Request a DemoEmergency Assistance
SNOWFLAKE CUSTOMERS

Find out fast if you are impacted by this active threat campaign. >>

SNOWFLAKE CUSTOMERS
Find out fast if you are impacted by this active threat campaign. >>
Home
»
Resource Library

Protecting Data and Access in Cloud Environments

An excerpt from the webinar “Cyber Investment Strategies for CISOs: Enabling Your Transforming Enterprise

Featuring:
Samir Sheirf, CISO, F5
Ariel Parnes, COO and Co-Founder, Mitiga
Sean Michael Kerner, technology journalist

Sean Michael Kerner:
When we're talking about this modern era now, what new challenges do you need to address that are different in terms of access, data, and identity that perhaps are different than things you might've had to think about a couple years back?

Samir Sherif:
Absolutely. I think the one way to look at it is when you're operating the cloud, it's not just your solution that's operating the cloud. You're depending on so many different supply chains, SaaS, APIs, and all the connectivity between them, whether it's through your suppliers', data you're sharing with your company and others to really enable that rapid response and scalable infrastructure that you rely on through the cloud services.

So, the challenge, really, is understanding where and how things are moving within that ecosystem and also being able to have the right solution capabilities to really protect all of that. I mean, there is a new thought process around resilience as becoming the central point in thinking about Cloud, and cloud security for security operations. But I always try to come down to the foundational level and say, "We have to be resilient, but the only way we're going to be resilient is if we're able to really protect and respond to threats that may come out of that type of technology."

Ariel Parnes:
Sure. And I think the term that represents the challenge that Samir was mentioning is the shared responsibility concept. And basically, this is introducing a whole new challenge for us as defenders when we are sharing responsibility with third parties, vendors, cloud providers, infrastructure, SaaS and so on, and sharing responsibility in defending our organizations.

It means that, as opposed to in on-prem environments, where eventually you were the master of your domain and were able to get access to or have the visibility that you needed to defend, detect, and respond to attacks—when you live in the cloud, you are sharing this responsibility with others.

It means that the visibility that you have is limited unless you do certain things in advance. And I think visibility is the foundation of cybersecurity. In order to defend, to respond, to recover, you need to have visibility on what is going on in your environment. If you are sharing this responsibility with others, then the challenge increases in terms of having the right information to be able to identify gaps, to identify malicious activities, and to respond. This is a different way of doing business compared to what we were used to in the on-prem environments.

Samir Sherif:
All right, Ariel, I wholeheartedly agree with you. And if you think about the number of organizations within a company that interact and also deliver capabilities— a concept like shadow IT, we call it shadow IT, but it is now distributed across various different organizations. You can have a marketing function that also interacts with the cloud to deliver marketing capabilities and they may manage the solution themselves. How well do these functions understand architecture? Or zero trust architecture configuration? All the identity management, managing the threat, ensuring all the security controls and policies are applied?

It just compounds the complexity of various groups through shared responsibility. Also, now they have to act as engineering functions and IT functions as well and have accountability distributed to them too. And I think that's where it becomes interesting when we think about it's not just the primary groups that manage the infrastructure, but that there are all these other functions within the company that also will now have to contend with the fact that they need to understand the processes all the way down to what an engineer will have to do when operating in the cloud, right? So, the security function, security team, and the CISO organization in particular, all need to make sure that all those various different groups understand security is becoming incredibly important.

Want to hear more about how leaders are contending with the new strategic challenges of securing cloud ecosystems? Watch the full webinar on demand.  

Video

Get to Know Mitiga: Cloud and SaaS Threat Detection, Investigation, and Response Leader

After 25 years of experience in cybersecurity, we came to a conclusion that in cloud detection, investigation, and response, there is still no single good solution that can oversee the entire landscape of the digital footprint.

Video

What is Cloud Ransomware? Cyber Terms Explained

So, if we start with ransomware and then go to cloud ransomware, in cloud there will be two different types: ransomware and extortionware.

Video

What is CIRA? Cyber Terms Explained

CIRA refers to cloud investigation and response automation, which is a way to describe that there's a lot of challenges in the cloud versus on-prem environments.