• Disclosure
  • Privacy Policy
  • DMCA Policy
  • CCPA
  • Medical Disclaimer
  • Contact
  • About
Thursday, June 30, 2022
Maryland Digital News
  • Home
  • US
  • Business
  • World
  • Baltimore
  • Columbia
  • Germantown
  • Waldorf
  • Silver Spring
  • Frederick
  • Press Releases
  • Videos
No Result
View All Result
  • Home
  • US
  • Business
  • World
  • Baltimore
  • Columbia
  • Germantown
  • Waldorf
  • Silver Spring
  • Frederick
  • Press Releases
  • Videos
No Result
View All Result
No Result
View All Result
Home Frederick

An Optimistic Outlook For 2022: Cloud Security Vulnerabilities Are 100% Preventable

by NewsReporter
January 6, 2022
in Frederick
Reading Time: 9 mins read
an-optimistic-outlook-for-2022:-cloud-security-vulnerabilities-are-100%-preventable
Share on FacebookShare on Twitter

Josh Stella, Fugue CEO, Explains How to Eliminate the Top Cause of Cloud Data Breaches

FREDERICK, Md., January 06, 2022–(BUSINESS WIRE)–In brief video explainers and commentary, Josh Stella, co-founder and CEO of Fugue, the cloud security SaaS company, talks to business and security leaders about the new security paradigm that cloud computing has created and debunks the long-standing myths that compel organizations to rely on outdated, ineffective security measures that do little to prevent cloud data breaches.

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20220106005555/en/

Predicting that more enterprises will suffer a cloud data breach in 2022 is not exactly going out on a limb. Migrating IT systems and applications out of the data center to cloud computing platforms is a tenet of an effective digital transformation strategy. But in their rush to the cloud, too many organizations fail to identify the security risks that are unique to cloud computing, primarily misconfigurations.

In the past year, 36% of companies suffered a serious cloud security leak or breach due to cloud misconfiguration, according to The State of Cloud Security 2021 Report. Gartner expects that through 2023, at least 99% of cloud security failures will be the customer’s fault, mainly in the form of cloud resource misconfiguration.

However, there’s reason for optimism in the new year: These vulnerabilities are 100% preventable. Mounting an effective defense against hackers constantly on the hunt for cloud misconfigurations requires security professionals to go beyond the traditional tools and methodologies they have long relied on to secure data centers.

Cloud Security Myth No. 1: The Cloud Is a Data Center in the Sky

First, it’s critical to understand just how different the cloud infrastructure is from the data center infrastructure. Developers and engineers can now build their own infrastructure as needed, instead of waiting for the data center team to do it for them. That means they can make their own infrastructure decisions — including security-critical configurations — and then change them constantly. And every time they do, they create the risk of a misconfiguration left open to attack.

Cloud computing is driven by application programming interfaces (APIs) — the software “middlemen” that allow different applications to interact with each other. This eliminates the requirement for constructing and maintaining a fixed IT architecture in a centralized data center. It also means that you cannot apply the data center security model of erecting an outward-facing barrier around the network perimeter to block incoming attacks.

Security in the cloud is a function of design and architecture, not just monitoring and intrusion detection. One hundred percent of the time, hackers are trying to get to the control plane APIs. The traditional data center risks of network penetration and the slow exfiltration of data have become irrelevant to cloud security because, by the time you’ve detected suspicious activity, the damage has likely been done. You must turn your attention to the control plane to prevent hackers from acquiring your API keys.

Cloud Security Myth No. 2: The Security Team Alone Can Fix It

When developers build applications in the cloud, they’re also building the infrastructure for the applications as opposed to buying a pile of infrastructure and shoving apps into it. That process is done with code, which means developers own that process, and this fundamentally changes the security team’s role.

In a completely software-defined world, security’s role is that of the domain expert who imparts knowledge to the people building stuff — the developers — to ensure they’re working in a secure environment. The way you can do that is with Policy as Code, which enables your team to express security and compliance rules in a programming language that an application can use to check the correctness of configurations.

Policy as Code is designed to check other code and running environments for unwanted conditions for things that should not be. It empowers all cloud stakeholders to operate securely without any ambiguity or disagreement on what the rules are and how they should be applied at both ends of the software development life cycle (SDLC).

Cloud Security Myth No. 3: Cloud Security Needs a Human Touch

At the same time, Policy as Code automates the process of constantly searching for and remediating misconfigurations. There are no other approaches that in the long run are successful at this because the problem space keeps growing. The number of cloud service offerings keeps increasing as does the number of deployments you have and the amount of resources you need to secure. And so you must automate to relieve security professionals from having to spend their days manually monitoring for misconfigurations and enable developers to write code in a way that is flexible, that can be changed over time, and that can incorporate new knowledge, such as the latest big data breach that makes news headlines.

To have a holistic response, one that actually works and isn’t merely security theater, you need to use Policy as Code enforced at the development phase, in the continuous integration/continuous delivery (CI/CD) pipeline, and in the runtime. And as you gain maturity, these things can then be institutionalized and built into your processes so that it’s all automated.

What Success Looks Like

Organizations that have implemented effective cloud security programs share some characteristics that any enterprise can emulate to harden their cloud security postures:

  • Know the Environment: Gain constant situational awareness about what is happening in the cloud. That means doing more than conducting a weekly or quarterly audit. The hackers are also deploying automated tools to search for and exploit misconfigurations as soon as they appear. So knowing the environment is critical to securing cloud infrastructure.

  • Focus on Prevention: Shift your security mentality away from trying to detect intrusions in real time. You’re not going to be able to, and by the time you do, the hackers will have taken everything they want anyway. Prevention is your only hope in cloud security because the hacks are too fast and too difficult to notice as they’re occurring.

  • Empower Developers: Enlist the developers in the process by empowering them with tools. After all, since you’re now focusing on prevention, who is better positioned to prevent misconfigurations than the developers and engineers who are building these applications and systems? The way you do that is by giving them the right tools, specifically, Policy as Code.

  • Measure and Repeat: Successful organizations quantify how successful they’re being at preventing hacks that could potentially happen and using that data to improve their processes.

Knowledge Is Power

Executives need to be more aware of the unique risks the cloud presents to their organizations, not simply believe they’re secure because somebody on their team following a vendor’s checklist says they are. Unfortunately, we see this a lot in the cloud security marketplace.

Many vendors are not really doing much to protect you against real hacks, they’re more concerned with helping security professionals present checked boxes to executives to make them feel better. That works until a hacker inevitably discovers a cloud misconfiguration and causes a devastating data breach.

To create a holistic response that actually works and isn’t security theater, think of the vulnerabilities that are manifest in your cloud environment as a virtual hole you’ve dug as your cloud infrastructure has expanded. The first thing you need to do to fill that hole is to gain a full understanding of its dimensions and depth. At the same time, you need to stop the DevOps teams from digging the hole again. The right way to do this is with Policy as Code.

Cloud Breaches Are Due to Design Failures

In this short video, www.youtube.com/watch?v=97Io9KVm0Ow, Josh Stella explains that every major cloud breach involves hackers exploiting flaws in the design of the system. He describes cloud security as a function of design and architecture, not monitoring and intrusion detection, because by the time you’ve detected something, the damage has already been done.

About Josh Stella

Josh Stella, co-founder and CEO of Fugue, is a technical authority on cloud security. Bringing 25 years of expertise as a chief technology officer, principal solutions architect at Amazon Web Services, and advisor to intelligence agencies, Josh founded Fugue in 2013 to help companies proactively change the security paradigm and get ahead of the hackers. He wrote the first book on “Immutable Infrastructure,” holds numerous cloud security technology patents, and hosts complimentary Cloud Security Masterclasses. Connect with Josh on LinkedIn and via Fugue at www.fugue.co.

About Fugue

Fugue is a cloud security SaaS company enabling regulated companies such as AT&T, Red Ventures, and SAP NS2 to ensure continuous cloud security and earn the confidence and trust of customers, business leaders, and regulators. Fugue empowers engineering and security teams to automate cloud policy enforcement and move faster than ever before — without breaking the rules. Since 2013, Fugue has pioneered the use of policy-based cloud security automation and earned the patent on policy as code for cloud infrastructure. For more information, connect with Fugue at www.fugue.co, GitHub, LinkedIn and Twitter.

All brand names and product names are trademarks or registered trademarks of their respective companies.

Tags: Fugue, cloud security, SaaS, Josh Stella, ransomware, policy as code, cybersecurity, cloud, infrastructure as code, open source, cloud security automation, network configuration, cloud configuration, cloud misconfiguration, data breach, application programming interface, API

View source version on businesswire.com: https://www.businesswire.com/news/home/20220106005555/en/

Contacts

Media Contact:

Dottie O’Rourke

TECHMarket Communications

(650) 344-1260

[email protected]

Read More Here

Related Posts

elon-musk-offers-to-buy-twitter

Elon Musk Offers To Buy Twitter

by NewsReporter
April 14, 2022
0

News Print & Digital Palmeri’s decision to exit comes after brass at the political journalism company moved her off its marquee product, “Playbook.” Published 8 mins agoon April 14, 2022 Politico Tara Palmeri is leaving Politico as its national correspondent as The Daily Beast reports she’ll be heading to subscription-based digital startup Puck.  Palmeri’s decision...

calvert-hospice-honors-vietnam-veterans-on-national-vietnam-war-veterans-day-–-the-baynet

Calvert Hospice Honors Vietnam Veterans On National Vietnam War Veterans Day – The BayNet

by NewsReporter
April 13, 2022
0

Pictured (top photo L to R): Jack Fringer (US Army ret.), Amy Szatanek (Director of Patient & Family Services, Calvert Hospice), Theresa Paserb (US Navy ret.), Leilani Steward (National Guard), Barb Sweredoski (US Navy ret.), Theresa Harmon (RN Case Manager, Calvert Hospice), William Miller (Chaplain, Calvert Hospice, US Navy veteran),...

daily-business-report:-tuesday,-april-12,-2022,-san-diego-metro-magazine

Daily Business Report: Tuesday, April 12, 2022, San Diego Metro Magazine

by NewsReporter
April 12, 2022
0

Northrop Grumman and AT&T partner to develop a digital battle network Northrop Grumman Corporation and AT&T have entered into a collaboration agreement to research and develop a digital battle network, powered by AT&T 5G and Northrop Grumman’s advanced mission systems, to support the U.S. Department of Defense (DoD).  The collaboration brings together...

frederick-county-covid-19-memorial-being-built

Frederick County COVID-19 Memorial Being Built

by NewsReporter
April 11, 2022
0

April 11, 2022 - 6:22 am Jan Gardner It will be in Utica Park in Frederick. Frederick, Md. (NS) – A memorial to recognize COVID-19’s impact on Frederick County is in development. County Executive Jan Gardner said a location has been picked out in Utica Park. “We wanted a place...

Maryland Digital News

© 2021 Maryland Digital News

Navigate Site

  • Disclosure
  • Privacy Policy
  • DMCA Policy
  • CCPA
  • Medical Disclaimer
  • Contact
  • About

Follow Us

No Result
View All Result
  • Home
  • About
  • DMCA Policy
  • Medical Disclaimer
  • Privacy Policy
  • Disclosure
  • CCPA
  • Terms of Use

© 2021 Maryland Digital News

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
Cookie SettingsAccept All
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT