|
The traditional notion of the security perimeter is growing increasingly problematic in the wake of highly publicized attacks. The perimeter is becoming nonexistent, as cloud-based infrastructures replace legacy systems. Additionally, the cyber kill chain is likewise turning into a misnomer, as threats evolve faster than security systems could catch them.
It sounds like doomsday has arrived. All jest aside, however, there are lessons to be had from the volatile threat landscape and the paradigm shifts in the industry. At present, many corporations are in the process of cloud modernization or building their security architecture.
This post takes a look at the cloud security model and what enterprises can learn from its zero-trust network DNA along with its use of cyber security data solutions.
Castle-and-Moat Approach Deficiencies
Because it’s intrusion-centric, the castle-and-moat model’s weakness lies in its misplaced intense focus on external threats. As high-profile attacks have taught us in recent years, external threats are usually the least of everyone’s problem. Insider threats are frequently overlooked, even if they render all secure attack surfaces irrelevant.
Other disadvantages of the castle-and-moat framework include:
Why the Zero-Trust Model Is Risk-Averse
Cloud infrastructure providers were the first to implement the zero-trust model, bearing in mind the cloud’s nature of providing universal access to remote users.
For this reason, the cloud architecture works around the concept that “nothing should be trusted.” The zero-trust model applies the following core concepts, among others:
The zero-trust model employs Virtual Network Function (VNF); user and entity behavior analytics (UEBA); and security orchestration, automation, and response (SOAR) among its layers of defense. Data loss prevention (DLP) systems and APIs are also added as core features of cloud platforms.
Threat intelligence research tools and APIs serve as the nucleus for most SOAR and UEBA programs, for instance. As in traditional networking, these tools enable cloud security engineers to manage the security of their cloud environments. By integrating such tools to security solutions, engineers can pinpoint where threats are likely to come from and block these based on identified indicators of compromise (IoCs).
Domain research and monitoring tools, meanwhile, help security staff analyze connected IP addresses, hosts, and domains to uncover currently identified threat sources. As a result, they can strengthen administrative rules for user access and update zone policies. Threat data can also be used to establish trust between networks and devices.
Challenges and Recommendations
Despite tighter controls in cloud security, the zero-trust model is not without challenges. Partial implementation of the framework can result in data center breaches. This practice explains why cloud platform users are encouraged to apply the zero-trust model to all security components.
Companies should also focus on fortifying their DevOps environment. Continually enhancing all products, processes, and engaging key people, such as engineers and software developers, are critical to making old and new models work together.
Finally, enterprises must fully subscribe to the shared responsibility model. While providers are responsible for the core cloud infrastructure, enterprises are the primary custodian of their systems and, thus, should ensure its complete security.
* * *
Collaboration between security providers, cloud vendors, and enterprises is the cornerstone of a threat-free IT ecosystem. It is especially important as the move to the cloud is no longer an option but a necessity. With the concept of perimeter-defense becoming a thing of the past, enterprise leaders should rethink how they can adapt their security architecture in keeping with the times. They must use all available threat intelligence—which may include these sources and APIs—at their disposal to identify all potential attack vectors.
Sponsored byRadix
Sponsored byVerisign
Sponsored byDNIB.com
Sponsored byWhoisXML API
Sponsored byVerisign
Sponsored byIPv4.Global
Sponsored byCSC