Welcome to the cloud, where capabilities exist that security practitioners have long desired. Just ask Dave Herrald, senior security strategist at Google Cloud and a former CISO at a payment processes company.
These wants include: fast and accurate inventory, robust telemetry, granularity in how to apply security controls, programmability to support automation (as the cloud is naturally API driven), and continuous authentication and authorization. The less desired part is understanding how these capabilities exactly function and how to optimally take advantage.
But arguably the most worrying challenge facing organizations when it comes to the cloud is security. The cloud changes your security boundaries, and traditional, on-premises-focused controls may not be adequate to prevent or mitigate cloud-specific threats, especially around identity. (To help protect organizations, Google Cloud, for example, offers services that automatically and in real time analyze every IAM grant to detect outsiders being added.)
All these threats, of course, lead to increased risk, bolstered by organizational tendencies to hit the gas on cloud adoption, which in turn forces security teams to rush when preparing for the increase in workload, spikes in alert and log volume, and required updates to tooling. When visibility isn’t built to scale in the cloud, security suffers, and analysts can become easily overwhelmed.
How can you succeed in the cloud’s new detection (and response) context, architect a more resilient cloud, keep SOC teams less frustrated and more upbeat, and most of all leverage the cloud to kickstart your security operations transformation? In the below video, Herald boils down a very big conversation—cloud security—into something salient and actionable. Enjoy!