Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd

Posts Tagged :

cloud

Four Steps to Security Automation Success

960 640 Guest Post

By Ofer Elzam, VP and GM, FireMon Cloud & Automation Solutions

Security automation projects are making headlines, with everyone looking to automate at least some portion of the policy management process. Usually, the goal is to save time and money by automating firewall administration and policy management.

However, these two categories have grown exponentially in scope and complexity in recent years, so automation projects often become much larger and time-consuming than originally intended and produce varied results.  In some less-than-stellar cases, they even collapse all together, and people revert to the original manual processes they were seeking to automate.

How can this situation be avoided? There are four steps security organizations can take to dramatically increase the likelihood of success in security automation projects, we’ll cover the first two now:

  1. Have a clear goal. Almost everyone automates to save money and improve efficiency.  But you must define more functional requirements than that – after all, there are many approaches for saving money. Focusing on a clearly defined operational goal is the key to determining the right approach, which, in turn, defines how much and where you will realize cost savings and efficiency gains. 

    What if you defined your goal to achieve a standard security process to meet a service level agreement (SLA) of 24 hours instead of the week or so it takes now? You could do this by analyzing the existing process and mitigating inefficiencies through the surgical application of automation, or even simply improving on existing manual processes.  

    Other projects like micro-segmentation, Zero Trust implementations, on-prem-to-cloud migrations, will necessitate their own functional requirements and SLAs. It is important to set goals for these projects that are realistic, while also delivering substantial cost and efficiency improvements. 
  2. Don’t try to automate everything.  Automation projects succeed when there is a clear set of success criteria and a clearly defined and achievable scope. They often fail when trying to implement a process that will work in every scenario. A good example of this is in the change-request workflow. There are two places where time and resources can be saved in a change-request workflow: better requirements (less refinement of inputs) and reducing the wait time between individuals. Better requirements are generally achieved by focused training and more intuitive system design for a select group of users. 

    User and requirement creep tends to happen when relatively infrequent processes are folded into the project. This puts security organizations in a position where they spend significant time, effort and budget on automating processes that may only be encountered once or twice a month. This can delay the overall automation project and reduce ROI once it is complete, since significant resources will be invested for only marginal gains.

    Consuming project time to customize the workflow or software for a task that takes 10 minutes twice a month not only delays the overall project, but also causes stakeholders to question the overall value of the project. 

Let’s be honest: You’re almost certainly exploring automation to save money and time. Follow our next blog, for the last two steps to build your security policy automation roadmap. 

GUEST BLOG: Future proof with a cloud solution before it’s too late

960 640 Stuart O'Brien

Agile business models have never been more important – and for most MSPs the on-premises business is rapidly turning from predictable income stream to concerning business constraint. When it comes to cloud-based versus on-premises, the writing is on the wall – from the opex versus capex argument to better disaster recovery (DR) and enhanced security, most client businesses are heading into the cloud. So just how much longer can your business hold out, asks Mike Wardell, CEO, Giacom..

Cloud is Mainstream

When the majority of new software investment is Software as a Service (SaaS) based, any company still tethered to an on-premises only business model is radically limiting its market. And yes, while the existing client portfolio may still have a few years left to run with on-prem contracts, this is an inevitably dwindling revenue stream.

The fact is that most MSPs are coming under increasing pressure from clients for a cloud-based offering – and for good reason. SME CEOs and CFOs are increasingly aware that traditional on-prem solutions represent not only a financial compromise but also a significant business risk.

In the current uncertain economic situation, financial flexibility is essential. Given the lack of business confidence, capex is rarely an option; yet companies can also not afford to avoid investment essential to maximise new business opportunities. The opex SaaS model is compelling. Rather than the ‘just in case’ investment in storage or capacity or software licenses, the pay as you use cloud model enables SMEs to avoid wasted expenditure while providing the chance to rapidly scale up should business growth demand.

Business Protection

In addition to safeguarding company finances, many SMEs are also looking to the cloud to safeguard business operations. One in five small firms experienced a cyber-attack in the two years up to 2019 – that’s 10,000 attacks every day. From phishing to malware and ransomware, the speed with which the cyber-attack community evolves new threats is astonishing. SMEs simply do not have the resources in people, money or time, to adequately secure the business; nor can individual MSPs, however expert, safeguard clients’ on-prem business infrastructure.

The only way to combat this threat is to leverage the pooled knowledge of thousands of securityexperts operating collaboratively. From the use of artificial intelligence to identify unusual behaviour to email security products that can automatically remediate an identified threat by instantly removing it from every mailbox globally, cloud-based security solutions are leveraging the combined expertise of world leaders in a way that simply cannot be achieved with individual on-prem deployments.

The estimated £4.5 billion cost of these security attacks has also intensified SME awareness of the need for better Business Continuity and Disaster Recovery (BCDR). Typically such strategies have focused on the difficult issue of data backup and restore, and the time it can take to provide employees with access to vital information required to service customers.

Cloud completely changes the focus: cloud-based backup solutions enable vast data resources to be backed up in seconds and restored immediately. Organisations can instead begin to focus on the relocation of the workforce and the way dispersed teams could work together in the event of a disaster. Indeed, the adoption of cloud-based productivity and collaboration tools not only enable a far more flexible BCDR plan, they will also deliver significant day to day benefits, including flexible working policies.

Business Expansion

For MSPs, the growing SME awareness of the benefits of cloud computing is changing the business outlook. When new services and solutions can be provisioned within hours, organisations are less and less willing to incur the cost and upheaval associated with months of on-premises deployment. Add in the importance of flexible financial models and better business protection and the writing is on the wall: most clients will want some, if not all, services to be provisioned through the cloud.

Of course, for MSPs, the change is significant: from commercial models to technical and sales skills, moving to a recurring revenue based model requires both investment and a shift in thinking. But it’s essential for MSPs to recognise the cloud as an opportunity, not a threat. Yes, there is a very real risk that customers will be lost if an MSP cannot offer a cloud solution. But this is not just about meeting a client’s immediate cloud needs.

Working with the right CSP will also enable an MSP to add valuable options to the portfolio, like adding cloud security to existing security audit services, enhancing BCDR solutions or adding collaboration tools. The cloud offers a chance not only to retain existing customers but also significant opportunities to extend the business model, adding much needed new revenue streams.

Barracuda: Growing confidence and emerging gaps in cloud security

960 640 Guest Post

For modern organisations, digital transformation is increasingly the only game in town. CIOs are turning to multiple cloud providers in droves for new app-based models, driving enhanced business agility to meet ever-changing market demands.

Yet security remains a constant challenge. Web applications themselves remain a major target for data theft and DDoS. A Verizon report from earlier this year claimed that a quarter of the breaches it analysed stemmed from web application attacks.

So, what are organisations doing about it? Chris Hill, RVP Public Cloud and Strategic Alliance International at Barracuda Networks reveals some interesting findings from its latest research…

Cloud maturity grows

The survey of over 850 security professionals from around the world reveals a growing confidence in public cloud deployments. Over two-fifths (44 percent) now believe public cloud environments to be as secure as on-premises environments, while 21 percent claim they are even more secure. What’s more, 60 percent say they are “fairly” or “very” confident that their organisation’s use of cloud technology is secure.

This makes sense. After all, cloud providers are capable of running more modern, secure infrastructure than many organisations could in-house. That means customers benefit from the latest technology, accredited to the highest security standards, versus heterogeneous, legacy-heavy in-house environments. As long as they pick the right third-party security partners and understand the concept of shared responsibility in the cloud, cyber risk can be mitigated effectively. The cloud even offers more options for backup and redundancy to further minimise risk.

Yet this isn’t the whole picture. Respondents to the study are still reluctant about hosting highly sensitive data in the cloud, with customer information (53 percent) and internal financial data (55 percent) topping the list. They complain of cybersecurity skills shortages (47 percent) and a lack of visibility (42 percent) as hampering cloud security efforts. And over half (56 percent) aren’t confident that their cloud set-up is compliant.

Could some of these concerns be linked to web application threats?

Websites under attack

The truth is that web apps are a ubiquitous but often poorly understood part of the modern cloud-centric organisation. As a business-critical method of delivering experiences to customers and productivity-enhancing capabilities to employees, web applications are a major target for cyber-criminals looking to steal sensitive data and interrupt key business processes. A Forrester study from 2018 found that the leading cause of successful breaches was external attacks — the most common of which focused on web applications (36 percent).

Fortunately, Barracuda Networks’ survey finds more than half (59 percent) of global firms have web app firewalls (WAFs) in place to mitigate these threats. The most popular option is sourcing a WAF from a third-party provider (32 percent), which makes sense, as long as they can protect customers from the automated bot-driven traffic that dominates the threat landscape. Not all can.

Patching and configuring

However, a greater concern is the fact that many organisations don’t appear to be taking the threat of web application vulnerabilities seriously. The Barracuda study found that 13 percent of respondents claim they haven’t patched their web application frameworks or servers at all over the past 12 months. Of those that did, it takes over a third (38 percent) of them between seven and 30 days to do so. For a fifth (21 percent), it takes over a month.

This is the kind of approach that landed Equifax in a heap of trouble when it failed to promptly patch an Apache Struts 2 flaw, leading to a mega-breach that has so far cost has over $1.4 billion. It’s an extreme example, but it is one that highlights the potential risks for businesses.

Another potential area of risk with web application environments is human error. A massive breach at Capital One earlier this year affected around 100 million customers and applicants, and it was blamed on a misconfiguration of an open source WAF.

Some 39 percent of respondents told Barracuda Networks they don’t have a WAF because they don’t process any sensitive information via their applications. But attacks aren’t just focused on stealing data. They can also impede mission-critical services. WAFs are certainly not a silver bullet. But as part of a layered approach to cybersecurity, they’re an important tool in the ongoing fight against business risk.

Conclusion

Growing cloud confidence is enabling digital transformations across organisations of every shape and size. However, that confidence comes with a cautionary tale. Attackers are also zeroing in on vulnerabilities and weaknesses that may have been ignored in the past, and many organisations are unaware of how these multi-layered attacks can unfold from a single access point. Web application security and cloud security posture are the key weapons customers need to deploy in order to continue their digital transformations safely in the cloud.

To ensure you are secure in the cloud, here are some tips:

• Ensure you have WAFs protecting all your apps. Don’t assume that just because an app doesn’t appear to have outside visitor engagement that it can’t be used as an attack vector. Once any vulnerabilities are discovered, attackers will exploit them, and it may help them gain access to your network and more valuable resources.
• Don’t leave application security in the hands of your development team. They aren’t security experts, nor do you pay them to be — you pay them to build great products.
• Deploy a cloud security posture management solution. Not only will this eliminate many security risks and failures, along with providing your development team with necessary guardrails to “build secure,” it greatly simplifies remediation and speeds investigations when issues do arise.