Express Computer
Home  »  Guest Blogs  »  Defence Strategies for a Cloud-first Computing Era

Defence Strategies for a Cloud-first Computing Era

0 226

By Shambhulingayya Aralelemath, Associate Vice President and Global Delivery Head, Cybersecurity, Infosys
The uncontested benefits of digitisation have pushed the envelope for cloud adoption. Organisations are increasingly choosing to become cloud-first by moving most or all their existing infrastructure to the cloud and adopting the latest technologies without making large investments, by paying only for the services they use. This gives them agility, and flexibility and is cost-effective. Unfortunately, it also increases the attack surfaces exposing them to various threats.

Dynamically evolving threat vectors in the cloud environment have compelled organisations to continuously rework both security controls and processes. This continuous adaption requires a pivot strategy for defense controls to rapidly discover, comprehend, and reposition the enterprise baseline. Since a cloud-first computing environment differs from on-premise infrastructure, it is not adequate to merely replicate the security controls of on-premise into the cloud. Cloud-native microservices applications, diverse workloads, identity explosions, and cloud data posture need focused attention.

Focus areas define the security quad of Posture, Identity, Data, and Code. The Security Quad forms the four pillars on which cloud security strategy stands. We need dynamic security controls, enforcement points, and granular governance to align these security tenets with the modern dynamic era.

Outlining the Security Quad: Posture, Identity, Data, and Code
The first order of the strategy is to look at architectural design and design solutions that align with the zero-trust principle to minimise the attack surface. Posture or architecture design helps manage the overall security framework using standardised controls, responsibilities, and security configurations, which can be deployed across common use cases.

Next is identity, which covers knowledge of users, business environments, vulnerabilities, and threats. Solutions powered by Artificial Intelligence (AI) or Machine Learning (ML) can address modern threat
vectors. Along with traditional controls, Data Security Posture Management (DSPM) or Cloud Infrastructure Entitlement Management (CIEM) helps address specific cloud problems.

The third pillar of the security quad is data, which needs to be encrypted, whether at rest or whether it is being transmitted between internal and external cloud connection points, to reduce the risk of breaches.

The fourth component is code, where security is automated and embedded across the entire development life cycle through various checks and tests to secure cloud workloads with speed and agility and prevent manual error.

Effective Cloud-first Defence Strategies
While selecting security controls is important, one must emphasise how these controls are delivered. By aligning with zero-trust principles, where implicit trust is eliminated, and every stage of the digital interaction is continuously validated, organisations can minimise the attack surface by pushing the service edge and policy enforcement close to the user and away from the application stack.

A decentralised structure for security controls is another way forward, and possible with the use of Continuous Integration (CI) and Continuous Delivery (CD). With this, security teams can devote their efforts towards governance, guaranteeing baseline hygiene and security consistency while reducing the cloud attack surface to a large degree.

Whether code pipelines (CD services that model, visualise, and automate the release of security codes) are configured using gating controls or baseline mandate definitions, they must adhere to the organisation’s security and compliance objectives. Governance can also be extended to the operation space by shifting to managed detection and response (MDR) services that cover all cloud assets from infrastructure, application, and IoT landscape, with built-in AI and ML algorithms.

Conclusion

Organisations should strive to protect themselves from potential security and privacy threats by implementing robust security best practices. The most effective defense strategy for a cloud-first computing era would be zero trust, with a strong emphasis on governance to regulate all the events, flows, and movements within the cloud landscape.

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image