Cyber resilience in a multi-cloud environment

By JD Sherry
Client Partner at ISTARI, JD Sherry, explains how cyber breaches will increasingly take advantage of gaps in poorly architected multi-cloud infrastructure

The shift to cloud computing over the last decade was driven by the frustrations of application developers who needed to work with greater speed on coding, rather than wait for sluggish digital infrastructures to support them, especially in the move from development to testing to production. As Agile and DevOps methodologies became more popular, teams saw the cloud as the future.

The growth of Amazon Web Services, which started as an in-house platform for the e-commerce giant before turning into a standalone business, offered companies access to new levels of computing power. But companies have started realising the risks of relying on a singular provider - note, for instance, the major AWS outages in December 2021. They also have more choice, as the shift to cloud computing has sparked more start-ups, vendors and specialist providers into the market.

Most organisations are now developing a multi-cloud, multi-year strategy, leveraging IaaS (Infrastructure as a Service), SaaS (Software as a Service), and PaaS (Platform as a Service). While this multi-cloud approach brings diversification benefits, the cyber risks become more complex, because ascertaining the identity of a person, service or machine, to provide access to the relevant data or capability, becomes harder. 

​​Sandy Bird, CTO and Co-Founder of Sonrai Security, a cloud security company, was right when he told Silicon Angle that identity is about more than people: “When we talk about identity, we always think of people. But it’s not, of course. Sometimes it’s a machine; sometimes, it’s a cloud service. It could be many different things.” The question for companies, he argued, is to efficiently and safely ensure all those ‘identities’ can access a resource and plan for what happens when a bad actor takes over an identity.

Bad actors can infiltrate cloud systems by targeting the identification gaps between them. As application teams sprint ahead, they often leave the security and compliance teams scrambling to protect their digital footprint across several clouds. As cloud complexity and identities increase, organisations fall further behind in ensuring that clouds are properly configured and monitored.

Creating a greater visibility in the cloud 

The C-suite has viewed the cloud as a magical medicine that cuts costs, increases speed and improves operational performance - to be sure, it can do all of these things. But they are dwarfed by the financial, reputational and material fallout of cyber vulnerabilities that result from poorly architected clouds which result from a lack of foresight over how to govern identity and access in a fragmented cloud environment.

To achieve intra-cloud resilience, organisations need greater visibility into their clouds, and to establish guardrails or swim lanes for controlling how data can be accessed and by whom. They need to create graphical visualisations of how data and identities are intertwined to ensure maturity levels can be baselined and enforced. Cybersecurity must be integrated into their cloud roadmap. They can prioritise by focusing on identity, data classification and entitlement (access) enforcement as baseline controls for their multi-cloud security strategy. ‘Shifting left’ - designing security upfront into the process - is critical in this new operating model.

Clients are going to use more than one cloud. They need to be thoughtful about what ‘multi-cloud’ looks like and the right architecture and strategy to get the benefits of cloud, without compromising operational and cyber resilience. Our adversaries are counting on us to move fast and forget the basics.


Featured Articles

Global events driving rise in DDoS attacks, says Netscout

Report by Netscout found that DDoS attacks grew 31% YoY in the first half of 2023 with a staggering 44,000 each day, fuelled by world events

UK police cyberattack a reminder of third party risk

Cyber criminals use back-door suppliers cyberattack to spread alarm through Britain's biggest police force

Building Cyber Resilience into ‘OT in Manufacturing’ webinar

Join Acronis' webinar, Building Cyber Resilience into ‘OT in Manufacturing’, 21st September 2023

Trustwave report on hospitality industry security threats

Cyber Security

Barracuda Managed XDR uses AI to uncover cyber incidents

Technology & AI

Imperva: 32% of work data breaches could have been avoided

Operational Security