Cloud – Expert Talk

More and more companies are shifting their infrastructure to the cloud. However, cloud solutions do not only increase the flexibility and agility of IT, but also bring numerous security challenges. What are the most common security incidents in a hybrid cloud environment and how can you protect your company against them?

In our latest Expert Talk, Oliver Teich, Strategic Security Consultant at Swiss IT Security Group, and Tobias Träbing, Technical Director EMEA at XM Cyber, discuss the prevalence, benefits and security risks of hybrid cloud.

Tobi Träbing: “Oliver, would be interesting to shed some light into how many companies in Germany use the cloud?”

Oliver Teich: “In a German survey conducted by Statista Research Department in spring 2022, 84 percent of respondents said they already use cloud services (private or public cloud) in their company. Demand for cloud services has been rising for years.  Worldwide, global cloud computing sales recently rose to over 400 billion US dollars – and the trend is also upwards.”

Tobi Träbing: “And why do enterprises move their infrastructure to the cloud?”

Oliver Teich: “There are quite a few different motives for that:

      • To shift IT costs from CAPEX (Capital Expenditures) to OPEX (Operational Expenditures)
      • To gain more flexibility and agility in IT
      • To reduce the need for internal expertise by outtasking IT operations
      • To improve IT security”

Watch the full Cloud-Video:

YouTube

By pressing the play button, a YouTube video is loaded and you consent to the transmission of data to Google. Google's privacy policy applies: https://policies.google.com/privacy

Video laden

Tobi Träbing: “Oliver, you know a lot about Data Protection Regulation. How big of a role does legislation play in cloud transformation projects?”

Oliver Teich: “Legal and regulatory compliance plays an important role in cloud migration projects, especially in industries such as healthcare, finance and government. Compliance requirements can dictate what types of data can be stored in the cloud, where data centers must be located, and what security measures must be taken to protect the data. Non-compliance can result in substantial fines, loss of reputation and legal action.

For this reason, it is very important that compliance is somehow built into the cloud. Microsoft, for example, integrates compliance standards into almost every aspect of its security products.”

 

Oliver Teich: “Tobi, what do you consider the biggest security challenges enterprises are facing when migrating to a hybrid cloud environment?”

Tobi: Organizations migrating to the cloud face a number of security challenges that can pose significant risks to their data, systems and operations.

The most important and pressing issues are

      • protecting the subcompany’s sensitive data, both in transit and in storage
      • adherence to compliance and regulatory requirements
      • identity and access management (devsecops stores access key on machine)
      • ensuring the cloud service provider has sufficient security measures in place (shared responsibility model)

the implementation of Security Incident Management and Security Operation Centers (SOC). (overcoming alert fatigue)

Overall, organizations migrating to the cloud need to be aware of security risks and take appropriate measures to mitigate them. This requires a comprehensive 360-degree security strategy that covers all aspects of cloud security, from data protection to threat detection and response.

Oliver Teich: “Tobi, in connection with cloud transformation, we often hear the term “hybrid attack surface”. What exactly is that?”

Tobi Träbing: “A hybrid attack surface encompasses an organization’s combined on-premise and cloud-based infrastructure, providing attackers with increased opportunities to exploit vulnerabilities in both environments. This creates a larger and more complex target for enterprises to defend. It includes all exposed components, services, and applications, whether located on-premise, in the cloud, or a mix of both. Attackers can take advantage of weaknesses in any part of this attack surface, such as misconfigured cloud services, weak passwords, unpatched systems, and unprotected endpoints, leading to data breaches, malware infections, denial-of-service attacks, and other cyber threats. To safeguard against hybrid attacks, organizations need comprehensive security measures that cover both on-premise and cloud-based infrastructure, including strict access controls, proactive threat monitoring, incident detection, and a robust incident response plan. By fortifying their hybrid attack surface, enterprises can effectively minimize the risk of cyberattacks and safeguard their valuable data and systems.”

Oliver Teich: And why do risks in hybrid environments often remain unidentified?”

Tobi Träbing: “Hybrid environments present challenges due to their complexity, lack of visibility, skill gaps, dynamic nature, and the need for effective communication among multiple teams. These factors can lead to misconfigurations, inadequate risk assessment, difficulty in tracking vulnerabilities, and potential oversight of risks.”

Oliver Teich: “Tobi, how does Attack Path Management contribute to the overall security posture in hybrid cloud environments?”

Tobias Träbing: “Attack Path Management (APM) is a security strategy that focuses on identifying the various ways an attacker can breach an organization’s defenses and compromise its data and systems. In hybrid cloud environments, APM can contribute to the overall security posture in several ways:

      • Improved visibility: APM helps organizations gain a better understanding of their hybrid cloud environment, including the various components and services in use. This increased visibility can help identify potential attack vectors and vulnerabilities that might otherwise go unnoticed.
      • Proactive risk management: By identifying potential attack vectors, organizations can take a proactive approach to managing risk in their hybrid cloud environments. They can prioritize security measures based on the greatest risks and take steps to reduce the attack surface.
      • Improved incident response: APM can help organizations prepare for potential security incidents in their hybrid cloud environments. By identifying attack vectors, organizations can develop incident response plans that cover multiple scenarios and improve their ability to quickly detect and respond to attacks.
      • Improved compliance: Many industries and jurisdictions have specific security requirements that organizations must meet. APM can help organizations meet these requirements by identifying potential security risks and ensuring that appropriate security controls are in place.

 

Overall, APM is an effective way to manage security risks in hybrid cloud environments. It provides organizations with a proactive approach to risk management, enhances their incident response capabilities, and improves their overall security posture.”

Tobi Träbing:“Oliver, What is the situation with your customers? Has the cloud transformation changed the way companies view security?”

Oliver Teich: “Yes, cloud transformation has changed the way organizations look at security. Traditionally, security was viewed as a separate function within an organization, with dedicated teams and tools focused solely on protecting the organization’s infrastructure and data. However, with the adoption of cloud technologies, security has become an integral part of the overall IT strategy and is viewed as a shared responsibility between the enterprise and cloud providers.

Cloud transformation has also led to a shift from a perimeter-based security model to a more holistic, risk-based approach (zero trust). Instead of focusing only on protecting enterprise infrastructure, security teams now look at the entire attack surface, which includes on-premises data centers, cloud services and mobile devices. This approach includes identifying potential risks and vulnerabilities, prioritizing security measures based on the greatest risks, and implementing a range of security controls, including access controls, data encryption, and cyber security threat detection and response capabilities.

Cloud transformation has also dramatically increased the importance of continuous monitoring and proactive risk management. Because cloud environments are dynamic and constantly evolving, security teams must continuously monitor infrastructure for potential threats and vulnerabilities and take a proactive approach to risk management to stay ahead of new threats.

Overall, cloud transformation has led to a more integrated and proactive approach to security, with an emphasis on collaboration between the enterprise and cloud service providers and a shift toward risk-based security strategies.”

Tobi Träbing: “And how is the cloud transition impacting security investments?”

Oliver Teich: “Cloud transformation can have both positive and negative impacts on security investments.

In many cases, it initially leads to cost savings, as companies can leverage the comprehensive security offerings of cloud providers, which are often more cost-effective than traditional security solutions. A good example of cost savings from cloud services is the Microsoft E5 license, which offers a large number of productivity and security products in one package at a fraction of the cost of buying the individual licenses from different vendors.

However, care must be taken to ensure that these supposed savings do not ultimately become a cost trap. This is because cloud transformation often results in cost increases elsewhere. Moving to the cloud can bring integration issues that can increase the complexity and cost of security. Integrating existing security tools with cloud-based solutions can be challenging, and the need for additional security controls in the cloud can increase costs. For this reason, reducing IT environment complexity should always be a goal when developing an effective IT / security strategy.

All in all, the willingness of companies to invest in their IT security has improved significantly in recent years. With the cloud transformation, awareness of the exposure of their own data and systems has also increased. However, it is still unclear to many companies what they really need to protect themselves effectively.”

 

Tobi Träbing: Oliver, what do you consider the trends for the coming years in terms of cloud technology and security? “

Oliver Teich: “Although Zero Trust has been a trend for some time, it can be assumed that the implementation of the Zero Trust concept will keep companies busy for the next few years. Zero Trust is a security concept that assumes that all users, devices and applications are untrusted, and their identity and security posture should be continuously verified.

Multi-cloud environments are becoming increasingly popular as enterprises use multiple cloud providers to digitally implement their business processes. In the coming years, multi-cloud security will therefore be a key focus, as organizations need to ensure consistent security across all cloud providers and maintain an overview of their security posture.

But automation and artificial intelligence will also become increasingly important in security, offering improved threat detection and response capabilities and at least somewhat alleviating the problem of lack of resources.

Overall, cloud technology and security trends for the coming years indicate that enterprises will need to invest in new security approaches and technologies to ensure the security of their cloud environments. Cloud security is becoming increasingly complex and requires a range of security controls and tools to protect against new threats.”

 

Fazit

Has this Expert Talk caught your interest? Feel free to contact Oliver and Tobi with your questions and take a look at our datasheets to learn more about our Attack Path Management Services.

Contact

Contact

*Mandatory field

Download

Thank you for your interest!

You can download the product sheet by clicking the button below.

Contact

*Mandatory field

Contact

*Mandatory field

Contact

*Mandatory