In this security interview, Marina Segal, CEO of Tamnoon, is discussing the most important obstacles when implementing cloud security managed in hybrid and multiple clouds. They share visions at the long times on board the plane, old security gaps, the seller's lock, and the threats that can be overlooked that can endanger organizations.
What are the main obstacles that CISO faces when spreading managed cloud safety solutions, especially in hybrid and multi -liquid environments?
CISO is not strangers to move in obstacles – it is a practical part of the job. The challenge is to manage these obstacles in hybrid and multi -missile environments where the smallest decisions can have unpredictable consequences.
The long length process remains a large pain point for most MDRS and MSSPS. Each institution has unique policies, functioning, system engineering and integration for learning. This is before you start talking about the gaps of knowledge on the proactive and preventive aspect of cloud safety, which increases the complexity of the movement.
Many teams that focus on responding to accidents instead of trying to follow a proactive or preventive approach. And when it comes to managed solutions, old managed solutions are often comfortable in one field but try to extend to everything to no avail. For example, MDR Legacy may be great, but its technique and band are not equipped when moving to the cloud. We have seen the same problem with the tools, and for this reason the CSPM and CNAPP categories are now created to fill a vacuum in the tools.
Each of these problems can be difficult to overcome it, but when it is associated with the extinction of organizational knowledge and compliance, it is a recipe for disasters.
How can institutions ensure a vision across their cloud environments when using a managed cloud safety provider?
The long transition process is the logical starting point for institutions that seek a complete vision through its cloud environments. The more you can turn on your teams and sellers together, the better. After all, cooperation is the place where real magic occurs, because it corresponds to your team with common goals.
Early, ask the managed cloud safety provider to be fully published across the cloud and constantly monitors and wipes. It will show you this place where your CNAPP does not improve and works as a reasonable starting point. If a budget is not available for expansion, some advanced cloud security provider may suggest an open source or original cloud solution so that you can secure an additional budget for expansion with a paid solution.
Don't forget to calculate your developer accounts as well. Ideally, all cloud accounts are subject to a central organization and all of them. Often, this is not the case. These accounts can be equally risk. If permissions are prepared incorrectly, they can provide an unnecessary risk for your production environment.
It is also a key to highlight the most important alerts to avoid immersing your teams. A good reputable cloud security provider can help you to adjust CNAPP/CSPM to show the most important alerts. The vision is good, but a lot of vision drowns the decisive alerts that you need to focus on.
Finally, do not lose the focus on the compliance frameworks you use. Take the time to work with the orbit with the orbit to draw a map to them properly. Your cloud safety program needs this structure in place, especially with your organization scaling.
Many organizations are concerned about the seller's lock when using managed cloud safety services. What are some ways to alleviate these risks?
Nobody likes the seller lock, and many deals have died on the negotiating table because of it. Cloud safety is no different.
The perfect cloud security provider must follow an unreasonable approach. Their solution should be compatible with any CNAPP or CSPM solution that you use. This gives you the maximum flexibility to find the right provider without locking yourself in a specific solution. Advanced services may enable you to take open tools from sources and reach a good place before expanding a complete cloud safety solution.
You can also partnership with a cloud safety service that enhances the open standards and protocols. This approach will allow you to integrate new or additional sellers while reducing your dependency on monopolistic technology.
Training and building internal knowledge also helps. A confident service that will not maintain its knowledge of themselves and help enable your team and provide training for your team along the way. This will allow you to improve a direct strategy, performance review, and axis if necessary.
Finally, pay attention to the terms of the contract. Explain anything not sure of it, specifically when it comes to going out or immigration. You will also need to make sure that you can keep data and configurations in a non -built format if you need to change managed cloud safety services.
What are some of the most cloud security threats that are ignored and that CISO should pay more attention?
The biggest threat today: Organizations still do not respond to accidents quickly enough. Time for treatment is still one of the most ignored areas in cloud safety. We have all these alerts, but no one solves them in time. The organizations themselves should make the attackers, which require the treatment of the most important weaknesses and poor formations in minutes, not months. You cannot leave the front door open and it is expected that someone will not go. Make it difficult for the attacker to storm it, and it will (often).
Another important field of anxiety is accidents in actual time. Many organizations have ever done for a long time, some even create the SOC team, but it is not something that many have done in the cloud. This property must change to deal with cloud threats in actual time with the expansion of the company's cloud scope.
And there is iam – a more complex component but it raises the pot of cloud safety components. In modern news, some violations of low -level credentials began to be obtained before attackers topped themselves to access sensitive information. This is often due to excessive access to humans and machines. It is also one of the less understanding ingredients for the cloud. However, if your cloud safety service is truly understood the cloud, you will not ignore IAM, which is the basis of cloud safety.
How do you see the scene of the threat to cloud security that is developing in the next 2-3 years? What are the emerging attack tankers that CISO should be prepared at the present time?
There is no escape from clear threats of artificial intelligence and machine learning. The rapid pace of innovation in artificial intelligence technology already creates uncertainty in the industry. Although artificial intelligence will play an important role in defending organizations, it will be used to attack them.
We believe that cloud safety will come close to SOC in the coming years to discover and address alerts in the actual time in the cloud. To date, cloud/operations and SOC have been developed. The Cloud protects the cloud, while SOC worked on IR and focused more on non -black security problems. This was largely due to the skill gap, technology stack, and team structure. We expect to see these jobs come together. If the organization is not in the right place to get a SOC company yet, there is a strong opportunity because it will enjoy this decisive component of cloud safety to a third -party service. We see more and more organizations realize that they cannot host important applications in the cloud without being active in the threats.
Technical religion is another time bomb for most organizations. Pardoned architecture, documented symbols, uninterrupted vulnerability, and organizational knowledge gaps/compliance with unnecessary risks. This problem is known in cybersecurity and is only amplified in the cloud. Security jobs often spread through multiple teams, departments and business units.
With the emergence of multi -missile environments, companies must deploy the correct CSPM and CNAPP solutions to manage security, identity and data governance on a large scale. More importantly, we must also evaluate how to process the results, not just facilitating them. In many scenarios, end users evaluate vision, not treatment. It is a big defect that leaves you cut off to solve when you get the first 200,000 alerts. It is also the place where managed cloud safety service can help. Many companies can avoid this by exploring how to combine proactive treatment with vision through its entire institution.
