The Complexity of Cloud Security Risks in Cloud Computing
Cloud security is complex and distributed. In organizations with on-premise environments, the controls sit with the network security team and in firewalls. In the cloud, controls sit with multiple DevOps teams, Kubernetes, 3rd parties, inside AWS and Azure, etc. Cloud security controls may not be implemented by security teams but by numerous application developers. The impact is an exponential growth in misconfigurations that are leaving resources with unintended or accidental exposure and vulnerability pathways to the Internet.
Ransomware and cyber criminals are evolving to the cloud. Cloud security challenges have become so prevalent that Gartner has defined Cloud Native Application Protection Platform (CNAPP) as a new category of security products designed to identify misconfiguration issues and risks in the cloud. Cloud Security Posture Management (CSPM) is a subset of this category along Network Configuration and Policy Management. CNAPP solutions are typically used by security organizations that want the equivalent visibility and security that they’ve had with on-premise environments.
Furthermore, today’s cloud-native applications are built on services that are based on containers orchestrated with Kubernetes. For example, Amazon AWS’s managed service for running Kubernetes is Elastic Kubernetes Service (EKS), but users can create security controls to protect their EKS clusters. The equivalent managed service for Microsoft Azure is called Azure Kubernetes Service (AKS) and for Google GCP is called Google Kubernetes Service (GKE).
RedSeal Stratus can help security teams better protect against ransomware with:
- Understand if critical resources are exposed to the Internet with integrations into ticketing systems
- Insights into industry standard CIS compliance violations
- Complete and up-to-date inventory and connectivity (visualization) of their cloud infrastructure
- Detailed knowledge of Kubernetes accounts and policies
According to Gartner, through 2030, at least 99% of cloud security failures will be the customer’s fault.