As organizations continue to migrate critical applications to the cloud, many decisions are being made. Nothing is more important than the security chosen to protect an organization and the digital traffic that passes through its networks. Your cloud providers realize that organizations need more, which is why they set up a shared responsibility model – where the cloud vendor manages cloud security, and security in the cloud falls to the customer. Best practices and direct research indicate that organizations need to supplement native firewalls with third-party network security tools to achieve adequate security.
Therefore, it is wise to stay informed about the state of the cybersecurity vendor market and any important news. In November 2024, CyberRatings.org, a non-profit organization that rates cybersecurity products, released independent testing results on the effectiveness of cloud vendors' firewalls. The results show variation in protection across the three major cloud platforms.
CyberRatings.org tested 522 moderate to high-risk exploits against firewall offerings from Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). Here's how they performed:
AWS Firewall: Only 0.3% of vulnerabilities tested were blocked. Azure Firewall: Blocked 24.14% of exploits. GCP Firewall: Best performance, blocking 50.57% of threats.
Implications of these findings
For security buyers, unbiased ratings like those provided by CyberRatings.org are crucial because they provide a fair perspective on performance. This helps organizations make informed decisions about which security solution can meet their security needs. Best practice is to take a layered approach when operating in the cloud, ideally from a vendor that can provide unified network security from on-premises data centers to all clouds like Check Point.
This is always important as you move and modernize your cloud as you share responsibility for data infrastructure operations and security. Many, who do not truly understand the security implications, often default to cloud-native security controls. However, with the increasing number of cyber attacks, this decision should not be taken lightly. In fact, in Q3 2024, Check Point Research (CPR) saw an average of 1,876 cyberattacks per organization, representing a 75% increase compared to the same period in 2023. Cloud providers realize that organizations need more and that's why Establish a shared responsibility model. Their platforms are designed for builders, putting the tools needed on top to secure and optimize their cloud application stack. Security is an important building layer, and as the research indicates, organizations need to supplement native firewalls with third-party network security tools to achieve adequate security.
The results also underscore an important point: What do organizations gain from their security investments? When organizations add up their monthly cloud invoices, each line is analyzed in terms of its value to the organization and customer. Firewall security is an element that must be carefully taken care of, whether through the native cloud provider or a third-party vendor as it can have a broad regulatory impact that goes far beyond the network traffic it protects.
Recommendations for cloud security buyers
Evaluating third-party security solutions
Given the limitations exposed in native firewalls provided by off-the-shelf cloud vendors, organizations should explore third-party tools designed to provide robust cloud security. Many vendors offer advanced solutions designed specifically for hybrid and multi-cloud environments, but there is only one cloud firewall vendor that provides unified on-premises data center and multi-cloud security with maximum threat prevention while providing consistent access control from a management console One, it's called Check Point CloudGuard. Adopting a multi-layered security approach
Security is unique for everyone, and no use case is exactly the same. So the best practice is to take a layered approach when operating in the cloud, ideally from a vendor that can provide unified network security from on-premises data centers to all cloud networks. To provide operational efficiency, it is best to have a single management console as well as log integration for visibility, forensic analysis, and network troubleshooting. This makes firewalls much easier and more cost-effective to manage regardless of location, providing consistent access control across networks with advanced threat prevention capabilities. Of course, adding employee cyber awareness and regular vulnerability assessments will help you sleep a little better at night, too. Stay up to date
Independent reviews and reports, such as those from CyberRatings.org, should be part of any organization's due diligence process when selecting or evaluating a cloud provider.
Final thoughts
For those looking to purchase cloud services, CyberRatings.org offers great value. Despite the proven scalability and flexibility of cloud platforms, firewall security deserves a second look to ensure successful operations over the long term. As organizations continue to embrace cloud computing, understanding the strengths and limitations of native security tools is critical. The next steps are clear: Organizations must continually access their cloud strategies and seek the best security solutions to ensure their critical assets are protected in a constantly evolving threat landscape.
If you want to protect your valuable cloud assets, learn more about industry recognition Check Point CloudGuard has been recognized for delivering AI-powered threat prevention and a cohesive cloud security strategy.
