Special thanks to Joe Rogalski, Director of Solution Management for Prisma Cloud, Palo Alto Networks, for his collaboration and contribution to this blog post.

More and more enterprises are moving their data centers and applications to the cloud, gaining the business advantages of agility, scalability and reduced costs. Unfortunately, this also brings an exponential increase in the attack surface. Thus even a small misconfiguration can have large consequences: Gartner projects that by 2025, 99% of cloud security failures will be the customer’s fault—errors that can usually be traced back to misconfigurations. With the average cost of a cloud breach increasing, it's clear that cloud cybersecurity must be approached with rigor, and quickly.

The route can be rocky

Many enterprises don't understand the shared responsibility model of the cloud. In addition, the variations of tools, capabilities and policies between cloud providers can complicate things. According to a recent report on the state of cloud-native security, 73% of companies struggle to delineate between their cloud security provider's security responsibilities and their own. The same report also noted that a full three-quarters of companies surveyed said cloud security tools and solutions are being outpaced by threats to their cloud systems.

<<< Start >>>

<<< End >>>

The answer: a comprehensive security strategy that includes CSPM

Cloud Security Posture Management is a comprehensive and automated approach to multi-cloud environments that provides visibility, compliance, governance and threat detection. Its broad reach enables organizations to understand vulnerabilities and misconfigurations in multi-cloud environments. It also simultaneously monitors for threats and configures guardrails—a must for cloud environments—to stop configuration errors. With automated guardrails, a carefully chosen and implemented CSPM tool will constantly watch your deployments, find deviations from desired baselines and even automatically remediate issues.

What to look for in a CSPM solution

The most useful CSPM solutions offer their information via a single dashboard, employing extensive APIs to integrate with existing IT and security tools. The result, when successfully configured, is a fully integrated system with a single point of view. Also look for:

  • Monitoring to adhere to all major compliance regulation and security policies.
  • The ability to create custom policies from a single platform, which can significantly help reduce enterprise risk.
  • The capability to augment a vast library of security policies with machine learning and threat intelligence, to provide comprehensive analysis into network behaviors such as traffic volume, bandwidth use and protocol use.
  • The ability to integrate into your existing security and IT tools, including your SIEM, SOAR, IT service management and more. This would ensure a complete, holistic view and a broader approach to cybersecurity.
How to get started: Next steps

The following steps offer a high-level road map:

  1. Gain visibility into the assets and the cloud environment. Starting with a solid base is critically important for any cloud environment.
  2. Assess and align policies to frameworks, regulatory requirements and/or enterprise standards. Aligning to a risk-based approach to define the security controls that should be monitored is critical for identifying areas of greatest potential impact.
  3. Prioritize and develop remediation plans and remediate risks. Low-impact items can be corrected while planning takes place, but this is also the time to develop a long-term plan for maintaining a secure cloud posture.
  4. Integrate CSPM into existing IT/Security tools and processes to streamline and maintain management. This would simplify management and allow for a comprehensive and prioritized view of your security estate without adding significant complexity.
  5. Automate ongoing monitoring and remediations, and continuously optimize CSPM tools and strategy to support the agility of the changing cloud and enterprise needs.
Why gamble?

Without comprehensive visibility into your cloud estate, that's exactly what you're doing. Cloud environments move fast; services are provisioned and destroyed consistently throughout the day.

Even if you went to the trouble and expense of integrating and supporting the three to five or more tools per cloud provider you'd need for adequate cloud security, you still wouldn't have unified reporting. Only a single, unified, multi-cloud platform solution can provide the details that enable organizations and their implementation partners to enable true cloud security.

 

Accenture Security helps organizations build resilience from the inside out, so they can confidently focus on innovation and growth. Leveraging its global network of cybersecurity labs, deep industry understanding across client value chains and services that span the security lifecycle, Accenture helps organizations protect their valuable assets, end-to-end. With services that include strategy and risk management, cyber defense, digital identity, application security and managed security, Accenture enables businesses around the world to defend against known sophisticated threats, and the unknown. Follow us @AccentureSecure on Twitter or visit us at www.accenture.com/security.

Accenture, the Accenture logo, and other trademarks, service marks, and designs are registered or unregistered trademarks of Accenture and its subsidiaries in the United States and in foreign countries. All trademarks are properties of their respective owners. All materials are intended for the original recipient only. The reproduction and distribution of this material is forbidden without express written permission from Accenture. The opinions, statements, and assessments in this report are solely those of the individual author(s) and do not constitute legal advice, nor do they necessarily reflect the views of Accenture, its subsidiaries, or affiliates. Given the inherent nature of threat intelligence, the content contained in this report is based on information gathered and understood at the time of its creation. It is subject to change. Accenture provides the information on an “as-is” basis without representation or warranty and accepts no liability for any action or failure to act taken in response to the information contained or referenced in this report.

Copyright © 2021 Accenture. All rights reserved.

The information in this blog post is general in nature and does not take into account the specific needs of your IT ecosystem and network, which may vary and require unique action. You should independently assess your specific needs in deciding to use any of the tools mentioned. The CSPM tool is not an Accenture tool. Accenture makes no representation that it has vetted or otherwise endorses these tools and Accenture disclaims any liability for their use, effectiveness or any disruption or loss arising from use of these tool.

Mark Rauchwarter

Senior Manager, Cloud and Infrastructure Security – Accenture Security

Subscription Center
Subscribe to Security Blog Subscribe to Security Blog
Subscribe