• Latest
  • Trending
Cloud Security Posture Management (CSPM) Is Insufficient Without Visibility

Cloud Security Posture Management (CSPM) Is Insufficient Without Visibility

November 23, 2021
Apple is reportedly testing iPhones with USB-C

Apple is reportedly testing iPhones with USB-C

May 16, 2022
Nintendo Working on Next-Gen Switch Powered by an NVIDIA SoC

Nintendo Working on Next-Gen Switch Powered by an NVIDIA SoC

May 16, 2022
AMD Instinct MI300 Exascale APU Features Zen4 CPU and CDNA3 GPU

AMD Instinct MI300 Exascale APU Features Zen4 CPU and CDNA3 GPU

May 16, 2022
GrAI Matter Labs Unveils sparsity-native AI SoC

GrAI Matter Labs Unveils sparsity-native AI SoC

May 16, 2022
Tecnotree Launches a Transformation Suite for MTN Ghana

Tecnotree Launches a Transformation Suite for MTN Ghana

May 16, 2022
Ghana with Moringa School and Brighter Investment to promote digital skills for jobs

Ghana with Moringa School and Brighter Investment to promote digital skills for jobs

May 16, 2022
SA Obscure Technologies announces strategic alliance with DNSSense

SA Obscure Technologies announces strategic alliance with DNSSense

May 16, 2022
SLVA Cybersecurity to provide crucial new API security solutions

SLVA Cybersecurity to provide crucial new API security solutions

May 16, 2022
Samsung PRO Endurance Up to 256GB microSD Memory Card

Samsung PRO Endurance Up to 256GB microSD Memory Card

May 16, 2022
Apacer AS2280Q4U M.2 PCIe Gen4 x4 NVMe 1.4 for PS5

Apacer AS2280Q4U M.2 PCIe Gen4 x4 NVMe 1.4 for PS5

May 16, 2022
ProGrade Digital SDXC UHS-II V90 512GB U3 Memory Card

ProGrade Digital SDXC UHS-II V90 512GB U3 Memory Card

May 16, 2022
Team Group T-Force Vulcan Z SATA 2.5-Inch With 3D TLC Flash

Team Group T-Force Vulcan Z SATA 2.5-Inch With 3D TLC Flash

May 16, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Monday, 16 May, 2022
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

Cloud Security Posture Management (CSPM) Is Insufficient Without Visibility

by ITECHNEWS
November 23, 2021
in Opinion
0 0
0
Cloud Security Posture Management (CSPM) Is Insufficient Without Visibility

Cloud security has become increasingly complex and distributed. The rapid transition to remote work and increased cloud adoption have dramatically changed the IT landscape, producing new cyber-attack vectors and data breaches. Today’s cyber-criminals aren’t necessarily trying to knock down doors. Instead, organizations are leaving many of them open themselves. According to Gartner, through 2023, “…at least 99% of cloud security failures will be the customer’s fault.” 

This is an unsettling prediction but not entirely surprising given the realities that teams face today. The overwhelming complexity of the cloud systems asks for both expertise in both application development and security, which is perhaps unreasonable. The placement of security controls has moved away from security teams and into application development teams.  

YOU MAY ALSO LIKE

How to Eliminate Certificate Misconfiguration in Kubernetes

Types of Encryption Algorithms

CSPM: The Industry’s Response to Cloud Complexity 

To deal with this complexity and constant change, a new market segment has emerged. It is broadly referred to as cloud security posture management (CSPM), and security organizations typically use it when wanting the equivalent visibility and security they’ve had with on-premise environments.  

Current CSPM technology aims to help security teams understand what resources they have in their cloud environments, what security controls are in place, how they are all configured and automate as much of it as possible. While it is largely successful in accomplishing these feats, CSPM in its current form isn’t without its limitations. As we’ve learned in the past with our approach to securing on-premise networks, visibility plays a fundamental role. 

The Importance of Visibility 

It’s not uncommon for organizations to lose track of their cloud deployments over time, considering it only takes a developer and a department credit card to spin up a cloud environment. Nowadays, developers are empowered to innovate at speed and scale, but who keeps track of these newly created multi-cloud VPCs, VNETs and VCNs? Even more worrisome – who is responsible for securing them? 

There are always unknowns when networks grow and change. Still, we also know that tools that provide visibility can give security teams a more accurate, dynamic and comprehensive look at what resources they have, how they are connected and the risks associated with them. 

Unfortunately, many CSPM tools present their findings in static, tabular forms. It can be challenging to understand the relationships between resources, such as between multiple accounts and whether they’re shared or not. Teams are often asked to secure unmonitored cloud environments and benefit from a visual, interactive model of their organization’s cloud resources.   

This visibility allows security teams to fully understand their cloud footprint and reduce their overall attack surface by understanding the interconnectivity between their resources. Some CSPM tools can show connectivity where there is traffic, but security teams want to calculate how an instance gets to the internet, what security points it goes through and through which port and protocols. 

Understanding End-To-End Access 

Current CSPM solutions remain insufficient when it comes to calculating access that can lead to data breaches accurately. Many tools simply call into the APIs of CSPs looking for misconfigurations at the compute and container levels, but they don’t fully understand “end-to-end” access. For example, they may only look at a setting in AWS that states a particular subnet is “public,” so, therefore, it’s exposed. However, that’s not necessarily true because there may have other security controls in place, such as third-party firewalls or their own Kubernetes security policy. 

For example, perhaps a network security engineer who doesn’t understand native AWS and Azure firewalls instead decides to use a third-party firewall from a vendor they’re already familiar with. Suppose that a firewall is blocking access to the public-facing nternet. In that case, current CSPM tools won’t recognize it, and security engineers can spend their days chasing false positives simply due to a lack of accurate information involving access. 

Prioritizing Exposed Resources 

With increased cloud complexity comes increased risk–there were over 200 reported breaches in the past two years due to misconfigured cloud deployments. Several of the most significant data breaches occurred when cloud misconfigurations left critical resources exposed to untrusted networks, so prioritization efforts should begin there. In addition, unintended access and shadow IT can also lead to cloud leaks. So by establishing an “exposure first” security approach, cloud security teams can identify critical vulnerabilities and prevent costly breaches. 

CSPM is a critical ally in the fight to secure the cloud, but security teams need additional visibility and improved accuracy that is still lacking in many organizations. 

Kurt Van Etten Chief Product Officer, RedSeal

ShareTweetShare

Get real time update about this post categories directly on your device, subscribe now.

Unsubscribe

Search

No Result
View All Result

Recent News

Apple is reportedly testing iPhones with USB-C

Apple is reportedly testing iPhones with USB-C

May 16, 2022
Nintendo Working on Next-Gen Switch Powered by an NVIDIA SoC

Nintendo Working on Next-Gen Switch Powered by an NVIDIA SoC

May 16, 2022
AMD Instinct MI300 Exascale APU Features Zen4 CPU and CDNA3 GPU

AMD Instinct MI300 Exascale APU Features Zen4 CPU and CDNA3 GPU

May 16, 2022

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

Apple is reportedly testing iPhones with USB-C

Apple is reportedly testing iPhones with USB-C

May 16, 2022
Nintendo Working on Next-Gen Switch Powered by an NVIDIA SoC

Nintendo Working on Next-Gen Switch Powered by an NVIDIA SoC

May 16, 2022

Recent News

  • Apple is reportedly testing iPhones with USB-C May 16, 2022
  • Nintendo Working on Next-Gen Switch Powered by an NVIDIA SoC May 16, 2022
  • AMD Instinct MI300 Exascale APU Features Zen4 CPU and CDNA3 GPU May 16, 2022
  • GrAI Matter Labs Unveils sparsity-native AI SoC May 16, 2022
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© 2021 iTechNewsOnline.Com - Powered by BackUpDataSystems

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© 2021 iTechNewsOnline.Com - Powered by BackUpDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?
Go to mobile version