Digital transformation and cloud computing have been key initiatives for enterprises over the past decade. Led by cloud providers such as Amazon Web Service and Microsoft Azure, enterprises have increasingly shifted applications, workloads, and data to these platforms as part of their digital strategy. For most companies, this strategy has paid off handsomely, delivering enormous gains in business efficiency and innovation. Without question, however, innovations can also bring new challenges from a cybersecurity perspective as technological advancement often outpaces the speed at which companies can implement the necessary controls to defend their critical assets.
The burning question at hand is: Is your cybersecurity strategy keeping up with your accelerated cloud adoption?
In partnership with Enterprise Management Associates (EMA), IronNet commissioned a study to better determine where organizations are in their journey to secure cloud-based assets. This study examines how enterprises have responded from a cybersecurity perspective to cloud security and the ways in which security teams, developers, and operations teams have matured their processes to accommodate the development and operations of cloud-first applications. It also examines some of the continued challenges with risk mitigation in cloud, especially around the visibility gaps, operational challenges, and the common misunderstanding of the shared responsibility model between the enterprise and cloud provider. In other words, who is the final arbiter of ensuring security of assets in the cloud?
Key findings in the study include:
- More than half of respondents cited average-to-below-average visibility of their organization’s use of SaaS, PaaS, and IaaS across the enterprise;
- Fifty-eight percent (58%) of large enterprises (5000+ employees) reported average-to-below-average collaboration between developers and security teams; and
- Sixty-three percent (63%) of respondents mistakenly believed that the cloud provider was responsible for the security of their virtual networks.
While there is no doubt that digital transformation initiatives and a cloud computing strategy provide immense benefits to enterprises, there tends to be a lag between the adoption of new technologies and an enterprise’s ability to properly secure its cloud-first efforts. Of course such a disconnect often arises with all major technological paradigm shifts. As organizations continue to increase migration of workloads and data to the cloud, Network Detection and Response (NDR) solutions such as IronDefense therefore become an increasingly important part of the security equation, enabling a visibility solution for enterprises as they accelerate both digital and digitization efforts.
The ability to monitor network traffic across multi-cloud, private cloud, and on-premise networks, as enabled by NDR, is critical to cyber defense and cyber risk mitigation. Just as important, the ability to correlate detected anomalies across peer-enterprises, cloud-providers, supply chains, and other business ecosystems using a collective security approach can help enterprises mitigate risk by providing insights to attack campaigns and emerging threats targeting their cloud infrastructure.
Overall, enterprises have come a long way in their journey to the cloud and have made tremendous progress in improving their ability to defend their cloud infrastructure. Given the rapid pace of innovation, however, there is still room from improvement from a cybersecurity strategy perspective necessary to keep pace with the speed of innovation.
To learn more about this study, download the EMA/IronNet report today.