The first cloud vision throughout the Middle East leads the rapid adoption of cloud technologies, but organizations must ensure the preparation of the cybersecurity strategy for this modern infrastructure. Walid Natour, First Manager, Tenable, discusses how companies can develop and provide a strong and long -term cloud security strategy, as well as how a CNAPP solution in Tenable helps close cloud exposure.
Can you speak to us through the risks that the rapid cloud adopted, especially for regional organizations?
The Middle East, especially the United Arab Emirates (United Arab Emirates) and the Kingdom of Saudi Arabia (KSA), is witnessing a rapid adoption of cloud technologies, driven by cloud vision first. A recent report issued by MCKINSEY & Company indicates that cloud services can provide up to $ 183 billion in their value by 2030, which was created from creating and expanding new products. However, the risks online also increased due to the surface of the modern attack outside the traditional infrastructure.
Although institutions can obtain many benefits of cloud services, they also provide new cybersecurity and cloud gaps, many of which do not have the site, skills, resources, or tools to identify and process them. For those who are still using old practices designed for local technologies, the cloud safety gap will only expand and open the door to increase cloud violations.
According to the applicable Cloud RISK report, which studies the decisive risks in modern cloud environments, nearly four out of every 10 world organizations leave themselves exposed to the highest levels due to the “toxic cloud triad” from the cloud work burdens exposed to the audience and exposed in a very critical and very distinctive way. Each of these imbalances that determine alone makes risks to the cloud data, but the combination of the three greatly raises the possibility of reaching exposure by electronic attacks.
Actors know to the threat that Cloud provides a weak area in the foundation's risk, making it a major goal and leaving sensitive data and artificial intelligence resources.
How do organizations usually approach the increase in the surface of the attack that is created by distributed environments? What are the disadvantages of this approach and what is the effect on both the welfare of the team and the position of cybersecurity of the organization?
Unfortunately, most of the organizations were not matured after cybersecurity practices to face the effective challenges created by the adoption of the rapid cloud. A report commissioned with applicable cloud research and OSTERMAN research found that 80 % of organizations do not have a security team dedicated to protecting the cloud, most of them, 84 %, are only in the level of entry with cloud capabilities, which means that they take interactive or opportunistic interactive methods for cloud security. Surprisingly, about 93 % of large organizations, according to the report, work at the same levels.
The good news is that institutions that spend about 50 hours a week or more adopt a proactive approach to cloud safety, for example, implementing best practices for cloud weakness, reaching higher levels of maturity (using repeated, mechanical and integrated safety operations), but this represents only 16 % of the organizations that have been erased in the Ostraman report.
Instead of using different cloud safety tools that create Silo data and create blind spots across your cloud environments, CNAPP unifies these tools in one solution. Devsecops unite with the security and infrastructure department.
How does the cloud security solution in Tenable help closing cloud exposure?
From development to the time of operation, the proactive and preventive approach to Tenable in the clouds of the organization continuously analyzes the cloud resources of the organization to find the most important risks, unknown threats and toxic groups of security problems and provide implementable visions within minutes.
The cloud original safety platform is an effective way to manage cloud safety tools in one system, ultimately enhancing cloud safety resources at a lower cost and lost time. It is also a valuable tool for maturity of the cloud cyber cypranian practices.
Tenable Cloud Security is a solution focusing on the local cloud (CNAPP), which provides a clear and consistent risk context of bad formations, excessive badness and weaknesses-which makes mitigation, treatment and communication more implemented. It combines Tenable exposure to providing hybrid solutions (protected to OT) that reduces the risk of the surface of the attack.
Why is it extremely important to simplify safety for complex environments and how to enable this?
By unifying the vision and determining the risk priorities accurately through cloud infrastructure, work burdens, identities, data, and artificial intelligence resources, the applicable cloud security can be closed with cloud exposure to tackling the main critical risk areas:
Identity safety: It cuts risk permissions and imposes the least distinction with the best cloud identity entitlement management (CIEM) and safety for time access in time: It protects cloud data including artificial intelligence from unauthorized access and other exposure operations with Data Security Management (DSPM): Provides the ability to weak and manage all oppositions from the processes of analytical management and cloud research. Compliance with one solution. Use integrated and intended policies and evaluate risks dynamically to achieve compliance with standards such as NIST, CIS, PCI, SOC 2 and GDPR.
What are the benefits that the organization can expect after working while strengthening its cloud security approach?
Investment in cloud security that is applicable provides a significant investment returns, including visions of the clouds allocated from foundable, and pioneering research, a priority scoring for registration and individual licensing to develop security as commercial. The main benefits include:
A multi -cloud vision of complete cloud safety. Get a 360 -degree offer for all cloud resources, including infrastructure, identities, work burdens and data, and display them through all your clouds. Reduce the time of reports and effort by reporting automated compliance with integrated and dedicated policies. Continuous governance. Providing cloud infrastructure through the full life cycle from development to publication. Guidance of risks and treatment. Low mttr with detailed treatment instructions and mechanical response procedures that close safety gaps
What advice it gives to organizations at the beginning of their journey towards enhancing their cloud security strategy?
The development of a cloud safety program is not just a single offering. In addition to the presence of an easy -to -use CNAPP solution, but maintaining a strong program is a permanent effort that requires support from all the teams within the organization. It is recommended to define clear cloud safety operations while adopting a strong cloud security solution. Both should be defined as part of the organization's cybersecurity program.
When applying a cloud safety program, there are five steps that you can take to adopt the risk -based weak management approach, which corresponds directly to the cybersecurity life cycle. Discover, evaluate, and determine priority, treatment and measurement.
The choice of a cloud safety solution should not be very frustrated. You can quickly get the right track to choose the best cloud security solution for your organization.
Here are some tips:
Set a goal: What do you want to do with your solution? How is this goal in line with the goals and goals of your work? Learn “You must be”: What should the solution should do to ensure that all your goals are achieved? Make sure the potential of the product: How does the safety solution improve and reduce the risks? Understanding your compliance and other organizational requirements: Can the solution give you a vision of how to meet the requirements, where you have gaps, define weaknesses and help you determine the priorities of treatment plans? Inquire about the ability to expand and research: Can the solution expand with your organization and how it ensures that it constantly provides accurate risk data and in time with a change in your needs over time?
Are there any cloud security trends expected to be seen in this region in the coming months/year? How should organizations prepare?
Using cloud services increases quickly. Companies of all sizes in all industries are dependent on the region at the speed of artificial intelligence (AI), cloud infrastructure, services and applications, and quickly achieve the benefits of expansion, flexibility and cost reduction.
The more techniques and different assets are used, the more exposure and the surface of the attack.
Institutions must ensure appropriate composition, and manage weaknesses in the burdens of artificial intelligence and the entire attached surface. They must evaluate their current tools and start research on updating and unifying multiple cyber security practices to unify the vision, unify insight and unify the work.
Tenable One, a platform for the unique exposure management that works on the behalf, radically illustrates the vision of security, insight and work through the surface of the attack, and preparing modern organizations to isolate and electronic ethics games from the priority of infrastructure of information technology to cloud environments to critical infrastructure and everywhere between them.
