In the Cloud, You Can’t Secure What You Can’t See

How confident are you that you know every asset running in your public cloud right now?

Your virtual machines, your SQL databases, the storage accounts holding files and logs — if your organization is like most, these resources are essential to powering your business-critical applications. Without them, your employees will lose access to key systems, services will fail, and productivity will halt.

One recent survey of more than 1,000 cybersecurity leaders found that 70% struggled with visibility gaps in their cloud environments. They don’t know what they have in the cloud, and when they do know, they’re not necessarily equipped with the technologies they need to keep those assets safe.

One common reason for the problem: Some assume their cloud provider will adequately protect the things they’re paid to host. Why invest in visibility, the thinking goes, when Azure or Amazon Web Services has cybersecurity covered?

The answer is, that’s not how the shared-responsibility model of cloud security, embraced by major cloud platforms, works. The cloud is as safe as any other computing environment, but you can’t depend on the provider to do all the work. When I talk with IT teams about cloud security, I tell them that visibility is the key to upholding their end of the shared-responsibility bargain. Here are a few reasons why:

You can’t secure assets you don’t know exist. Public clouds are dynamic by design, with resources constantly being spun up or spun down. If you don’t have a means for continuous discovery, orphaned workloads may go unnoticed, and old test environments can be simply forgotten. With visibility, you can eliminate the blind spots to reduce your attack surface and minimize risks.

An estimated 80% of cloud data breaches are a result of misconfigurations. Without proper monitoring, overly open permissions, mismanaged application programming interfaces and other human errors can easily go undetected. But with the right visibility tools, organizations can identify when misconfigurations are present and enforce security policies before it’s too late.

Security teams need context to effectively distinguish between normal activities and suspicious behaviors, and that requires a unified view across workloads, identities and data. With visibility, cloud threats can be detected faster and countered more effectively.

Ultimately, visibility isn’t just about security. It affects everything from compliance and governance to cost savings and operational efficiency. With this in mind, I usually recommend that organizations steer away from point tools for cloud security that may not talk to each other, and instead look to all-in-one technologies like cloud-native application protection platforms (CNAPP), which provide a holistic view of the entire cloud environment. A good CNAPP can correlate security alerts with contextual data and then integrate its findings under a single pane of glass. It’s a solution that puts cloud visibility front and center — right where you need it to be.