How do I select a cloud security solution for my business?
Attackers increasingly strive to leverage cloud weaknesses that enable them to deliver malware to end users, gain unauthorized access to production environments or their data, or completely compromise a target environment. This strategy is known as a watering hole attack, and researchers have seen them emerge in cloud environments where they can cause even more damage.
To select a suitable cloud security solution for your business, you need to think about a variety of factors. We’ve talked to several industry professionals to get their insight on the topic.
Om Moolchandani, CTO, Accurics
Cloud security affects the entire organization, so selecting a cloud security solution requires buy-in from all stakeholders. You need to carefully balance benefits against direct and indirect costs.
Focus on automation since it improves consistency and velocity while reducing effort. Movements such as DevOps and GitOps are already on this path, making automation mandatory if security is to keep up. Policy as Code helps enforce security and compliance policies, adherence to best practices, and it fits well into automated processes such as GitOps, CI/CD pipelines and runtime security controls.
Enforcing security throughout the application lifecycle is critical. You obviously need to manage risk in the cloud runtime, but that’s also the hardest place to remediate problems effectively. Cloud resources are provisioned from Infrastructure as Code; fixes need to be implemented in the IaC. Favor solutions that protect while keeping the IaC up to date, rather than implementing fixes in runtime.
Solutions fluent in IaC can help you identify and manage configuration drift in the runtime. Even “safe” changes need to be reflected in the IaC, so that future deployments don’t cause regressions. Programmatic remediation capabilities help you fix more, faster, and are key to integrating the solution into DevOps processes. The most advanced solutions understand the topology and can help identify breach paths and prioritize kill chain remediation.