Cohort Analysis in the Age of Digital Twins

Cohort Analysis in the Age of Digital Twins

To be actionable, Big Data and Data Science must get down to the level of the individual - whether the individual is a customer, physician, patient, teacher, student, coach, athlete, technician, mechanic or engineer. This is the “Power of One.” By applying data science to
Infosec thought leaders

Why you should add a connection broker to your suite of DevOps tools

DevOps Connection Broker When staring down the DevOps path, you have no lack of tools to help you pave the way. But there’s one you’ve probably never thought of, maybe even never heard of, and it’s time to expand your horizons. Please allow me to

Cloud Security

In September, McKinsey released what might be looked back upon as a seminal survey. It opened the report with a simple, powerful declaration: “The cloud debate is over.” The data told a story that the pace of IT workloads moving to cloud is now at a “material” level and the impact would ripple across the industry. The survey reaffirmed the view of CIO’s and IT executives that security and compliance continue to be the top concerns of cloud adoption.

Now that the cloud is just accepted as a safe and viable growth path, it’s important that decision makers think about budgeting for cloud security differently. They are no longer buying hardware appliances and enterprise software. They need agile SaaS tools that can can scale and adapt to their cloud-based infrastructures to grow confidently and allow them to move even faster.

The Current State of Cloud Security

The growth of cloud adoption brings with it a serious need for more disciplined security practices. Between the MICROS/Oracle breach, the SWIFT Network attacks and a rash of healthcare industry data breaches, it seems every week there’s another major story about vulnerable data getting into the wrong hands. In today’s cloud-based business landscape, it’s no longer a question of if your organization will be targeted; it’s when.

While major cybersecurity breaches continue to dominate the news, the reality is only 3% of companies experience catastrophic losses worth more than $1 million. Smaller, internal threats are far more common for most organizations, and they can still cost companies significant capital. In fact, the Ponemon Institute found that insider activity is the most expensive ongoing cybersecurity threat to date, costing companies an average of $144,542 annually.

To combat cybercrime and proactively protect your organization, a more evolved approach to cloud security is necessary. Many organizations implement an outside-in approach, working to protect their infrastructure perimeter and company assets from malicious intruders who may be trying to gain access. However, this approach doesn’t take into account the possibility of internal threats, or hackers who have already gained access. Organizations and cloud security professionals need to focus on thwarting the advanced threats within cloud environments themselves, all while maintaining total compliance, of course.

This inside-out approach to cloud security isn’t always easy, however, and it can be made more difficult by the fact that cloud security professionals capable of handling the cloud’s advanced threats and compliance issues are becoming increasingly rare. Case in point? Cybersecurity Ventures found that the cybersecurity workforce shortage is expected to reach 1.5 million by 2019. This is creating a need for better tools to help operations teams level-up on security, thus improving operational efficiency. The big benefit: empowering those closest to the infrastructure to make the rapid changes necessary to improve security and continuously manage their security state over time.

Inside-Out Cloud Security Monitoring Considerations

Monitoring needs to occur at the workload layer, because here, activity can be monitored across multiple areas deep within the environment to accurately identify and stop inappropriate internal behavior before it causes damage.

 

It’s equally important for organizations to consider their Operations team when evaluating cloud security monitoring services or tools. Given the increasing overlap between Operations and security, monitoring tools should be able to integrate security alerts directly into “DevOps” workflows so teams can respond quickly and with context about what occurred. In other words, security information needs to move to where your teams are working every day and you need to choose platforms that can integrate easily and surface alerts and context in situations that matter.

One example of an inside-out approach to cloud security monitoring includes vulnerability management, which is used for scanning three key areas particularly prone to attacks: web applications, operating systems and everyday packages. With access to production, for example, a misguided or malicious employee could easily install an unauthorized package in your base AMI, or worse yet, install a package directly on production environments. With vulnerability management implemented as an inside-out strategy, however, DevOps teams can verify the attack surface of every installed package before it goes live and wreaks havoc.

By continuously monitoring for suspicious or unauthorized behaviors, organizations can identify internal threats before they spiral out of control. Real-time cloud security monitoring can aid organizations in their efforts to combat cybercrime and thankfully, such technology doesn’t require designated, in-house security professionals. However, it’s important to ensure monitoring is conducted from within the cloud workload itself and that it provides immediate and actionable alerts so DevOps teams can rapidly plan and carry out effective remediation. Lastly, to effectively protect your organization’s data, systems, customers and brand reputation, it’s critical to implement monitoring technology that can analyze normal system behavior as well as anomalous trends, so that any new or suspicious activities can be swiftly identified and contained before a breach occurs.

By Chris Gervais

Chris Gervais

Chris Gervais, VP of Engineering. As Threat Stack's head of Engineering, Chris is passionate about building, not only a rock solid, high-performance product, but also a team of elite engineers, industry best processes and a culture that attracts the best talent. Prior to Threat Stack, Chris held senior positions at lifeIMAGE, Enservio, Partners Healthcare, Inc., Inflexxion, Inc. and VIS Corporation, where he was responsible for engineering, technical operations, and technology strategy for cloud platforms.

View Website

TOP ARCHIVES

How artificial intelligence and analytics helps in crime prevention

How artificial intelligence and analytics helps in crime prevention

How Artificial Intelligence Helps Crime Prevention According to a study released by FBI, there is an annual increase of 4.1% ...
Working with security researchers to make the web safer for everyone

Working with security researchers to make the web safer for everyone

Working with security researchers What do a 19-year-old researcher from Uruguay, a restaurant owner from Cluj, Romania and a Cambridge ...
How to Improve the Backup Success Rate of Data Centers?

How to Improve the Backup Success Rate of Data Centers?

Improve Backup Success Rate According to industry analysts, a significant number of backup jobs (from 5 to 25%) are failing ...
Infosec thought leaders

How a Connection Broker Manages Complexity and Remote Access

Hyperconverged and Hybrid Environments Consolidating desktop workloads in the datacenter using hyperconverged infrastructure and virtualization optimizes resources, reduces power consumption, ...
Back to the Future: 2018 Big Data and Data Science Prognostications

Back to the Future: 2018 Big Data and Data Science Prognostications

“We should study Science Fiction in order to understand what someday could become Science Fact.” – Dr. Who? Doc Brown? ...
No posts found.