With workloads expanding across the cloud, attacks are on the rise. Here’s how businesses can stay ahead of threats.
Distributed cloud workloads are a double-edged digital sword. While they cut through the limitations of legacy tools and onsite services, they also complicate security.
In a post-pandemic world now powered by business operations in the cloud, threats are on the rise. From increased attack surfaces to limited visibility and Everything as a Service frameworks that create multiple compromise points, companies need a safety-first approach that helps them stay ahead of security threats. Here are three ways organizations can take control of their cloud environments.
- Better Security Requires Greater Access to Threat Intelligence
Better security starts with better information about threats. But what exactly does this mean, and how can businesses get it?
“Threat intelligence is about the signals and information that you collect from various tools,” says Fleming Shi, CTO at Barracuda Networks. “Based on those signals, you can have correlated information that allows you to drive your response.” He points to familiar phishing attacks. “Threat intelligence helps businesses determine the intent of phishing efforts, why your company was targeted and the overall risk involved.”
Solutions such as Barracuda’s Advanced Threat Protection can help companies pinpoint potential threats and take action before a compromise occurs. “Since 2004, we’ve made sure that our products are data-driven,” says Shi. “It’s about bringing the signals, creating the information and stopping the threats. With our new threat intelligence microservices, we can capture threat intelligence signals across more than 300,000 organizations and make this data available to all customers.”
- Improving Overall Security with Cloud-Based Defenses
It’s also critical for companies to implement cloud-based defenses capable of handling threats at scale.
Shi notes that these defenses are different than those used for on-premises networks. Consider firewalls. “Most of what businesses built was connecting perimeters, but a cloud-based next-generation firewall is perimeterless because you have central hubs that connect workloads across the cloud and along the edge of your network,” he says.
As a result, companies need firewall solutions that go beyond whitelisting and blacklisting to ensure inter-cloud connections are secure. The Barracuda CloudGen Firewall provides frictionless, cloud-hosted advanced threat protection to help detect and block advanced threats, including zero-day and ransomware attacks.
He also highlights the dynamic nature of these firewalls. “What we see in the future is going beyond just IP-based solutions to give companies the ability to control flows and change routes, while on the edge we see an evolution of zero-trust network architecture,” says Shi. “The difference is that we’re taking away the network, since the need for zero-trust access is everywhere.”
Shi also recommends the use of strong web application filters capable of preventing attacks on software applications by limiting the risk of lateral movement, along with the adoption of security posture management to help reduce the blast radius if services are compromised.
Threat intelligence helps businesses determine the intent of phishing efforts, why your company was targeted and the overall risk involved.”
- Multicloud Environments Need Centralized Security Management
The growing number of attacks coupled with the expanding volume of cloud services speaks to the need for centralized security management that helps businesses sort through the noise and find the right signal.
“One thing we need to pay attention to is the data set that you’re operating on,” says Shi. “While many companies buy security information management (SIM) tools to check the compliance box, there are now extended detection and response (XDR) solutions that allow teams to correlate data, derive insights from threat intelligence signals and reduce the amount of data sifting required to deliver actionable insights.” XDR platforms are also capable of learning about new threats to reduce the time required between detection and action.
For example, the Barracuda XDR solution combines extended visibility with comprehensive detections mapped to the MITRE framework along with global threat intelligence, all backed by 24/7/365 security operations center support.
Cloud threats are here to stay. To keep ahead of them, businesses need a safety-first approach that implements threat intelligence, bolsters cloud defenses and delivers centralized security management.