such as Zero Trust. 

Zero Trust is a strategy designed to stop data breaches and prevent the successful culmination of a cyberattack by reducing the inherent, implicit trust from digital systems. Rather than making assumptions about the underlying environment of where a resource is running, Zero Trust focuses on granting access to resources based on who needs access, what the resource is, and where the resource is at any given time. This limited, least-privileged access between resources prevents attacks from spreading, contains attacks across cloud environments, and allows organisations to keep their cloud assets safe.

A key pillar of Zero Trust is Zero Trust Segmentation (ZTS), also known as microsegmentation. ZTS is a modern solution that focuses on gaining visibility first and then using that as a foundation to deliver iterative improvements to security.  It divides the environment into smaller, granular segments, creating a series of secure zones. Organisations can then deliver precise and flexible security across the entire hybrid attack surface by offering a unique security posture for each segment. Each segment can be tailored with specific access controls, containing lateral movement, and limiting potential damage when breaches inevitably happen. It’s a game changer for cloud security, making it easier to achieve and maintain least-privilege in cloud environments, and to adapt segmentation policies to dynamic cloud environments where resources scale up and down.

Building resilience in the cloud

The cloud brings many benefits, but its usage is not risk-free. The rising popularity of the cloud, coupled with security often being an architectural afterthought, has made cybercriminals eager to look for ways to exploit weaknesses and vulnerabilities in critical systems hosted in the cloud. And with cloud breaches frequent, organisations need to strengthen security in the cloud fast, or risk opening themselves up to dangerous and costly attacks. 

The crux of the cloud security problem is that the dissolved perimeter makes it difficult to see how application workloads are behaving and communicating across hybrid and multi-cloud deployments. Traditional security approaches are failing - too many organisations have little understanding of what their applications are doing in the cloud and ultimately you can’t protect what you can’t see. Visibility generates the confidence to adopt and scale in the cloud, and that can only be accomplished with a Zero Trust approach. 

Authors

Raghu Nandakumara

Head of Industry Solutions, Illumio