As I’ve reviewed in recent columns, massive security breaches have penetrated Fortune 500 companies and global governments over the last several years, pointing to major weaknesses in cloud security. In order to combat the multiplying types of threats, organizations will have to make some key changes to their management practices and security technologies.
I’ve pointed to some of the obvious needs for security policy and management including strong password security, antivirus systems, encryption, and two-factor authentication. But drilling deeper into next-generation security solutions, it’s clear that even such increasingly sophisticated technology has to move deep into the cloud to combat the rising threat of cloud and Web-based threats.
Legacy network and computer security technology is inadequate, because it was built for a world of corporate IT fiefdoms, hosted on dedicated hardware over isolated networks. But security threats are now coming from everywhere – they exist in mobile workloads that flow continuously across clouds and the Web.
There are also cultural, management, and awareness issues in plugging these holes. Most systems today are manual and slowed by a chain of human decisions. A recent security study conducted by Osterman Research and Proofpoint indicated 94 percent of management surveyed said they were not well prepared to respond to a data breach and that 33 percent of organizations fail to involve the security team for a follow-up response in a rapid way.
The same research found that two-thirds of those surveyed rely on manual responses to data breaches and that only one-quarter of the respondents use automated systems for breach discovery and remediation.
Today’s IT security infrastructure is inflexible and overly manual. The key to improving responses to threats and building a cloud-based defense demands a more automated, network-based response.
The analogy I like to use: If you are afraid of a terrorist attack, do you think locking the door and hiding under the bed is the way to protect yourself? No. You need constant satellite and data surveillance.
So how can we change the way we respond to data security threats? Here are some of the top trends in cloud security:
Many of the past security breaches have revealed major organizational blindspots toward persistent threats. The recent hacks have rattled the boards of major Fortune 500 companies, making them aware of the business risks, liabilities, and privacy concerns. Although cultural awareness is shifting in the boardroom, many organizations need to review their security policies and educate their teams about the threats and possible remedies.
Real-time threat monitoring
It’s become clear that companies and individuals need to become aware of the rapid evolution of security threats. There is a need to adopt security technology that is not static, but constantly updated to dynamically address threats as they unfold.
Advanced threat protection (ATP)
ATP, which builds a network of real-time data to look for emerging threats in the cloud, is one of the fastest growing areas of cloud security. With the advent of cloud, most of the data is “out there” – in a data center, in a private or public cloud, or on users’ devices. Systems need to be installed that can analyze activity in the cloud to identify suspicious activity.
How do systems become more responsive and automated? A combination of security analytics tools and software-defined networking will help. Hundreds – sometimes thousands – of malicious cyberattacks are occurring every day. These attacks are often global, distributed, and sophisticated. Given that much security technology is static and reliant on human monitoring, this will need to change.
Virtualization and segmentation
It’s becoming clear that virtualizing networks can increase control of a cloud application or data center with software. This case study of a QTS security virtualization project, published by Hytrust, demonstrates how virtualization can increase security by simplifying the management of network access and control.
More pervasive encryption
A new trend in optical networks is encrypting optical transmissions. This is an example of encryption reaching farther into the network and systems than ever before. IT managers are also examining their policies and tools for encrypting stored data, including on cloud servers and even on laptops. Encryption is a key tool in security, and its use will grow.
Security information and event management (SIEM)
SIEM tools are growing in importance, especially in the financial and healthcare markets where compliance is vital. This technology helps the management team gain security and operational awareness by monitoring events and logging IT networks and systems.
Real-time end-point security
With the proliferation of end-point devices, especially mobile devices, the user device has become a major entry point for malware and security breaches. Technology tools that can be installed to monitor and remediate threats comprise a growing area of interest.
Now that it’s clear that major security breaches are becoming widespread and problematic, how does one stop them? The answer comes in the wide variety of security technologies I’ve listed above. But most importantly, management needs to figure out how and why they need to be implemented. Check out our security products directory for more information – or our “2015 SDx Infrastructure Security Landscape Report.” Our new security report will be coming out in June.