• Latest
  • Trending
The Hard Truth About Network Security

The Hard Truth About Network Security

November 26, 2021
Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

May 20, 2022
HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

May 20, 2022
Android 13 beta will test out-of-the-box support for most braille displays

Android 13 beta will test out-of-the-box support for most braille displays

May 20, 2022
WhatsApp to Launch Cloud-Based Tools, Premium Features for Businesses

WhatsApp to Launch Cloud-Based Tools, Premium Features for Businesses

May 20, 2022
Huawei and SolarEdge Sign a Global Patent License Agreement

Huawei and SolarEdge Sign a Global Patent License Agreement

May 20, 2022
Dijbouti Telecom Welcomes the Landing of 2Africa Submarine Cable

Dijbouti Telecom Welcomes the Landing of 2Africa Submarine Cable

May 20, 2022
Ghana Smart Africa Digital Academy launches its national digital academy

Ghana Smart Africa Digital Academy launches its national digital academy

May 20, 2022
Ghana’s Rural Telecom Facilities to be Upgraded to 4G

Ghana’s Rural Telecom Facilities to be Upgraded to 4G

May 20, 2022
Silicon Power Announces UD90 PCIe 4.0 SSD

Silicon Power Announces UD90 PCIe 4.0 SSD

May 20, 2022
ZADAK Announces TWSG4S PCIe Gen4 x4 SSD

ZADAK Announces TWSG4S PCIe Gen4 x4 SSD

May 20, 2022
Samsung Sampling 512GB CXL Memory Module

Samsung Sampling 512GB CXL Memory Module

May 20, 2022
IBM Elastic Storage System 3500

IBM Elastic Storage System 3500

May 20, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Saturday, 21 May, 2022
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

The Hard Truth About Network Security

by ITECHNEWS
November 26, 2021
in Opinion
0 0
0
The Hard Truth About Network Security

The rapidly expanding multitude of cloud services creates a never-ending and extraordinarily rapid cycle of change for enterprise IT and security teams. Many teams are scrambling to protect data in the public cloud, and most organizations are using outdated security strategies that fail when applied to cloud environments like AWS, Azure and Google Cloud.

Jay Gazlay, a technical strategist at the Cybersecurity and Infrastructure Security Agency (CISA), recently told the National Institute of Standards and Technology’s (NIST) Information Security and Privacy Advisory Board: “Identity is everything now. We can talk about our network defenses, we can talk about the importance of firewalls and network segmentation, but really, identity has become the boundary and we need to start readdressing our infrastructures in that manner.”

YOU MAY ALSO LIKE

How to Think about Threat Detection in the Cloud

The Current Status and the Future of the .Net Framework

Understanding the Importance of Identities

Gazlay’s assessment brings to light that identities are the new perimeter. Security teams are used to thinking about creating boundaries using networks, placing security stacks where those boundaries meet and configuring them based on known and locked-down data paths. This simply doesn’t work as a holistic security solution in the cloud. Instead, cloud security teams must think about what identities they control, what those identities can be used for and what resources they have access to.

The modern attack cycle starts with identity. Attackers seek to gain access via an identity, then pivot between resources, discovering credentials and other people and non-people identities that give them greater access to critical data and lead to data breaches. It’s important to understand that identity extends security beyond the traditional walls of the enterprise, which is why we are seeing data breaches a failure in applying old network security strategies to the cloud. 

Security teams should ask themselves the following when assessing their cloud security positions:

  • Are we managing identities as our perimeter? If your team is still managing an old network perimeter, you’re putting your company at risk. Your organization must manage person and non-person identities.
  • Have we identified our security risks in the cloud? Cloud security risk and drift can happen quickly. Identity, resource and service misconfigurations can lead to significant data breaches. Organizations can minimize risks by first identifying unauthorized identities and excessive privileges. Data owners and cloud operations, security and audit teams must continuously assess risk to maximize control management, security and governance of data.
  • Are data exposures inadequate indicators? Transparent cloud data storage alone is insufficient in risk assessment strategies. While data owners may trust their DevOps to manage the storage of data objects, this does not reveal the full extent of external party accessibility and privileges. Cloud users must be fully aware of where their data truly exists, which identities have access to it, how it is being accessed and where it is moving to and from.
  • What are our coordination issues? The outdated paradigm of sending security alerts to a single team to triage and manage simply isn’t feasible. In the cloud operating model, disparate groups simultaneously use the environment, including Audit, DevOps and Security teams. Here, the outdated paradigm breaks down. The solution is to get the issues to the team(s) that created them, as they are best positioned to address them. 
  • Have we addressed our cloud security employees’ skills gap? Many developers are not inherently security experts, and should be trained in best cybersecurity practices. Organizations that don’t want to add more duties to existing dev staff may need a new type of operations person that combines operations with security (DevSecOps). Failure to upskill staff means they don’t have the skills and knowledge necessary to secure today’s organization. 

It’s Time to Improve Your Enterprise Strategy

The cloud involves multiple accounts, trust relationships and permission inheritances, making it extremely challenging for data owners to keep close tabs on it. Here are some areas you can use to improve your strategy:

As part of a zero trust strategy, organizations should take steps to move to least privilege, identify activities that will have the most immediate security impact and include a schedule to implement them. This means investing in a solution that meets your zero trust strategy by continuously monitoring every permission, access and identity to determine its effective permissions, what it can do and what data it can access. 

Prevent data risk before it causes damage. Treat remediation and prevention bots like a person. A spotted issue should be escalated to the right team or bot (the team tracks and audits). This results in a high-performance compliance structure for your environment. Put prevention rules in place and make sure the rules are continuously met.

An enterprise that doesn’t fully understand its role in securing its identities and data in the public cloud takes unnecessary risks with outdated strategies that can lead to disastrous consequences.

Source: Eric Kedrosky CISO, Sonrai Security

ShareTweetShare

Get real time update about this post categories directly on your device, subscribe now.

Unsubscribe

Search

No Result
View All Result

Recent News

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

May 20, 2022
HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

May 20, 2022
Android 13 beta will test out-of-the-box support for most braille displays

Android 13 beta will test out-of-the-box support for most braille displays

May 20, 2022

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

May 20, 2022
HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

May 20, 2022

Recent News

  • Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1 May 20, 2022
  • HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs May 20, 2022
  • Android 13 beta will test out-of-the-box support for most braille displays May 20, 2022
  • WhatsApp to Launch Cloud-Based Tools, Premium Features for Businesses May 20, 2022
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© 2021 iTechNewsOnline.Com - Powered by BackUpDataSystems

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© 2021 iTechNewsOnline.Com - Powered by BackUpDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?
Go to mobile version