Light Dark
February 8, 2021 By David Bisson 3 min read
Cloud Security

Like anyone who works with their hands, cybersecurity experts need the right tools for the job. As we’ll see in this blog and the series to follow, cloud-based threats need cloud native tools to combat them. Traditional security tools don’t provide the same level of functionality in the cloud as they do on premises.

According to GlobeNewswire, 82% of respondents to a 2020 study said their tools either provided limited functionality in the cloud or didn’t work at all. How is cloud security different, and what needs to be done to implement it?

These questions are critical because businesses are migrating their workloads to the cloud more and more. Almost a quarter of respondents to a May 2020 survey expected to move all of their applications to the cloud over the next 12 months. In addition, 68% of chief information officers (CIOs) considered “migrating to the public cloud and/or expanding private cloud” to be their top IT spending driver in 2020.

Common Myths About Cloud Native Tools

Despite the eagerness for migrating to the cloud, many organizations don’t completely understand the process of doing so. Approximately one-third (32%) of respondents surveyed consider migrating security tools to the cloud to be too difficult or too risky. Even so, nearly half (46%) of respondents say they would rather migrate on-premise products to the cloud rather than replace them with cloud security tools.

But since classic tools don’t cut it, that’s getting cloud protection all wrong.

Traditional Network Security Versus Cloud Security

Protecting the cloud is different from protecting on-premises data by nature. With the latter, the enterprise has sole responsibility for defense. They own the base IT landscape. This means they must put physical controls in place to prevent malicious actors from gaining access to their data center(s).

This full control means organizations can configure their systems and networks in any way they like. That has its pros and cons. In an effort to protect the resulting network layers, they could end up investing in disjointed and costly tools. They could also find themselves paying for more employees or external consultants who have the expertise to deploy those tools and keep their data safe.

On the other hand, the enterprise doesn’t have complete control over their defenses in the cloud. They’re bound by the shared responsibility model. We’ll talk about this more later, but for now the key is that it requires a partnership with an outside provider. That cloud service provider (CSP) protects the infrastructure that runs the services in its cloud. Meanwhile, it’s up to each enterprise to put defensive controls in place that secure their infrastructure configurations, applications and/or data.

Knowing what’s required of each group under the shared responsibility model and where cloud native tools fall can be confusing. A 2020 study found just eight percent of respondents fully understood this model across all cloud services — down from 18% a year earlier. As a result, organizations might miss out on some cloud native tools, such as application programming interface-driven automation and specialized security options, that they might not find for their on-premises assets They might also overlook their duties, such as the need to find a trusted provider that allows for compliance with relevant rules.

Fighting Cloud-Based Threats With Cloud Native Tools

Enterprise can’t achieve good defense in the cloud using only classic tools. Many of those tools don’t work in cloud landscapes. Also, they assume a level of control that enterprise doesn’t have in the cloud. That’s why they need to turn to native cloud security tools.

It’s a bit more nuanced than that, however. You can’t choose just any cloud-based solution. You need to fully understand your defense needs.

To help in that regard, the next blog post in this series will provide some background on the shared responsibility model. We’ll discuss how defensive roles vary depending on what cloud deployment model you’re using. As we’ll find out, you can then discover a cloud-based security solution that works for you.

 |  |  | 
David Bisson
Contributing Editor

More from Cloud Security
November 1, 2023

What is data security posture management?

3 min read - Do you know where all your organization’s data resides across your hybrid cloud environment? Is it appropriately protected? How sure are you? 30%? 50%? It may not be enough. The Cost of a Data Breach Report 2023 revealed that 82% of breaches involved data in the cloud, and 39% of breached data was stored across multiple types of environments. If you have any doubt, your enterprise should consider acquiring a data security posture management (DSPM) solution. With the global average…

October 19, 2023

Endpoint security in the cloud: What you need to know

9 min read - Cloud security is a buzzword in the world of technology these days — but not without good reason. Endpoint security is now one of the major concerns for businesses across the world. With ever-increasing incidents of data thefts and security breaches, it has become essential for companies to use efficient endpoint security for all their endpoints to prevent any loss of data. Security breaches can lead to billions of dollars worth of loss, not to mention the negative press in…

October 3, 2023

The importance of Infrastructure as Code (IaC) when Securing cloud environments

4 min read - According to the 2023 Thales Data Threat Report, 55% of organizations experiencing a data breach have reported “human error” as the primary cause. This is further compounded by organizations now facing attacks from increasingly sophisticated cyber criminals with a wide range of automated tools. As organizations move more of their operations to the cloud, they must also become increasingly aware of the security risks and threats that come with it. It’s not enough anymore to simply have a set of…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature