James P. Courtney, Certified Chief Information Security Officer Courtney Consultants
“IT’S SURPRISING THAT MANY LARGE ORGANIZATIONS STILL MANUALLY CHECK EACH CONTROL THEY USE. IN A CLOUD ENVIRONMENT OPERATING AT SCALE, THAT BECOMES AN IMPOSSIBLE TASK.”
When it comes to cloud security, everyone in the organization — not only the security department — needs to feel ownership responsibility for security. There are too many ways human error can introduce vulnerabilities into the system. Only with the mindset that security is a collective effort will you be able to control the variables needed to secure your environment.
One of the biggest challenges in cloud security is verifying that the controls you put in place are actually working. It’s surprising that many large organizations still manually check each control they use. In a cloud environment operating at scale, that becomes an impossible task.
There are tools available to automate this process. They monitor and analyze all the security tools you have in place to verify they are performing as expected.
For example, if you implement a firewall in your environment and you expect it to have a certain level of traffic, the tool can verify that and alert you if it is not behaving as expected. This kind of continuous, active monitoring is essential in a continuously changing cloud environment.
This is an excerpt from the Container and Cloud Security Series. This series was generously sponsored by Lacework.
