Why the cloud is becoming the new normal in security?

More branch offices are connecting directly to the internet. And more unmanaged devices used by roaming users are connecting to the network. If your security only protects against malware when employees are on your corporate network, your employees are exposed. Cloud-connected organizations need security that protects users anytime, anywhere, even when users are not on the VPN.

The cloud — at one point it was a revolution in the workplace. But the cloud is no longer a trend or a movement. It’s now so integrated into IT and infrastructures that, for many companies, it’s simply another part of the business. The availability of mobile devices and cloud services has redefined not only the way we work, but where we work. Critical infrastructures, applications, and massive amounts of sensitive data are now stored in the cloud, leaving companies at risk of damage if cloud accounts are compromised. With the cloud fast becoming the new normal, network security solutions need to adapt.

Why the cloud is becoming the new normal in security

Read on this article to learn how Cisco Cloud Security helps you securely adopt and use the cloud, and better manage security for the way the world works today.

Content Summary

Times have changed
Security needs to catch up
IT constraints increase vulnerabilities
Reactive security isn’t enough
A modern approach to security
How to secure the cloud
Manage security better than ever
Protect users, devices, and apps — everywhere
Cisco Cloud Security solutions

Times have changed

The cloud — at one point it was a revolution in the workplace. But the cloud is no longer a trend or a movement. It’s now so integrated into IT and infrastructures that, for many companies, it’s simply another part of the business. The availability of mobile devices and cloud services has redefined not only the way we work, but where we work. People can work anywhere now — not just from branch or corporate offices, but also from coffee shops, airport lobbies, campsites, city sidewalks, and their homes.

As work migrates out of the traditional office, users are moving off the network and accessing the cloud directly. More applications and servers are moving to the cloud to take advantage of cost savings, scalability, and accessibility. And the changes don’t stop there — critical infrastructures, applications, and massive amounts of sensitive data are now stored in the cloud, leaving companies at risk of damage if cloud accounts are compromised.

While increased mobility and flexibility in the workplace has led to reduced costs and booming productivity, innovation, and independence, it comes at a price. Organizations are no longer safely protected behind their firewall or secure web gateway. With the cloud fast becoming the new normal, network security solutions need to adapt.

By 2018, SaaS usage is expected to increase 70%. – Riley, Steve. “Keeping SaaS Secure.” Gartner Security & Risk Management Summit. 22 August 2016.

Security needs to catch up

More branch offices are now connecting directly to the internet, more unmanaged devices are connecting to the network, and more users are accessing company resources while roaming. With users, apps, and data leaving the perimeter, gaps emerge that leave organizations susceptible to attacks. Cloud services can also lack basic security protections and may even be used without the knowledge and control of the IT team. As a result, IT teams have reduced visibility and control over their environments and sensitive enterprise data.

Security can’t wait any longer — it needs to work now and evolve as new cloud services are adopted. Organizations need a simpler way to gain comprehensive visibility beyond the perimeter. They need to identify potential threats and respond faster, no matter where users access the internet. And they need to be able to simply and effectively manage consistent security policies from one place.

  • 49% of the workforce is mobile. – Vijayan, Jaikumar. “Securing Portable Data and Applications for a Mobile Workforce.” SANS Institute Reading Room. May 2015.
  • 69% of branch offices have direct-to-internet access. – “Securing Direct-To-Internet Branch Offices: Cloud-Based Security Offers Flexibility and Control.” Forrester Consulting. July 2015.
  • 25% of corporate traffic will bypass perimeter security by 2021. – Gartner Predicts 2017: Network and Gateway Security.
  • 1/3 of successful attacks experienced by enterprises will originate via shadow IT by 2020. – Panetta, Kasey. “Gartner’s Top 10 Security Predictions 2016.” Gartner. 15 June 2016.
  • >25% of identified attacks in enterprises will involve Internet of Things (IoT) by 2020. – “2017 Annual Cybersecurity Report.” Cisco. January 2017.

IT constraints increase vulnerabilities

The perimeter has become blurred, and operational complexity is rising. Network and security operations teams spend too much time trying to enforce security policies, and are constantly bombarded with security alerts. And current security systems don’t provide the context, intelligence, or visibility needed to determine which threats are of highest priority. On average, IT teams can investigate only 56% of security alerts on a given day — meaning dangerous threats can slip through the cracks.

Which constraints stand in the way of closing the security gaps?

Budget, compatibility with legacy systems, certification requirements, and talent shortages are the main restrictions cited by the Cisco Annual Cybersecurity report.6 Lack of budget is a perennial challenge for security teams, but disparate systems that don’t integrate — where security is “bolted on” rather than embedded — are becoming more of a problem as cloud usage grows. These non-integrated defenses allow space for cybercriminals to launch attacks. And the lack of IT resources or time intensifies the need to truly understand what is happening in the security environment.

70% of user activity originates from browsers without the latest security in place. – Cisco CloudLock. CyberLab.

Reactive security isn’t enough

As the workplace evolves and the perimeter grows, attackers also are advancing and developing — they’re invading organizations in more unique, targeted ways. But while cyberattacks are getting faster, smarter, and stealthier, IT professionals are still relying on traditional network defenses like firewalls and secure web gateways. Traditional security can’t extend protection to mobile users or handle the exponential increases in internet traffic that have become commonplace. And they can’t deal with increasingly sophisticated threats.

Conventional network security is inherently reactive: Only after malware, ransomware, phishing, and other malicious attacks are detected can they neutralize the threat. In 60% of cases, attackers are able to penetrate and compromise an organization within minutes, while lagging security defenses take days or longer to detect a breach. This reactive security approach leaves organizations vulnerable.

Traditional security can protect only against malware, ransomware, phishing and other attacks after they’re detected.

A modern approach to security

As security evolves beyond the perimeter, security in the cloud has become a shared responsibility between cloud service providers and the organizations they support. Cloud service providers are responsible for the security of their infrastructure, while organizations that use those services are responsible for user activities on top of that infrastructure.

Cloud service providers build security measures into their cloud applications and platforms; but their capabilities cannot address the risk introduced by user behavior. It’s critical for security teams to surface and respond to abnormal user activity, but they’re stymied by limited visibility into user activities within SaaS, Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Identity-as-a-Service (IDaaS) environments.

A modern security approach extends protection to cloud infrastructure so that users, data, and applications are covered everywhere — not just on the corporate network. So what’s needed for your company to secure beyond the perimeter and into the cloud?

Security in the cloud is a shared responsibility
Security in the cloud is a shared responsibility

How to secure the cloud

Companies need to adopt new technologies and security measures without affecting employee productivity or business growth — so it’s no surprise that by 2020, more than $1 trillion in IT spending will be directly or indirectly affected by the shift to cloud.

It’s not realistic — or necessary — to completely overhaul existing security infrastructure. Instead, additional protection that extends existing security investments off premises must be able to seamlessly integrate with current security layers, so employees are protected anywhere they work — and on any device. And while employees, applications, and data move beyond the perimeter, IT teams need to simply and effectively manage security from one single place.

Security teams need complete visibility and control for all internet activity, including traffic to bought and built cloud applications so they’re protected against internal and external threats, like malware, compromised accounts, and data breaches. They need reliable intelligence that enables them to identify, respond to, and protect against potential threats faster and earlier — and a way to enforce this intelligence whether employees are on or off the corporate network.

What companies need?

  • Comprehensive visibility and control over connected cloud applications
  • Scalable security across cloud environments, and seamless integration with existing stacks
  • Earlier and faster responses to threats, on or off the network
  • Identification of malicious infrastructure and remediation of sensitive data in the cloud
  • Discovery of compromised accounts and malicious insiders

Manage security better than ever

Cisco Cloud Security helps you securely adopt and use the cloud, and better manage security for the way the world works today.

Gain better visibility into internet activity across all office locations, roaming laptops, and cloud applications. Employ automatic threat detection and faster responses. Deploy in minutes across distributed sites. Cisco Cloud Security is an effective security platform that is open, automated, and simple to manage. And it’s backed by industry-leading threat intelligence.

While secure web gateway products have traditionally been used to control the sites visited by users, Cisco Cloud Security solutions put the focus on actually helping you safely adopt the cloud and secure users wherever they access the internet. Now you can protect users and secure your data and applications in the cloud.

  • Protect users anywhere they work: Stop threats before they happen.
  • Protect the applications you buy: Defend against compromised accounts, insider threats, cloud malware, and data breaches.
  • Protect the applications you build: Extend security and controls to applications running on the public cloud infrastructure.

Protect users, devices, and apps — everywhere

Cisco Cloud Security complements existing network security by providing an additional layer of protection when users connect directly to the internet and cloud services. This comprehensive coverage delivers complete visibility and protection for employees accessing the cloud and for applications bought or built in the cloud. It’s cloud-managed security that is simple to use, fast to deploy, and completely scalable.

  • Block threats earlier: Stop malware before it reaches your network or endpoints. Reduce the time spent remediating infections.
  • Extend protection: Remove blind spots. Protect users anywhere they go, anywhere they access the internet.
  • Secure users, data, apps: Protect users, data, and apps in the cloud against compromised accounts, malware, and data breaches. Enable compliance.
  • Enable secure cloud use: Improve security with no impact on end-user productivity.

Cisco Cloud Security solutions

Built into the foundation of the internet, Cisco Umbrella delivers complete visibility into internet activity across all locations, devices, and users, and blocks threats before they ever reach your network or endpoints. Cisco Cloudlock helps accelerate use of the cloud and protects users, data, and apps across software as a service, platform as a service, and infrastructure as a service. Together, Cisco Umbrella and Cloudlock enable visibility and protection for your mobile, cloud-connected enterprise.

Cisco Umbrella, a Secure Internet Gateway, provides the first line of defense against threats wherever users go, even off the VPN.

“Umbrella’s time-to-value was nearly immediate. Within days of deploying Umbrella, we could see that endpoints away from the corporate network were protected against malicious attacks and websites.” — Greg Peterson, Senior Director, IT Security, Avanade

Cisco Cloudlock, a cloud access security broker, protects against compromised accounts, data breaches, and malware in the cloud.

“The biggest benefit Cisco Cloudlock provides for us is visibility into what users are doing, what they are storing up in the cloud. Without Cloudlock, we would not have had nearly as good a view into what is out there and how to take action on it.” — David Duchan, Information Security Engineer, Ahold

Source: Cisco Cloud Security Team ebook [Security’s new frontier: The Cloud] – Protecting for user, data and applications everywhere