top of page

“Tool Bloat” Slows Cloud Threat Capabilities for Organizations


cloud security

Palo Alto Networks recently released the results of its third annual global survey of over 2,500 C-level executives, detailing the current state of cloud-native security. The report found that organizations have increased their cloud usage by more than 25% since the previous year, with enterprises now looking to the cloud for its flexibility and agility, rather than for cost-saving measures. Palo Alto Networks highlights that mitigating risk is a core driver for cloud adoption, with 90% of organizations unable to detect, contain, and resolve cyber threats within an hour.


Code-to-cloud security is enabled by open-source applications, libraries, and tools, and this software supply chain is under frequent attack. Palo Alto found that 81% of its respondents embed security professionals into their DevOps teams, with security being integrated into the development lifecycle being the top challenge for IT organizations. Dave Ratner, CEO, HYAS shared his insights on cloud security challenges facing organizations and how they can overcome cloud complexity:

“The growing complexity of cloud environments, whether it is hybrid cloud, multi-cloud, or simply a growing infrastructure, means that it's easy to lose the visibility of what's actually going on inside the environment. Without the proper visibility, it's increasingly difficult to ensure proper controls, which provides great opportunities for bad actors to hide without being seen, communicate with their command-and-control for instructions and data exfiltration without being detected, and otherwise perform nefarious actions at will.

What's required is the proper level of visibility and observability into the environments to detect, in real-time, any and all anomalous communications -- only then can organizations actually enforce their controls, cut down on the mean-time to detect anomalous communications, and shine a light on the bad actors' hiding spots.

While this visibility may have been performed in the past through deep packet inspection or other mechanisms, the growth and complexity of the cloud environments makes that nearly impossible at scale; nevertheless, organizations which monitor and track their DNS traffic can actually address this problem in a light-weight, easy to deploy, easy to manage, and inexpensive to operate manner. This allows organizations to shift left, move into a true business resiliency and business continuity program, detecting and shutting down anomalies in the network before they become significant breaches and issues.”


The survey also showed that 81% of respondents said they would benefit from a centralized security solution across all their cloud accounts and services.


Palo Alto Networks found that 78% of organizations have distributed responsibility for cloud security to individual teams, while 47% said most of their workforce does not understand their security responsibilities. Managing holistic security across teams and embedding security across the development lifecycle are the top two challenges for IT organizations. The report warns of over-tooling and the danger of managing too many tools that can increase complexity, amplifying the problem.


###

Comentarios


bottom of page