Security for a Multi-cloud World
The high price of cybercrime
CEOs, CIOs, and business leaders need only scan news headlines to understand the potentially dire consequences of a security breach. Failing to properly protect data access or adhere to compliance regulations can invite disaster from which your business may never recover. No matter how you slice it, the rising cost of cybercrime is both shocking and unsustainable.
The global cost of cybercrime rose to unprecedented levels in 2017, according to McAfee, tallying between $445 and $608 billion – 0.8% of the worldwide GDP and $100 billion more than the worldwide cost estimated for 2014. As reported by InformationAge, the global cost of cybercrime is estimated to reach $2 trillion by 2019.
The price of a cyber-attack varies significantly depending on the kind of breach a company suffers; a company’s size, industry, and country; and how well-prepared it was for an attack. In 2017, the average cost of a data breach in North America was $1.3 million for enterprises and $117,000 for small and medium-sized businesses (SMBs), according to a report from the much maligned but undeniably accredited Kaspersky Lab, as reported by CSOonline.
The new multi-cloud norm
Today, most data and applications reside in multiple clouds, spanning infrastructure, platform, and software-as-a-service – IaaS, PaaS, and SaaS. The drivers for adopting a multi-cloud strategy are numerous, compelling, and enduring. In addition to delivering cost-savings, high resiliency, and the agility to quickly adapt to changing business requirements, multi-cloud architectures reduce reliance on any single vendor, increase flexibility through choice, mitigate disasters, satisfy regulatory and/or geographic requirements, and support advanced technologies.
The RightScale State of the Cloud Report indicates 81% of enterprises currently have a multi-cloud strategy. On average, companies are using 4.8 private and public clouds to run applications and experiment with new services. This increased cloud use has sparked more investment. One-fifth of enterprises plan to more than double cloud spending, and another 17% expect to increase cloud spending by 50-100%, according to the report.
According to IDC, 94% of organizations intend to be using multiple clouds within the next 12 months. Gartner predicts that 90% of organizations will adopt multi-cloud infrastructure capabilities by 2020.
Multi-cloud is a key enabler of innovation and digital transformation, and to be clear, multi-cloud is here to stay. The most cloud-mature organizations expect to be able to choose from multiple cloud providers based on location, policies, governance principles and, most importantly, their unique business requirements and goals.
Multi-cloud security challenges
Tempering the many advantages of a multi-cloud strategy are a number of related security concerns. Greater exposure to today’s strengthening cyber storms is taxing security pros and rendering traditional security approaches obsolete. The complex web of legacy security technologies doesn’t properly protect businesses from employees who now access work information across a mix of devices, locations, and cloud apps. Too many tools operating in silo at once — and failing to communicate with each other — is a recipe for disaster. As are rogue, ‘shadow IT’ cloud deployments. It’s interesting to note that by 2020, a third of successful attacks experienced by enterprises will be on their shadow IT resources, according to Gartner.
All the while, malware, ransomware, phishing attacks, and distributed denial-of-service attacks are all rising rapidly. The 2017 Worldwide DDoS Attacks and Cyber Insights Research Report by Neustar revealed an 11 percent increase in the number of organizations targeted by DDoS attacks. Disruption via natural disaster is always a risk. Regulations such as HIPAA, PCI DSS, SOX, and GDPR hold those with weak security and privacy processes financially accountable, adding even more pressure on multi-cloud organizations.
Obviously, a multi-cloud architecture brings with it an exponential increase in attack vectors. As complexity increases — as it inevitably does with multi-cloud — monitoring what is happening in the various cloud environments becomes much more difficult. Multi-cloud security requires a single pane of glass for monitoring and automated configuration drift management of numerous services across an array of resources. This also needs to be paired with the protection of user identities and defense against vulnerabilities in application libraries and web application components.
Since encryption is a preferred way to secure data, encryption key management is a critical concern. According to 451 Research, 60 percent of enterprise IT security professionals identified data encryption in the cloud with enterprise key control as the top IT security tool needed.
Visibility is another of the major concerns in a multi-cloud world. Securing today’s rapidly changing and high-performance environment requires continually assessing the security of the organization’s IT portfolio in its entirety. While IT teams may have visibility into each cloud network through cloud-specific tools, they usually cannot detect or correlate threats across multiple cloud environments, nor can they immediately assess the impact of a threat to one cloud resource or another. They are also challenged to deploy consistent security functionality and policy enforcement across a variety of often very different ecosystems.
Add to this the daunting task organizations face when attempting to secure a multi-cloud infrastructure by establishing consistent management and enforcement of IT security policies. Single-pane-of-glass management systems that control security functions across different cloud environments are needed in order to provide deep visibility, integrated event correlation, centralized policy management, and consistent controls and response.
Lastly, today’s dramatic shortage of security skills leaves most organizations severely lacking on this critical front. With a current estimated 350,000 open cyber security positions in the US, and a predicted global shortfall of 3.5 million cyber security jobs by 2021, according to Cybersecurity Ventures, the cybersecurity skills shortage represents an existential threat to businesses that rely on technology as the backbone of their operations.
Spending on security soars
As organizations increasingly adopt a multi-cloud strategy, CEOs, CIOs, and business leaders know all too well that investing in security is an absolute necessity.
IDC forecasted that worldwide spending on security-related hardware, software, and services would reach $91.4 billion in 2018, an increase of 10.2% over the amount spent in 2017. IDC predicts spending on IT security will achieve a CAGR of 10% over the 2016-2021 forecast period to reach a total of $120.7 billion in 2021.
In line with this, according to Gartner, security spending is growing at a healthy 12.4% and will continue to expand based on demand generated by concerns of security risks, business needs, and industry changes. Gartner forecasted security spending to exceed $114 billion in 2018 and grow by 8.7% to $124 billion in 2019.
Privacy will drive many of the new expenditures, according to Gartner, with identity and access management, identity governance and administration, and data loss prevention listed as key areas of interest.
Driven by factors such as the increasing instances of cyber-attacks on enterprise IT infrastructure, growing BYOD trends among organizations, stringent regulations, and most pressingly, security skills shortage, the demand for managed security services is expected soar in the years ahead. According to Research and Markets, the global managed security services market size is expected to grow from $24.05 billion in 2018 to $47.65 billion by 2023, at a CAGR of 14.7% during the forecast period.
Multi-cloud security – don’t go it alone
With threats so prevalent, stakes so high, and skills so short, most organizations are wisely not going it alone when it comes to security. Ongoing skills shortages, concerns over regulations such as GDPR, and the mind-numbing complexity of securing ever-expanding networks, application landscapes, and personal devices are driving organizations to seek assistance from expert security services providers such as AST. In fact, Gartner estimates that services will represent at least half of security software delivery by 2020.
To secure complex, highly distributed environments spanning remote branches, enterprise data centers, and hybrid clouds, security teams must maintain cohesive visibility to identify anomalous behavior and rapidly mitigate threats. We must switch from a traditional model of individual and isolated security devices to a fabric-based approach built around open standards and integrated security tools designed to communicate and collaborate at speed and scale. This approach will also need to include automation to allow security to move beyond signatures to behavior-based analytics.
A complete approach to security must be able to identify, detect, respond, and protect against threats, incorporating preventive, detective, and predictive controls, along with artificial intelligence and machine learning to enable actionable intelligence.
AST’s cloud security services are designed to secure users, applications, APIs, data, content, and infrastructure.
As an Oracle Cloud Premier Platinum Partner and AWS Consulting Partner specialized in Cloud Security solutions, AST’s team focuses on every aspect of enterprise security. We’ve helped many organizations provide users with secure access to resources and assets, including:
- Identity is the Perimeter: Cloud-based Identity and Access Management solution for securing access, providing single sign-on, and protecting identities in the cloud, as well as in on-premise applications.
- Cloud Access Security Broker: Cloud-based solution that provides advanced threat analytics utilizing user behavior analytics (UBA) and third-party feeds, configuration seeding, monitoring and alerts, and Shadow IT discovery.
- Smart Monitoring and Analytics: Services to enable rapid detection, investigation, and remediation of the broadest range of security threats across on-premise and cloud IT assets. Provides integrated SIEM and UEBA capabilities.
- DevSecOps: A security first approach to DevOps maturity that guards against development and IT lapses.
- Identity Governance: Comprehensive implementation services enabling identity compliance and providing users with many features, from self-service registration to privileged account management.
- Mobile Security Services: To adopt, deploy, and manage data without interfering with personal mobile use.
- Governance, Risk Management, and Compliance: Services and solutions to assist in GRC.
- Database Security/Auditing: Solutions for data at rest and in transit, and access auditing.
Contact AST today to learn how our Cloud experts can provide the enterprise-wide security your organization needs to thrive in a digital economy.