Blog · 24 Jun 2021

How to overcome risk for rewards in the cloud

Now most organisations are on some sort of cloud journey, they need to overcome new security risks if they’re going to achieve the full rewards.

Tris Morgan
Managing Director, BT Security

Work will never be the same as companies and consumers have been forced to rapidly adopt new behaviours that have now become embedded and are unlikely to change.

Whether organisations intended to or not, the Coronavirus pandemic has pushed many organisations towards the cloud. And one year on, with many organisations having accelerated their move, there’s now no going back. 

What’s clear is that, for many companies, the cloud is the only viable way to manage the future of work. It’s the key to supporting the new ways of working that have emerged, such as full-time remote working and the sometimes-office, sometimes-homeworking hybrid format. Only a cloud-based infrastructure can offer the scalability, flexibility, simplified costs, and improved user experiences pandemic and post-pandemic working calls for. But it’s important to be aware of the new risks moving to the cloud brings. We’ve already seen cloud adoption causing headaches for security teams, with high-profile breaches affecting some of the biggest organisations around. 

It’s a sensible reaction to find these events alarming and they can make the transition seem scary. But there needs to be some balance in this picture: if done properly, the benefits of moving to the cloud still hugely outweigh the risks, especially in the longer term.

So, what can organisations do to improve their risk posture and fully realise the rewards of the cloud?

Start with critical cyber hygiene and skills

When you move to the cloud, one of the most important things is knowing where your data is, so asset management changes, extending beyond just your physical devices to your information as well. You need to know where you’re putting your files. By focusing on critical cyber hygiene, such as asset and inventory management, vulnerability, and configuration management, you’ll understand where your most valuable information is stored, where there are vulnerabilities, and how it can be properly secured.

Given that the cloud is software defined and an old data centre probably isn’t, some in house IT departments lack the essential skills and understanding to properly architect in the cloud. The sheer power at their disposal means it’s very easy for them to spin up capability without really understanding how it works. Keeping your architecture up to date with the evolution of hyperscale can be a problem. Products and services within the cloud change on a regular basis, and it’s not unusual for hyperscalers to have a new update every day, so the amount of security products and services can be overwhelming if you don’t know what you’re doing. But, if you get the right skills and knowledge onboard from the start, you can make choices early on that will maximise your security from the off.

Upgrade your monitoring and detection capabilities

Many companies will architect into the cloud without considering how they’ll monitor their operation once it’s there. So try to make sure you understand what native monitoring capabilities are available from your cloud provider and include them in the plan for your architecture. Cloud native controls offer a strong overview for detecting any suspicious activity, and even have overlay controls that can be used to increase visibility further.

On top of this, it’s always worth trying to identify any other blind spots in your security through better understanding of the current threat landscape and the common tactics and behaviours used by attackers. A reliable framework like the MITRE ATT&CK, shares information from the security community to help build resilience against known threats already out there. In fact, it’s so valuable that we’ve built our own methodology around this framework for our customers to use.

Stay ahead of the next threat

What’s reassuring is that cloud platforms are constantly improving their security services and capabilities. But, just as the technology keeps moving forward, so do the threats. To stay ahead, organisations need to adopt a continuous improvement cycle and that means making sure their business model is designed to keep upgrading. In the future, it’s likely cloud security will be more automated, processing threat information in real time to decide whether an automatic or human response is needed - but we’re still some way off. In the meantime, your best defensive strategy is to assume breach, verify, and only then trust. This approach is now the strategy of choice for most organisations.

Most importantly, don’t make it up as you go

Yes, there are undeniable benefits from migrating to the cloud, but there are also some pretty serious consequences if you get it wrong, so my strongest recommendation is that you find a partner with the right skills and knowledge to guide you along the way, so you get it right. We’ve got plenty of experience working with customers across multiple sectors. Our customers can use our methodology based around the MITRE ATT&ACK framework and we’re currently developing a powerful, new automated security platform that can respond to new security threats.

It’s clear that maintaining security in the face of the increasing pace and volume of threats can’t be addressed singlehandedly. We believe that organisations need help from external partners to augment and bolster their in-house capabilities.

Read our latest ‘Security in the cloud’ whitepaper to discover how we can help you avoid common migration difficulties, develop your cloud strategy, and embrace the fast, flexible, and agile benefits of cloud consumption without increasing your security risk.

Or join our upcoming cloud security webinar: 5 tips to secure a cloud-based world on 8 July 2021 at 16.00.

Contacto