Dr. Erdal Ozkaya
Search
  • Home
  • Video Tutorials
  • The Evolution of Cloud Security – PodCast 2021

The Evolution of Cloud Security – PodCast 2021

THE EVOLUTION OF CLOUD SECURITY – Dr Erdal Ozkaya
Erdal2022-05-05T01:19:19-04:00

The Evolution of Cloud Security Then Now & to Come

Table of Contents

  • The Evolution of Cloud Security Then Now & to Come
  • THE EVOLUTION OF CLOUD SECURITY
  • What is cloud computing?
    • Information Security Transformation
    • Cloud and Customer responsibility sharing
  • For more events:

This is the audio-only version of our cyber security talk show, teissTalk.

  • Key phases, use cases and requirements for cloud security
  • What cloud security meant in the past; how we are defining cloud security today; and what we believe cloud security will mean for us in the future.
  • What’s the best way of developing a consistent organization view of cloud risks to make well-informed decisions about vendors and services?

Speakers:

John Opala, Vice President of IT Security, McCormick & Company

Edd Hardy, Senior Vice President Cyber Security, AlixPartners

Dr Erdal Ozkaya, Regional Chief Information Security Officer, Standard Chartered Bank

and

Paul Baird, Chief Technology Security Officer, UK, Qualys

This episode is hosted by Jenny Radcliffe

THE EVOLUTION OF CLOUD SECURITY – Dr Erdal Ozkaya
THE EVOLUTION OF CLOUD SECURITY –

Listen to the Podcast Here

For more info:

https://www.teiss.co.uk/teisstalk/the-evolution-of-cloud-security-then-now-and-to-come/

 

 

THE EVOLUTION OF CLOUD SECURITY

What is cloud computing?

Cloud Security
Cloud Security

According to NIST 800-145 definition, the cloud main characteristics is being on demand service, broad network access, resource pooling, rapid elasticity and measured service. Does this definition help us as security professionals? As you can see the driving factor for cloud was mainly productivity, availability and resiliency which is perfectly fine, but the security is missed in this equation.

The problem is once you move to the cloud and start consuming services, it become an endless project. The migration or extension to cloud services will add more tools, computers, servers, applications to your current IT portfolio. In other words, a totally new open surface of attack or a new network perimeter that you need to secure.

Introducing the cloud to your current IT environment will add more challenges to your environment as follows:

  1. Integrations of new applications and existing ones (which maybe be obsolete or in-house developed).
  2. Manageability of assets on-premise and in the cloud
  3. Data flowing between your on-premise environment and cloud devices and applications. Remember the new privacy and information regulations as GDPR.
  4. Different silos of process and tools

This is a complete transformation and on top of it, security is shaped to tackle all these challenges.

Information Security Transformation

Most of the businesses are transforming to the new digital by using the latest technologies. One of the main reasons of this transformation is to compete with digital native startups. New digital startups are disrupting the business and forcing their competitors either to move to new digital business or simply exit the market.

This new IT and digital world will provide both challenges and opportunities for information security. While the challenges are significant as we discussed earlier, there is also a huge opportunity to solve longstanding security problems using the new technology and platforms and on top of them is the cloud.

It’s very clear now with the above-mentioned challenges that the old network perimeter is changing. Back in the old days your perimeter was your office network, you need to check in your office and connect to the network to start accessing and working on your data and files. Now with cloud the network perimeter dissolved. Users can access and work from anywhere on almost any device and platform.

This new modern perimeter is the identity perimeter which means the main protection is the identity controls used to protect your data (Information assets) and your end point devices. This requires a new architecture mindset based on the famous cloud/customer cloud responsibility matrix.

Cloud and Customer responsibility sharing

Some users think that moving to the cloud will make them more secure by default while others think they are even more vulnerable and the truth it’s a shared responsibility between both parties. Cloud will definitely offer better security options but again the user must use it and sometimes configure it to get the best out of the cloud.

Let us take the Software as a Service example (SAAS) which is one of the most common models of leveraging the cloud. According the below Cloud/Customers responsibility matrix, three main areas for customer responsibility are as follows:

  1. Identity Protection
  2. Information protection
  3. Endpoint protection

Source:

Identity Protection which is very crucial means more investment in Privilege Access Management software, getting rid of old legacy identities, adopting IAM solutions that support single sign-on (SSO) and leverages protocols like (SAML) to integrate with third parties and other partners, use of Multi-factor authentication since password alone will not be sufficient anymore to protect your account and finally quality monitoring of all connections and authentications to your system with proper alerting system.

Endpoint Protection which requires cross platform management solution to manage any client on any platform, sound endpoint protection solution with endpoint detection and response capabilities (EDR), device compliance solution to ensure all connected devices are healthy and again on top of these your monitoring solution.

Information Protection which is the most critical moving part and the responsibility falls on the customer only as the sole owner of these information. Adapting a cross platform solution to scan your resources, classify, label data/files, protect them (encryption for example) and then monitoring the usage of this information on any platform.

As you can see with the SAAS model, the customer side should take care of key areas and rely on the cloud service provider on other areas as hardware, datacenter, applications, patching and maintenance. This is the real benefit of cloud.

Conclusion

Cloud is real opportunity but a challenge for us as security professionals. It’s not just someone else computer accessed remotely but rather a new mind shift with new process, technologies, tools and more importantly operations. It cannot be treated as traditional IT environment otherwise we will not only miss the cloud benefits but might be open for more different threat vectors.

Ahmed Nabil

For more events:

https://www.erdalozkaya.com/category/free-events/

The Evolution of Cloud Security Then Now & to Come

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *


Related Posts

How hackers hack via Phishing (Free Video 2 watch)

How hackers hack  Erdal Ozkaya YouTube (more…) read more
Virtualization Jumpstart Erdal Ozkaya

Virtualization Jumpstart – Free Short Course – Part 4

Virtualization -Jumpstart Lecture 4: Configuring and managing data centres with Microsoft - Configuring and managing data centres with VMware - Why Microsoft virtualisation Why... read more
Hacking Countermeasures Erdal Ozkaya

Hacking Countermeasures – Free Hacking Training Part 1

Hacking Countermeasures - Free Hacking Training Join Charles Sturt Universities course for FREE:  Module 1: Introduction to Hacking Countermeasures Module 2: Foot printing... read more

Social Media Security : Learn 4 Free

Social Media Security In this eye-opening journey, venture into the very heart of social media platforms to discover how they really... read more

Hping to launch a DOS attack – Free VIDE0

Hping to launch a DOS attack How do hackers use "Hping3" to launch DOS attack?  This demo only video should help... read more
Digital Transformation Summit Dr Ozkaya

Importance of Cybersecurity during Digital Transformation : Free Vide0 Training

Importance of Cybersecurity during Digital Transformation Here is my session from the Digital Transformation Summit : Enjoy https://youtu.be/T8S2jv_GNbk Watch it in  You Tube : https://youtu.be/T8S2jv_GNbk More... read more
Windows 10 Security in Real Life

Windows 10 Security in Real Life

As a Network Administrator, do you wonder how Windows 10 can help you protect against everyday security threats?... read more
Network Security Administrator Erdal

Network Security Administrator (ENSA) Free Certification Week 2

Network Security Administrator Lecture 2: Security Standards Security Policy Network Security Threats DEMO: Network security threats from real life Delivered by Erdal Ozkaya Week 1 : https://www.erdalozkaya.com/network-security-administrator/ ... read more

Is remote working the future of work in the UAE , Free Webinar :0

Is remote working the future of work in the UAE I will be speaking on PI Media Group's Digi Talk... read more
Network Forensics Erdal Ozkaya

Network Forensics – Learn 4 Free

Network Forensics https://youtu.be/oq_N9yW9m3w   Network Forensics Explore network forensics, along with case studies, best practices, and online analysis techniques. More Video's    This is the 3th... read more

Categories

  • About Dr Erdal Ozkaya (300)
    • Awards (97)
    • Erdal in the news (121)
    • Feedback (88)
    • My Books (53)
    • Who is Dr Erdal Ozkaya ? (2)
  • Announcemets (305)
  • Artificial Intelligence AI (11)
  • Certification (52)
  • Cloud Computing (73)
  • Cybersecurity (325)
  • Cybersecurity Leadership (58)
  • Digital Transformation (2)
  • Financial Sector (31)
  • Forensics (17)
  • Free Events (166)
  • General (138)
  • How to …? (61)
  • ISO 2700x (12)
  • News (38)
  • Reviews (77)
    • Book Reviews (32)
    • Free E-Books (14)
    • Hardware Review (9)
    • Security Review / Reports (10)
    • Software Review (8)
  • Siber Güvenlik (17)
  • Video Tutorials (101)
  • What is new? (27)
  • Windows (30)

Recent Comments

  • Sabri Kızmaz on Finans Sektörü Odaklı Siber Tatbikat
  • celal bayar on Finans Sektörü Odaklı Siber Tatbikat
  • Erdal on Free EDR Certification Training
  • SANDEEP SHRIVASTAV on Free EDR Certification Training
  • Alicia Harlow on Core isolation Memory Integrity not available – (Get it fixed)

Archives

Dr. Erdal Ozkaya © Copyright 2023. All Rights Reserved.