Cloud-native applications are part of tech’s ‘new normal’ – designed specifically for the cloud, to drive the speed, efficiency and scalability which is transforming the way we work. The Covid-19 pandemic has accelerated cloud adoption, giving global businesses the flexibility to respond to changing priorities and a distributed workforce.
You only need to read IDG’s Cloud Computing Study 2020 report to appreciate the impact of cloud computing on enterprise IT. Over 90 percent of businesses now operate – at least partly – in the cloud.
However, with the benefits of access and efficiency come drawbacks in security. Users can access cloud environments from any device, anywhere, and businesses pay for this convenience in reduced protection compared with local networks.
The question on business owners’ lips is: how can we reap the rewards of cloud computing without compromising cyber security?
Understanding the challenge
While the term “cloud-native” is yet to be universally adopted, its meaning is clear.
Instead of negating the benefits of intuitive cloud platforms with the clunky integration of existing tech architecture, a cloud-native approach promotes building infrastructure specifically for the cloud – designed to make the most of its unique capabilities.
The common challenge for those adopting these cloud-native applications is navigating the ‘shared responsibility’ security model. This is where security is determined by the joint effort of provider and user.
Cloud computing providers are responsible for the security of the cloud – its infrastructure and access credentials – while customers also have a responsibility to secure their data within the cloud.
Cloud-native applications demand their own security strategy. So, problems arise when customers take the same approach to the cloud as when operating on traditional on-premises networks.
This is not to mention traditional IT challenges, including human error and Shadow IT – when changes are made, or new updates and assets are added by users other than the central IT department – which threaten to leave cloud environments unsecure and vulnerable to attack.
Not only do businesses have these risks to contend with, but to fully secure their cloud-native environment they must be aware of and mitigate, the rising and increasingly complex risk of targeted cloud attacks.
According to the 2021 CrowdStrike Global Threat Report, threat actors are increasingly using data extortion tactics whereby they hold data “to ransom” for often huge sums of money. In 2020, there were 1,430 attacks detected by CrowdStrike Intelligence services that used data extortion techniques.
Shift security to the left
When configuring cloud-native applications, security is traditionally left to the end of the process. Developers focus on user experience and design and once the application is packaged up, it’s handed over to the security team to patch it.
This is quickly becoming an unfeasible process. With so many moving parts and such complex modern cloud environments, security simply cannot be an afterthought.
The results for those who leave security until last include both incompatible security – which leaves the application unsecured as security cannot be rolled properly within the existing environment – and hefty additional costs and delays due to reconfiguring the whole environment.
The solution is to switch to a ‘shift left’ approach to security – moving it to the soonest possible point in the development process, so security takes a primary role in application development, rather than being applied retrospectively to the finished product.
Integration of security teams should be prioritized in the CI/CD pipeline. Working alongside developers, they are able to embed security processes at each stage of product development, making sure the patches are intuitive and relevant.
Aside from the obvious benefits in fit-for-purpose security, taking a shift-left approach also allows businesses to reap the rewards of increased speed-to-rollout and cost-efficiency.
In fact, research suggests the cost of addressing security issues in the design phase is six times cheaper than during implementation and 15 times more cost-effective than during the testing phase.
The evolution of cloud security
As businesses move to protect their cloud environments, the traditional approach is three-fold:
Cloud Access Security Brokers (CASBs) act as an automated security checkpoint between cloud applications and their users – monitoring user behavior and mitigating the risk of data theft.
Cloud Security Posture Management (CSPM) prevents misconfigurations and supports compliance across all cloud infrastructures by continuously recording compliance violations and incident responses.
And Cloud Workload Protection (CWP) secures the deployment and operation of all applications across the cloud network.
However, while the intent to secure the network is a positive one, the reality is that these separate products – often delivered by separate vendors – rarely integrate efficiently, or at all. The result for those intent on rolling out these solutions is a lack of end-to-end visibility across the cloud and blind spots in network security which leave businesses wide open to attacks.
As the adoption of cloud-native infrastructure grows, so does the demand for comprehensive and integrated security stacks which comprise the benefits of both CSPM and CWP. This has led to the development of Cloud-Native App Protection Platforms (CNAPPs).
As its name suggests, CNAPPs provide the optimal level of protection for cloud-native infrastructure, at every stage of the lifecycle – from development through to operation. This comprehensive protection has transformed the way businesses are able to access, operate and secure their cloud environment.
Analytics data previously collated across different platforms is now conveniently accessible in one place, giving security teams an efficient birds-eye view of activity and providing greater contextual data on potential security threats.
Plus, CNAPPs eliminate human error which can arise when integrating siloed security solutions. This type of misconfiguration makes up 64 percent of all human error incidents, so eliminating these blind spots gives security teams unrivalled peace of mind.
Ultimately, these advantages lead to reduced costs associated with embedding multiple solutions from different providers, and also a reduction in demand on busy IT teams.
Those keen to reap the rewards of a CNAPP solution should look for products that fulfil certain criteria. Full integration of CSPM and CWP in one cloud-native management console gives users comprehensive security and complete visibility over the status of their environment.
It also leverages the power of machine learning (ML), artificial intelligence (AI), indicators of attack (IOAs) and analytics and behavioral detection technology. These, in combination with human threat hunters, give businesses continuous runtime protection.
Businesses should also demand end-to-end visibility across the product lifecycle and protection for on-premises and serverless containers, protecting all aspects of their workflows in the cloud.
David Puzas, Sr. Product Manager for Cloud Security, CrowdStrike