The San Francisco springtime gave us plenty of weather to talk about at this year's RSA Conference. But the forecast has been cloudy for a while now.
Analysts project nearly 80 percent growth in cloud adoption in two years, with IT environments moving from almost half cloud in 2018 to more than two-thirds by 2020. By that time, 49 percent of businesses will store the majority of their data in the public cloud, according to the latest Oracle and KPMG Cloud Threat Report.
However, increasingly complex applications combined with a lack of visibility creates the perfect storm of blind spots, poor detection, and limited enforcement options for multi-cloud deployments.
The best RSA 2019 keynote I attended was the Cloud Security Architecture Workshop by SANS Institute instructor Dave Shackleford. Some notes taken from his points:
- Centralize security with vendors who perform multiple functions. You want multi-cloud to prevent vendor lock-in, but your security providers should centralize as much as possible.
- "Design for elasticity.” Consider host-based security and licensing for better scaling. It’s also important to know what causes scaling up and how to track it so things don't choke.
- Manual effort in the cloud is doomed to fail. Automation is mandatory.
- Rather than focusing on attack surface, Shackleford discussed overall “blast radius” and targeting doomsday “what-if” scenarios. Preventing lateral movement is key to limiting blast radius, which has led to the growth of segmentation and isolation, as well as a shift away from pure network security.
- It’s important to have an understanding of your level of overall architecture maturity.
I would add that visibility is another crucial component of cloud security. Lack of visibility into application behaviors within and across your cloud environments has potential to create the perfect storm of poor detection meets poor enforcement and response.
Enterprises adopt cloud to accelerate their business; however, traditional security can slow this down (or worse, sabotage it). How can security policies be applied consistently across cloud environments, as well as brownfield on-premise deployments, and with the agility to move as workloads do? To learn more, check out Illumio's multi-cloud solution.