Organizations are embracing cloud technologies, but keeping cloud environments secure must remain a top priority.
The cloud infrastructure market has expanded quickly in recent years, and that rapid expansion has brought with it several challenges for security professionals. How, in the midst of so many new and exciting solutions, can cloud environments be kept secure?
In its annual cloud security threat report, Symantec surveyed 1,250 security decision-makers worldwide to understand the state of cloud security maturity as organizations continue to race to adopt infrastructure as a service (IaaS). The results were sobering: 73% of respondents cited immature security practices for at least one incident, and only one in 10 respondents claimed they could adequately analyze cloud traffic. Not surprisingly, many security professionals expressed concern that, while organizations are quickly adopting cloud services because of the advantages they offer over traditional on-premises hardware, security controls are lagging behind.
Closing the gap
One of the IaaS services dominating the market is Amazon Web Services (AWS). In fact, a 2019 report by Canalys highlighted a 41% increase in overall market growth of AWS, which accounted for $2.3 billion since Q1 2018 alone.
As of September 2020, Amazon offered 173 different IaaS services, so it’s understandable that 93% of organizations surveyed by Symantec reported being underskilled when addressing cloud security. Security professionals are overwhelmed with learning how to secure a new type of infrastructure and might question where to start when attempting to lock down their organization’s Amazon cloud services. Strong fundamentals such as identity access management (IAM), infrastructure hardening and data protection, and organized and informative logging and monitoring controls can pay dividends as organizations continue to expand within the cloud.