Strategy Before Tactics: Getting Your Cloud Security Playbook in Order

Cyber Attack, Shown Step by Step

Get inside a real enterprise breach investigation

Learn MoreMore

The conversations are evolving, the threats are advancing, and the strategies are shifting. Cloud adoption has surged forward in recent years, with 93 percent of companies now using cloud technology in some form or another. But far less than that have a proper cloud security strategy in place, and that means they are vulnerable to threats. Here’s where cloud security stands today.

Today’s Cloud Security Constraints

In a perfect world, companies would have the time to develop an ironclad cloud security strategy (ideally before they even migrate to the cloud). But security and ops teams often only have enough time in the day to focus on managing and responding to threats, not developing and implementing robust prevention or mitigation strategies.

That’s why, more often than not, companies opt for a subordinate tactical solution: Throw a product or feature at the security problem and move on. Zero-day attack uncovered? Cover it with the latest patch. Worried about a rogue ex-employee? Implement the latest user access controls. Need to report on network activity? Build audit trails. But with an ad-hoc approach like this, there is little to no focus on the big picture — certainly there’s no comprehensive strategy.

The Flaws In A Tactical Security Approach

At face value, the tactical approach seems like a sound solution, but when applied in real cloud environments, it is far from adequate. So why has this way of doing security spread like wildfire? Put simply, this piecemeal system has been driven by the need to meet compliance regulations and requirements (HIPAA, SOC 2, PCI, SOX, ISO, anyone?). Solving for one checkbox at a time often results in companies purchasing a number of point solutions (e.g. CloudTrail, HIDS and NIDS products) to quickly “satisfy” these regulations and requirements or solve for the latest threat. Left with dozens of point solutions (or even more), companies have to ask themselves:

  • Do these tools play well together?
  • Is the collective information they provide actionable?
  • Are they easy to manage in conjunction?

More often than not, the answer to these questions is a resounding, “Nope!” In the end, this approach often hurts organizations more than it helps them. With handfuls of disparate tools, unmanageable logins and a lack of visibility across these tools, problems go unnoticed and frustration runs rampant among security and ops teams.

Considering today’s volatile threat landscape, companies need to instead adopt an inverse approach to their cloud security strategy. Below, we explain what that means.

Developing a Strategy-First Approach

The reasons why the tactical approach doesn’t work are pretty obvious. And the need for a more mature, proactive, and strategic security initiative is logical. But as the saying goes, it’s easier said than done.

In an ideal world, cloud security should look more like this:

  1. Develop a comprehensive security strategy
  2. Carefully select the security platforms which support that strategy
  3. Build out the security program using the tools and controls outlined in the strategy to achieve the desired security outcome
  4. Everything goes as planned and nothing ever gets hacked

In the real world, it’s often a matter of scrambling to patch holes in your cloud environment long after vulnerabilities have been exploited. Here’s the good news, though: Since a large majority of companies are now on the cloud, IT professionals can shift their focus from encouraging cloud adoption at their organizations to building a strategic cloud security protocol.

When you don’t build a security strategy before you get started in the cloud, it’s like going on a road trip without deciding where you’ll go or how you’ll get there. Developing a strategy for security before moving to the cloud is like plotting out your destination and then using GPS to get there. Not only will you navigate more efficiently, but you’ll know where the heck you’re supposed to end up. And while a spontaneous road trip with no plan in mind might be fun in the world of Airstream trailers and Pinterest dreams, not planning ahead can get you into big trouble in the cloud.

Starting at the strategy level allows you to invest in security platforms that support your entire infrastructure rather than cobbling together single point solutions. Comprehensive platforms span a far greater spectrum of capabilities and visibility, tightly integrating features and workflows from the get-go so you can get up and running in much less time. Contrast that to point solutions, which require your team’s time and resources to integrate, build, and learn.

Your Cloud Security Playbook

Inverting your approach to cloud security is no easy feat if you’ve already gone down the tactical path. And even for those who are starting from scratch, it might feel like you’re going down a rabbit hole when you start to realize the sheer volume of cloud security tools out there.

We set out to make this whole process easier by developing the official Cloud Security Playbook to help companies adopt a strategy-first approach. This new playbook lays out what cloud security looks like today, details a strategy you can base your own cloud security strategy on and provides a process and platform to tie it all together.

To stay current on all the latest cloud security news, read our list of the top cloud security blogs.

Cyber Attack, Shown Step by Step

Get inside a real enterprise breach investigation

Learn MoreMore