Home > Cybersecurity > Automation to overcome cloud security challenges
Cloud computing is fundamentally transforming the way companies do business and how people interact. The cloud offers levels of agility, scalability, and processing power that until its emergence was restricted to large companies that could afford to pay for previously very expensive resources.
This trend shows no signs of cooling, quite the contrary. The cutting edge of development, the point at which companies become able to gain a competitive edge, is pointing firmly in the direction of cloud-native applications. And that means getting more exposure to risk. According to Gartner, more than 85% of organizations are expected to embrace the cloud-first principle by 2025 and will not be able to put their strategies fully in place without using cloud-native architectures and technologies. Furthermore, the estimate is that by the same year, more than 95% of digital workloads will be deployed on cloud-native platforms. In 2021, that level was 30%.
However, the increasing reliance on cloud resources and the advance of cyber threats have raised a wake-up call of late. Business and IT leaders have realized that their treasures are in the hands of third-party protection in the cloud. A recent Lacework study revealed that 50% of respondents, comprising more than 700 executives and security professionals, already host most of their infrastructure in the public cloud, but 79% feel wary of the current cybersecurity posture maintained by their organizations, either internally or in relation to IT service providers. In other words, a significant portion of the business’ operational base may be vulnerable to the actions of cybercriminals. Thinking about a personal situation, would you leave the door of your house ajar or give the key to the entrance to strangers, with access to much of your assets?
Many companies recognize that the rapid pace of creating applications built natively for the cloud has increased exponentially, but measures to protect data have lagged behind. Additionally, the majority of organizations (57%) believe that the number and complexity of security tools are producing significant inefficiencies and loss of performance.
For Mark Nunnikhoven, cloud strategist at Lacework, this research seeks to signal the need to change companies’ approaches to securing cloud services and infrastructure. They need to learn how to reconcile security concerns when they conflict with business issues, such as a product launch date. Part of the problem is that companies don’t even recognize the mismatch between security and innovation and believe they already prioritize security sufficiently.
The study highlights this point in numbers. While most organizations (88%) believe that cloud security will become more important in the coming year, only 24% report that data strategy is a topic of discussion among senior management. Business leaders even say security is relevant, but there is no discussion of setting aside budgets or hiring staff for the area, so how do you prioritize security?
It is true that there is a serious problem of talent shortage in the cybersecurity area, in particular with skills to address cloud security. For 95% of respondents, the shortage of skilled professionals and its impacts have not improved in recent years. Even more pessimistic were 44% of the survey group, who said the scenario has only gotten worse.
As it would not be appropriate to shift responsibility for application security to developers, the most interesting way out for respondents would be to “automate threat and breach detection during execution” – more than half of the companies leading the way have already automated 60% or more of their cloud security initiatives.
To address the talent shortage, companies should adopt machine learning and artificial intelligence solutions to automate certain security tasks, freeing up their teams to focus on more value-added work, Lacework proposes. The majority (55%) of respondents pointed out that at least half of the time spent on security issues was “not relevant”, i.e. was wasted. This included a 26% share who believed that only a quarter or less of the time spent on security issues generated results that mattered.
Another widespread problem is that security professionals are overrun with alerts that usually come to nothing. A large portion of respondents (80%) highlighted that at least 1 in 5 critical alerts are false positives, while 33% indicated that at least half of critical alerts are false positives. These groups highlight that the biggest benefit of eliminating false positives would be to allow them to spend more time on real threats (42%), on other important tasks (30%), and to increase productivity and innovation cycles (29%). Machine learning, for example, could help reduce this noise in alerts.
Another area where machine learning and artificial intelligence could contribute to ensuring more security in the cloud is identifying vulnerabilities and prioritizing corrective actions. Take as an example the Log4j vulnerability, which gained notoriety in December 2021 for allowing malicious code to be inserted and gain control of servers on the Internet. By relying on technologies capable of automating the detection of security breaches, it is possible to be more efficient in identifying them before they surface and do much damage. In short, organizations can work on three fronts to reconcile innovation and security in the cloud. First, they should keep both sides on an equal footing, i.e., give equal attention to both. Second, security should not be considered a minor issue, which should motivate strategies to truly view cybercrime as a business risk factor. And thirdly, machine learning and artificial intelligence should be considered as a means to automate security-related tasks.