By Matthew Chiodi, Chief Security Officer, public cloud at Palo Alto Networks
Enterprises have been enjoying the flexibility and torrent of innovation that public cloud platforms have provided over the years. However, adopting public cloud services can also magnify security risks and compliance challenges if not carefully planned for in advance. Here are some cloud security trends I’ve observed over the last year and predictions I have for 2019.
Trend: Account compromises are increasing in scale and velocity
Credential compromises are becoming more commonplace in public cloud. In fact, Unit 42 (the Palo Alto Networks threat intelligence team) examined new and existing threats to cloud security from late-May through early-September 2018 and found that 29 percent of organizations had potential account compromises. This shattering statistic is only made more severe given that 27 percent of organizations also allowed root user activities. Compromise a root cloud account and its game over. The attacker gets full access to nearly everything in your cloud account. Organizations clearly need to enforce strong governance and access hygiene, as well as operate under the assumption that account compromises are inevitable. Following this principle of assumed breach enables organizations to focus on monitoring to detect and rapidly respond to suspicious user activities.
Trend: Containers are booming but not secure by default
There’s no question that containers are rapidly gaining traction in the enterprise. Backing this up is Unit 42 research which shows that one in three organizations use native or managed Kubernetes orchestration. Even with the cloud titans (AWS, Azure and Google) doing much of the heavy-lifting for managed container services, there is still security work for cloud consumers to address. One area of extreme importance is network security (yes, still very much applicable in the cloud!). Unit 42 found that 46 percent of organizations allow traffic from any source to their Kubernetes pods, which is definitely not a best practice.
Prediction: Public cloud security standards/benchmarks go mainstream
Security teams used to spend months grappling with writing cloud security standards. In 2018 the Center for Internet Security (CIS) completed security benchmarks for all major public cloud infrastructure platforms. These benchmarks take the guesswork out of the standards process and will save your team from the drudgery of starting from scratch and constant maintenance as cloud providers constantly release new features. While there is no silver bullet when it comes to cloud security, the CIS benchmarks can serve as a strong foundation. Implementing these standards is not a panacea – but it has the ability to greatly reduce many of the common cloud security issues that made the news in 2018.
Prediction: Cloud will go from CIO initiative to board-level requirement
Up until 2018, cloud usage was largely fragmented by business unit. In 2018, CIOs largely took this up as an organizational level initiative. Most businesses now realize the cloud allows them to innovate faster and view it as a differentiator for the organization. In 2019, I expect to see boards beginning to require CIOs and CISOs to implement organization-wide cloud initiatives – and hold their feet to the fire to make sure this becomes a reality.
If you thought 2018 was a hectic year for public cloud, just wait to see what 2019 has in store for us. Take a deep breath, stay focused and get ready for the ride.