A new study from Networks found that organizations use more than 30 tools on average for general security, and that the level of complexity leads to less security, not more.
More than 60% of organizations have been operating in a cloud environment for three years or more, but technical complexity and maintaining comprehensive security still hamper their cloud migration efforts, according to the 2023 State of Cloud Native Security Report.
TO SEE: CrowdStrike: Attackers target cloud exploits, data theft (TechRepublic)
Three-quarters of respondents to the Palo Alto Networks survey reported that the number of cloud security tools they use creates blind spots that affect their ability to prioritize risk and prevent threats. More than three-quarters said they struggle to identify the security tools needed to meet their goals.
90% of C-Suites respondents said they could not detect, contain and remediate cyberthreats in under an hour, and about half admitted that the majority of their workforce does not understand their security responsibilities.
Jump to:
Key challenges for providing comprehensive security, top to bottom, left to right
Respondents to the Palo Alto Networks survey identified the top challenges to providing comprehensive security, including the following:
Manage security holistically across teams
It is not enough to adopt a model of responsibility between cloud service providers and users; companies need to look inward and eliminate silos to the extent that they hinder security processes that work for development, operations and security.
Embedding security in the cloud-native development lifecycle
Integrating the right cloud security solutions at every stage of the application development process, from code to runtime, is critical.
Train IT, development and security personnel in the use of security tools
Cloud-native application development requires securing “exponentially more cloud assets across code, workloads, identities, data, etc., and across multiple execution environments, such as containers, serverless, and platforms,” the company noted.
Lack of visibility into security vulnerabilities in cloud resources
Palo Alto Networks calls vulnerability management the “holy grail of application security.” But to achieve this, the company says it must be able to reflect the scale, speed and flexibility of the cloud. When done successfully, it can reward businesses with near real-time threat and vulnerability detection.
Using the right tools
According to the report, the ideal cloud security solution is scalable and able to address immediate security needs and additional use cases as the company expands cloud applications and usage.
C-Suites executives question secure cloud deployment
The report is based on a survey of 2,500 C-level executives globally in November and December 2022 who tracked enterprises’ shift from on-premises software and services to the cloud and found a generally weak security posture. A common theme among executives surveyed was that their organizations need to improve cross-cloud visibility, incident response, and investigation.
“With three out of four organizations deploying new or updated code to production every week and nearly 40% committing new code daily, no one can afford to overlook cloud workload security,” said Ankur Shah, senior vice president, Prisma Cloud, Palo Alto Networks.
“As cloud adoption and expansion continues, organizations must adopt a platform approach that secures applications from code to cloud in multicloud environments.”
5 keys to the best security features and ease of use
According to the research, the top factors companies consider when choosing security solutions for their cloud applications are:
- Easy to use.
- Best-in-class capabilities.
- Potential impact on company performance.
- Familiarity with supplier or tool.
- Competitive prices and/or costs.
The research found that enterprises are split between a single security vendor/tool approach and a multiple security vendor/tools approach for each of their security needs.
Companies have too many security arrows in their quiver
Three-quarters of leaders Palo Alto surveyed said they struggled to determine what security tools were needed to achieve their goals, leading to the adoption of countless single-point security solutions — of the more than 30 security tools organizations use on average, six to ten are dedicated to cloud security.
TO SEE: Open source code for commercial software applications is ubiquitous, but so is the risk (TechRepublic)
A quarter of respondents reported using both internal and open source tools, with most companies surveyed saying they use multiple vendors to secure their clouds, networks and applications (Image A).
Image A
Despite all efforts, security gaps remain
The Palo Alto Networks survey reported that only about 10% of respondents failed to detect, contain and remediate threats in less than an hour. In addition, 68% of organizations were unable to detect a security incident within an hour, and of those that did, 69% failed to respond within an hour (Figure B).
Figure B
How to avoid blind spots and poor visibility of security risks
Recommendations from the study authors include quickly identifying abnormal or suspicious behavior that indicates compromise, and focusing on the means to increase the near-constant visibility of cloud assets, in part by eliminating blind spots caused by the lack of a holistic approach to security tool implementation. . The authors also suggested:
Ensure security at all stages
Security teams need to have a comprehensive understanding of how their business moves from development to production in the cloud to find the least disruptive security tool insertion points.
“Starting with increasing visibility and remediation recommendations for software with known vulnerabilities and scanning container images is a great first step towards early buy-in from DevOps or platform teams,” the report said.
Use threat prevention techniques
Deployment tactics can actively block zero-day attacks and contain lateral movement in the event of a breach. Also calculate net effective permissions for cloud resources to ensure best practices for least privileged access.
“Organizations should at least consider applying preventative solutions to their mission-critical applications,” said Palo Alto.
Align cyber tactics with cloud presence
Don’t end up with dozens of tools stashed in the cloud for specific security applications, leading to what Palo Alto Networks calls a “spread” of tools that bog down cloud security teams and leave gaps in visibility. The company is proposing to review cloud adoption goals over a period of two to five years.
Consolidate tools where possible
Unify data and security controls in a platform approach to get a comprehensive view of risk, as opposed to the granular views provided by several isolated tools.
“Consolidating tools allows security teams to automate correlation and address key security issues across the application lifecycle,” the company notes.
Acting quickly in the event of an incident depends on a strong policy
Security incidents on computers and other devices, networks, applications and cloud service platforms require a rapid response. The sooner people report to IT and relevant security teams, the better when receiving suspicious messages, noticing unusual changes in system or device performance, discovering a deceptive link, or any other suspected attack or infiltration. Download TechRepublic Premium Security Incident Response Policy to learn incident response best practices.
