With so many new trends and buzzwords being tossed around related to cloud security, it’s easy to get caught up in the noise. Oftentimes, the best way to cut through the complexity is to go back to the research.
That’s why Illumio partnered with technology research specialist Vanson Bourne to assess the current state of cloud security in the new Cloud Security Index 2023.
In a recent webinar, Ruth David, Research Manager at Vanson Bourne, joined Brian Pitta, Global Distinguished Field Engineer at Illumio, and Sean Yarger, VP of Global Sales Engineering, to explore the recent report, cloud trends impacting CISO decision-making, and what Illumio is doing to bring Zero Trust Segmentation to hybrid and cloud environments.
You can also watch the full recording here and see a short clip from the webinar below:
Here are three takeaways from their discussion.
1. Data clearly illustrates cloud security urgency
The Cloud Security Index 2023 found that nearly all organizations are using the cloud in some way. In fact, in the United States alone, 100 percent of respondents said their organization was leveraging the cloud.
And organizations aren’t just using the cloud as back up — 98 percent of organizations are currently holding sensitive data in the cloud, and nearly 90 percent are currently running their highest-value applications in the cloud.
“It goes to show how frequently the cloud is being used right now,” David remarked. “And unfortunately, we found that of the data breaches suffered over the past year, nearly half originated in the cloud.”
For David, this indicates an issue with the ways organizations are currently approaching security in cloud environments.
“One of the main takeaways from this research really was that traditional cloud security is failing modern organizations,” David said.
Get insight into the most important highlights from the report in this infographic.
2. Traditional on-premises security doesn’t work in the cloud
One of the reasons organizations are struggling to secure is the cloud is because it’s the “unknown,” Pitta said. It’s difficult to get visibility into fast-changing cloud environments, and all the new cloud service offerings can quickly make the problem more complex.
Pitta detailed 2 reasons why the cloud requires different measures than on-premises environments:
“The cloud introduces a ton of new services,” Pitta said. “If I used to just have virtual machines and physical service, I now have Kubernetes clusters and databases.”
“The rate of change has accelerated tremendously,” he continued. “There are new services coming out at what feels like by the hour that IT teams need to keep track of. That's another big challenge — understanding the nuances of each and how you go about controlling them.”
Yager believes that these key differences in the cloud can oftentimes cause a wider attack surface than on-premises environments. And with many organizations trying to implement the same on-premises security measures into the cloud, threat actors have a growing range of options for their next attack.
3. Zero Trust Segmentation is essential to modern cloud security
As more organizations manage their most important data and applications in the cloud, it’s important to prioritize cloud resilience. There are a lot of tools that security teams can use in a stack for cloud security — so why should Zero Trust Segmentation be one of them?
“It really comes down to the fact that it’s the protection layer when all else fails,” Pitta explained.
Prevention and detection technologies help stop attacks from entering the network perimeter. But in today’s threat landscape, breaches are inevitable. To build resilience against ever-evolving threats, organizations must implement a Zero Trust security strategy based in the mindset of “never trust, always verify.” Zero Trust Segmentation (ZTS) is foundational to any Zero Trust architecture.
“ZTS has two missions: stop attacks or slow them down,” Pitta explained. “ZTS makes it so a breach can't spread and eventually get detected — which means very little impact — or it takes a lot longer to spread, which is just giving you more time to detect it.”
In a world where breaches can’t be avoided, the goal is to limit their impact. “You could call ZTS a safety net. No matter what, it won't be as bad as it could have been,” Pitta said.
Illumio CloudSecure extends ZTS to your cloud environments. With CloudSecure, security teams can:
Visualize cloud workload connectivity
Apply proactive segmentation controls
Proactively contain attacks on applications and workloads in their public cloud environments, across servers, virtual machines, containers, and serverless computing.
By extending ZTS to the cloud, security teams can be confident that inevitable cloud attacks will be stopped and contained at their source.
Cyber Resilience: The Banking Sector’s Top Security Priority
In this December 2021 speech, Bo Li, Deputy Managing Director of the International Monetary Fund (IMF), reinforced how digital technology permeates all aspects of society, increasing our dependency on interconnectivity and reliance on the networks that support it.