Cloud adoption has witnessed exponential growth over the past few years. However, it brings forth a new set of cyber risks that endanger organizations and their customers. In the best-case scenario, these unknown cyber risks may result in increased costs, while in the worst-case scenario, these risks can lead to loss of customers, reputation, business, money and may even force smaller companies to shut shop.
To address these risks and minimize their impact, we have developed a Cloud Risk Management Framework. By following the steps outlined in this framework, organizations can safeguard themselves against new cyber risks posed by cloud adoption and focus on cloud computing benefits.
Cloud Risk Management framework has 5 steps:
Start with evaluating your organization’s existing IT infrastructure and thoroughly analyze the benefits of migrating to the cloud. Identify which applications would benefit from migrating to the cloud and which should continue residing in your existing on-premises data centres. Be aware that transitioning from an on-premise IT environment to a cloud would fundamentally change your cyber threats. Hence, you would have to rethink your Cyber Security Strategy.
- Prepare: Once you have understood your existing infrastructure & identified applications to be migrated, prepare for the transition to the cloud. In this phase, compare offerings of various cloud providers, focusing on security services provided by them. Build a good understanding of the Shared Responsibility Model, which defines the segregation of security responsibilities between cloud providers and your organization. Usually, security responsibilities for cloud applications fall into two broad categories:
- Cloud service provider (CSP): CSPs are responsible for supporting/patch the foundational services, networks, and operating systems (OS).
- Responsibility for the data and mission systems/applications within the cloud: Customers are often responsible for securing and patching the application and data layers.
Ask the following questions:
- Is security a stated service offering(s), and if so, what does that service(s) provide?
- Is security embedded/included with other service offerings?
- What security-related DoD policies, directives, or processes are followed, and how are they implemented?
- Can service level agreements (SLAs) be established based on secure performance measurements?
- Is security-focused monitoring and reporting offered??
Armed with all the knowledge, define cybersecurity guidelines for the cloud. Train your team, establish & evangelize security controls, and set up mechanisms to control access to cloud resources.
- Transition: This is the phase when you will migrate your applications to the cloud. Use the security guidelines defined in the previous step to evaluate the security posture of applications as they are migrated to the cloud. Some good practices while transitioning the applications to the cloud:
- Change all the default passwords and admin passwords provided in the cloud.
- Find if existing and proven security systems, tools, and processes can be used within or integrated with the cloud.
- Do not drop or lessen your security posture while applications or systems are transitioning to the cloud.
- Verify everything is safe once the move is completed.
- Ensure all your data and applications are secure and functional once the transition to the cloud is complete.
- Generate detailed logs in your applications. Either use log storage services provided by the CSPs or store those logs in long-term storage.
- Monitor: Once the applications have been migrated to the cloud, they must be constantly monitored for any anomalies. This allows for a proactive response, ensuring data security and maintaining the excellent health of systems on the cloud. Use the logs generated by applications to monitor their work. Look for any anomalies that may indicate a potential breach. If a breach is detected, you can quickly respond to it.
- Mature: This phase deals with continuous improvement of security posture. Cyber Risks are constantly evolving, and hence security has to evolve as well. Use the information generated via monitors to keep fixing gaps in your security posture. Also, do regular security audits of your environment and use the findings to improve your security posture. Approach security from a holistic point of view with a layered security “defense in depth” posture against cyber threats. Consider having:
- Consolidation – Data consolidation to improve efficiency and unify security information provided across the cloud
- Automation – Automation of security processes, services, and tools to require less workforce; increase response times to threats; and improve efficiency to provide better service
- Collaboration – Remove the barriers of data, software, or IT architecture to facilitate correlation and aggregation of all data feeds to support defense in depth
- Intelligence – Generates easy to understand actionable intelligence: to spur decisions by administrators and operators.
- Visibility – Maintain a real-time view of an enterprise, including all connected devices, and provide continuously
Overseeing your organization’s cybersecurity is an ongoing challenge, as unique and more sophisticated cyberattacks come out every day. Moving your applications and information to the cloud offers several advantages like reduced prices & gaining a competitive edge. However, you need to be aware of cyber risks and prepare against them. The framework presented in this article can help you deal with cyber threats that your organization may face as part of cloud adoption.
Be a part of Quick Heal – Quick Heal Security Labs is a leading source of threat research, threat intelligence, and cybersecurity. We analyze data fetched from millions of Quick Heal products across the globe regularly to deliver timely and improved protection to its users. Are you passionate about working on cutting-edge malware analysis systems, Cloud, AI/ML? We are always looking for talented engineers and managers. Click here to know about our current openings.