Welcome!

@CloudExpo Authors: Liz McMillan, Elizabeth White, Yeshim Deniz, Pat Romanski, Aruna Ravichandran

Related Topics: @CloudExpo, Java IoT, Microservices Expo, Containers Expo Blog, Agile Computing, Cloud Security

@CloudExpo: Article

Deploying Cloud Security for Shifting and Evolving Defenses

Cloud offers agile and flexible defenses that consider situational context and real time management

A few weeks back I was watching my beloved San Diego Chargers lose in a most embarrassing way on Monday night. And in the waning seconds of blaming the quarterback for such ineffectual 2nd half play, it occurred to me, it wasn’t his fault.  It was the coach. It was the lack of planning for the type of attack the Denver Broncos would bring. It was the lack of leadership that should have easily closed the deal. In short, it was sticking to the status quo while everything around was changing.

My second epiphany was that this is a spot-on metaphor for the recent spate of bank hacks being levied by the hacktivist group Izz ad-Din al-Qassam. Not to make light of a serious issue, but the Charger collapse reminded me that the most insidious and effective attacks are not brute force in nature. In fact, most banks (according to compliance mandates) have decent processes to repel these attacks. In this case, the brutish DDoS (denial of service) was a feint to misdirect a smaller DDoS attack launched at the same time…and it was these more subtle attacks that were effective against 8 banks and counting. Continuing the football metaphor, it is like showing the blitz and falling back into tight pass defense resulting in the quarterback throwing an interception.

So the moral of the story is organizations need to evolve their security platforms to provide an agile shifting defense and change with the scenarios.

Now this is not to say the sky is falling, but a reputable IT security report noted a 50% increase in total number of DDoS attacks since Q2 of 2011 and a 10% increase since April. This means it’s time to look at your defensive processes and ensure they transcend compliance code. But moreso, to start anticipating what new threats, compliance requirements and business needs might be coming your way. You can’t be that guy who says “I’ll worry about it when I have to worry about it.” You simply can’t be paralyzed by the status quo. It’s a recipe for throwing 4 interceptions in the second half and squandering a 24 point lead.

We grouse a great deal about the burden of compliance, but they create a wall of protection that would otherwise create greater vulnerabilities. But all the audits, all the bureaucracy…it simply detracts from you being able to do the job you were hired to do. So the question begs, how do we evolve? How can we make security management easier yet stronger. Effective yet efficient. Agile yet layered? Proactive rather than reactive? If these questions are keeping you up at night, then it is time you took a deeper look at security-as-a-service or security managed from the cloud.

If you approach the security issue from the traditional sense of on-premise brick-building, server-stacking, resource-adding development, then yes, there are significantly costs in capital expenditures, human resources, and still not guaranteed that you have the necessary functionality, capability and visibility to anticipate tomorrow’s issues.

However…

By implementing a best-of-breed enterprise you gain a holistic view of what’s happening to your enterprise in real time. And because of the cloud computing advantages, the price point is very affordable (for what you are paying in support and maintenance, you could integrate an entire enterprise solution). You gain capability, you lessen expenses and, if your vendor also practices security as a service, your automated efficiencies come with 7/24/365 review of your logs by a live expert analyst.

But let’s put a real face on potential changes. Take FFIEC standards; very soon they will be more than guidelines. It's highly likely they will become compliance mandates. And they force you to address possible vulnerability gaps in your enterprise. Will you be prepared to meet the shifts in emphasis?

  • Layered security:

Most compliance-beholden organizations must recognize that security is not just about implementing virus scan and configuring firewalls. Ways and devices people reach your networks are changing quickly. Beyond log management protocols, you might need to add a SIEM or access management components. But the interpretation of layered security is choosing what is monitored and not relying on just a firewall to beat back possible intrusions, worms, phishing expeditions and user carelessness. You need multiple means, protocols and processes managed centrally.

  • Real-time, intelligence based assessment

There’s a saying in security circles: If you’ve noticed it, it’s already too late. The goal is to prevent, alert and remediate. And the only way to do this is through round the clock vigilance. Anything less than 24/7/365 monitoring opens the risk door too wide. It’s a cliché, but we are all acutely aware that hackers don’t sleep. But part of the question is not that monitoring is active, but how is it monitored? What data is collected? If you automate too much, you lose the human expertise; the context and the ability to respond effectively. Cloud-based security can cover a large enterprise or modest SMB with the same watchfulness while integrating the human intelligence assessment. Additionally, it provides additional resources, wider intelligence and greater coverage you don't have to fund.

  • Rapid adaptation against evolving threats

By applying a solution that uses real-time forensics including advanced correlations to examine for specific patterns, you create real time operational visibility. By recognizing traffic patterns correlated with a variety of other rules and processes you not only remove the false positive alerts, but can predict where your perimeter is soft and takes the necessary steps to shore them up.

  • Protect against ID and personal theft

Passwords are not enough. Time and again this has proven to be the weakest link. However, by instituting a solution that includes multi-credentialing, identity management, provisioning and the like, you can secure access to the most sensitive information. And if you make is easy for the user and minimize the impact of their usage experience, you take another step in maintaining the necessary trust while still ensuring people only see what they are supposed to see.

And all this can be deployed and managed from the cloud. The technology and security of these features has already matured to meet the concept.

These FFIEC guidelines seem very vague, but their meaning is clear: today’s operation needs to change. Not to keep up with the bureaucracy, but to improve the scalability, flexibility and control of an often volatile and fluid IT threatscape. However, don’t mistake this as a suggestion for mega-suite replacement. This should be part of any go-forward initiative that builds on or what is already in place. The cloud provides that agility to maintain an enterprise-powered security solution, yet adapt to the changing needs faster and more completely than most organizations can do on their own.

With that said, the best defense against an aggressive opponent is knowing what play is being called. Your holistic view gives you the ability to predict when the blitzes are coming, from what side, and most important, provide the flexibility to call an audible. One thing is for certain, you just can't stand still anymore; you can't rely on the status quo I just wish the Chargers saw that on Monday.

As an additional note, I participated in the development of a white paper for Fairway Technologies called , Get Your Head Into The Clouds! Industry Experts Answer Today’s Cloud Computing Questions ! Fairway’s collaborative new report not only examines the cloud computing issues that are dominating the industry, but also identifies key challenges behind cloud adoption and implementation, and presents best practices for organizations to develop and implement a sound cloud strategy. Guidance on cloud service brokers, open source cloud, data destruction, cloud bursting, and other topical issues are also discussed.

More Stories By Kevin Nikkhoo

With more than 32 years of experience in information technology, and an extensive and successful entrepreneurial background, Kevin Nikkhoo is the CEO of the dynamic security-as-a-service startup Cloud Access. CloudAccess is at the forefront of the latest evolution of IT asset protection--the cloud.

Kevin holds a Bachelor of Science in Computer Engineering from McGill University, Master of Computer Engineering at California State University, Los Angeles, and an MBA from the University of Southern California with emphasis in entrepreneurial studies.

@CloudExpo Stories
As people view cloud as a preferred option to build IT systems, the size of the cloud-based system is getting bigger and more complex. As the system gets bigger, more people need to collaborate from design to management. As more people collaborate to create a bigger system, the need for a systematic approach to automate the process is required. Just as in software, cloud now needs DevOps. In this session, the audience can see how people can solve this issue with a visual model. Visual models ha...
Enterprises are adopting Kubernetes to accelerate the development and the delivery of cloud-native applications. However, sharing a Kubernetes cluster between members of the same team can be challenging. And, sharing clusters across multiple teams is even harder. Kubernetes offers several constructs to help implement segmentation and isolation. However, these primitives can be complex to understand and apply. As a result, it’s becoming common for enterprises to end up with several clusters. Thi...
Recently, REAN Cloud built a digital concierge for a North Carolina hospital that had observed that most patient call button questions were repetitive. In addition, the paper-based process used to measure patient health metrics was laborious, not in real-time and sometimes error-prone. In their session at 21st Cloud Expo, Sean Finnerty, Executive Director, Practice Lead, Health Care & Life Science at REAN Cloud, and Dr. S.P.T. Krishnan, Principal Architect at REAN Cloud, will discuss how they b...
SYS-CON Events announced today that Avere Systems, a leading provider of hybrid cloud enablement solutions, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Avere Systems was created by file systems experts determined to reinvent storage by changing the way enterprises thought about and bought storage resources. With decades of experience behind the company’s founders, Avere got its ...
Containers are rapidly finding their way into enterprise data centers, but change is difficult. How do enterprises transform their architecture with technologies like containers without losing the reliable components of their current solutions? In his session at @DevOpsSummit at 21st Cloud Expo, Tony Campbell, Director, Educational Services at CoreOS, will explore the challenges organizations are facing today as they move to containers and go over how Kubernetes applications can deploy with lega...
SYS-CON Events announced today that Avere Systems, a leading provider of enterprise storage for the hybrid cloud, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Avere delivers a more modern architectural approach to storage that doesn't require the overprovisioning of storage capacity to achieve performance, overspending on expensive storage media for inactive data or the overbui...
In the fast-paced advances and popularity in cloud technology, one of the most critical factors revolves around concerns for security of your critical data. How to assure both your company and your customers they can confidently trust and utilize your cloud environment is most often top on the list. There is a method to evaluating and providing security that exceeds conventional modes of protecting data both within the cloud as well externally on mobile and other devices. With the public failure...
Gemini is Yahoo’s native and search advertising platform. To ensure the quality of a complex distributed system that spans multiple products and components and across various desktop websites and mobile app and web experiences – both Yahoo owned and operated and third-party syndication (supply), with complex interaction with more than a billion users and numerous advertisers globally (demand) – it becomes imperative to automate a set of end-to-end tests 24x7 to detect bugs and regression. In th...
Today most companies are adopting or evaluating container technology - Docker in particular - to speed up application deployment, drive down cost, ease management and make application delivery more flexible overall. As with most new architectures, this dream takes significant work to become a reality. Even when you do get your application componentized enough and packaged properly, there are still challenges for DevOps teams to making the shift to continuous delivery and achieving that reducti...
Microsoft Azure Container Services can be used for container deployment in a variety of ways including support for Orchestrators like Kubernetes, Docker Swarm and Mesos. However, the abstraction for app development that support application self-healing, scaling and so on may not be at the right level. Helm and Draft makes this a lot easier. In this primarily demo-driven session at @DevOpsSummit at 21st Cloud Expo, Raghavan "Rags" Srinivas, a Cloud Solutions Architect/Evangelist at Microsoft, wi...
Coca-Cola’s Google powered digital signage system lays the groundwork for a more valuable connection between Coke and its customers. Digital signs pair software with high-resolution displays so that a message can be changed instantly based on what the operator wants to communicate or sell. In their Day 3 Keynote at 21st Cloud Expo, Greg Chambers, Global Group Director, Digital Innovation, Coca-Cola, and Vidya Nagarajan, a Senior Product Manager at Google, will discuss how from store operations...
SYS-CON Events announced today that IBM has been named “Diamond Sponsor” of SYS-CON's 21st Cloud Expo, which will take place on October 31 through November 2nd 2017 at the Santa Clara Convention Center in Santa Clara, California.
SYS-CON Events announced today that Ryobi Systems will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Ryobi Systems Co., Ltd., as an information service company, specialized in business support for local governments and medical industry. We are challenging to achive the precision farming with AI. For more information, visit http:...
As you move to the cloud, your network should be efficient, secure, and easy to manage. An enterprise adopting a hybrid or public cloud needs systems and tools that provide: Agility: ability to deliver applications and services faster, even in complex hybrid environments Easier manageability: enable reliable connectivity with complete oversight as the data center network evolves Greater efficiency: eliminate wasted effort while reducing errors and optimize asset utilization Security: imple...
High-velocity engineering teams are applying not only continuous delivery processes, but also lessons in experimentation from established leaders like Amazon, Netflix, and Facebook. These companies have made experimentation a foundation for their release processes, allowing them to try out major feature releases and redesigns within smaller groups before making them broadly available. In his session at 21st Cloud Expo, Brian Lucas, Senior Staff Engineer at Optimizely, will discuss how by using...
The next XaaS is CICDaaS. Why? Because CICD saves developers a huge amount of time. CD is an especially great option for projects that require multiple and frequent contributions to be integrated. But… securing CICD best practices is an emerging, essential, yet little understood practice for DevOps teams and their Cloud Service Providers. The only way to get CICD to work in a highly secure environment takes collaboration, patience and persistence. Building CICD in the cloud requires rigorous ar...
Transforming cloud-based data into a reportable format can be a very expensive, time-intensive and complex operation. As a SaaS platform with more than 30 million global users, Cornerstone OnDemand’s challenge was to create a scalable solution that would improve the time it took customers to access their user data. Our Real-Time Data Warehouse (RTDW) process vastly reduced data time-to-availability from 24 hours to just 10 minutes. In his session at 21st Cloud Expo, Mark Goldin, Chief Technolo...
In this strange new world where more and more power is drawn from business technology, companies are effectively straddling two paths on the road to innovation and transformation into digital enterprises. The first path is the heritage trail – with “legacy” technology forming the background. Here, extant technologies are transformed by core IT teams to provide more API-driven approaches. Legacy systems can restrict companies that are transitioning into digital enterprises. To truly become a lead...
SYS-CON Events announced today that CAST Software will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. CAST was founded more than 25 years ago to make the invisible visible. Built around the idea that even the best analytics on the market still leave blind spots for technical teams looking to deliver better software and prevent outages, CAST provides the software intelligence that matter ...
SYS-CON Events announced today that Daiya Industry will exhibit at the Japanese Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Ruby Development Inc. builds new services in short period of time and provides a continuous support of those services based on Ruby on Rails. For more information, please visit https://github.com/RubyDevInc.