Play it safe: Three hard realities about cloud security

Share this post:

Yes, it’s all going to the cloud, which is better than “to the dogs.” And yes, you have to make sure your cloud environment is secure.

You need to confront some hard realities about cloud security because the cyber landscape continues to be unforgiving. It doesn’t matter whether you’re protecting traditional computer systems, your mobile platform or the cloud itself. Simply put, organized cyber crime and cyber espionage continue to grow in sophistication. Any new hackable platform is red meat for them. Opening massive breaches that harvest critical data is their day and night job. News headlines make that clear that the aggregate total of global cyber crime damage now rivals that of many nations’ annual gross domestic product (GDP).

First reality: Organizations spend considerable time and money securing their on-premises infrastructure. That’s good. The problem is maintaining that same high level of security when outsourcing to the cloud. Security delivery requires a cloud provider’s undivided attention. Yes, there are built-in security tools, but you will not get the key to any strong security posture—24/7/365 threat monitoring, analysis and response—or “managed security service.” These are humans watching out for you. You must know what’s happening on the cloud in real time and be able to respond very quickly. You need people to manage this, even if you have automated capabilities as part of your cloud security. The “cloud” doesn’t do it on its own.

(Related: An interview with Brendan Hannigan, IBM GM Security Systems Division)

Second reality: Repeat after me: “My cloud will be breached.” Take a deep breath. Say it one more time.

Remember, just because you’ve been breached doesn’t mean an attacker knows where to go once they get in your system. If you identify the attack quickly you can prevent him or her from getting to your critical data.

So, review your incident response plan for cloud security. What, you don’t have one? Okay, review the plan you have for your premises infrastructure.

If you still have a blank look, gather your team and start putting a response plan together—fast. How you handle it is crucial, particularly the speed of your response. Sophisticated attacks often show no upfront “symptoms” but can quietly devastate your business over time. The longer it takes to resolve an attack, the more costly it becomes.

Prevention starts with an incident-response plan and mock exercises to test the plan. Get an experienced provider to try and hack your cloud. Find out your vulnerabilities. Most important, make sure you have a team ready to move quickly and decisively if you suspect your cloud has been attacked.

Third reality: Last but maybe most importantly, get smart about “security intelligence.” Your cloud systems, along with your other IT platforms, generate billions of security events each day from firewalls, emails, servers and the like. It’s simply not possible to manually sift through this data and find evidence of suspicious behavior. Beyond the costs involved, it’s confined to figuring out “what happened” rather than “what will occur.”

When applied to security data, big-data analytics tools can be transformative—the tip of the spear in security intelligence and response. Analytics can provide automated, real-time intelligence and situational awareness about your infrastructure’s state of security to help disrupt the attack chain.

Say that two similar security incidents take place, one in Brazil, the other in Pittsburgh. They may be related. But without the intelligence needed to link them, an important pattern—one that could indicate a potential incident—may go unnoticed.

You need this capability, and providers like IBM are stepping up to make it the ultimate reality.

Stay safe.

More stories

Why we added new map tools to Netcool

I had the opportunity to visit a number of telecommunications clients using IBM Netcool over the last year. We frequently discussed the benefits of have a geographically mapped view of topology. Not just because it was nice “eye candy” in the Network Operations Center (NOC), but because it gives an important geographically-based view of network […]

Continue reading

How to streamline continuous delivery through better auditing

IT managers, does this sound familiar? Just when everything is running smoothly, you encounter the release management process in place for upgrading business applications in the production environment. You get an error notification in one of the workflows running the release management process. It can be especially frustrating when the error is coming from the […]

Continue reading

Want to see the latest from WebSphere Liberty? Join our webcast

We just released the latest release of WebSphere Liberty, It includes many new enhancements to its security, database management and overall performance. Interested in what’s new? Join our webcast on January 11, 2017. Why? Read on. I used to take time to reflect on the year behind me as the calendar year closed out, […]

Continue reading