There's no reason to risk flying blind in the cloud
March 23, 2021
Special thanks to Joe Rogalski, Director of Solution Management for Prisma Cloud, Palo Alto Networks, for his collaboration and contribution to this blog post.
More and more enterprises are moving their data centers and applications to the cloud, gaining the business advantages of agility, scalability and reduced costs. Unfortunately, this also brings an exponential increase in the attack surface. Thus even a small misconfiguration can have large consequences: Gartner projects that by 2025, 99% of cloud security failures will be the customer’s fault—errors that can usually be traced back to misconfigurations. With the average cost of a cloud breach increasing, it's clear that cloud cybersecurity must be approached with rigor, and quickly.
Many enterprises don't understand the shared responsibility model of the cloud. In addition, the variations of tools, capabilities and policies between cloud providers can complicate things. According to a recent report on the state of cloud-native security, 73% of companies struggle to delineate between their cloud security provider's security responsibilities and their own. The same report also noted that a full three-quarters of companies surveyed said cloud security tools and solutions are being outpaced by threats to their cloud systems.
<<< Start >>>
<<< End >>>
Cloud Security Posture Management is a comprehensive and automated approach to multi-cloud environments that provides visibility, compliance, governance and threat detection. Its broad reach enables organizations to understand vulnerabilities and misconfigurations in multi-cloud environments. It also simultaneously monitors for threats and configures guardrails—a must for cloud environments—to stop configuration errors. With automated guardrails, a carefully chosen and implemented CSPM tool will constantly watch your deployments, find deviations from desired baselines and even automatically remediate issues.
The most useful CSPM solutions offer their information via a single dashboard, employing extensive APIs to integrate with existing IT and security tools. The result, when successfully configured, is a fully integrated system with a single point of view. Also look for:
The following steps offer a high-level road map:
Without comprehensive visibility into your cloud estate, that's exactly what you're doing. Cloud environments move fast; services are provisioned and destroyed consistently throughout the day.
Even if you went to the trouble and expense of integrating and supporting the three to five or more tools per cloud provider you'd need for adequate cloud security, you still wouldn't have unified reporting. Only a single, unified, multi-cloud platform solution can provide the details that enable organizations and their implementation partners to enable true cloud security.
Accenture Security helps organizations build resilience from the inside out, so they can confidently focus on innovation and growth. Leveraging its global network of cybersecurity labs, deep industry understanding across client value chains and services that span the security lifecycle, Accenture helps organizations protect their valuable assets, end-to-end. With services that include strategy and risk management, cyber defense, digital identity, application security and managed security, Accenture enables businesses around the world to defend against known sophisticated threats, and the unknown. Follow us @AccentureSecure on Twitter or visit us at www.accenture.com/security.
Accenture, the Accenture logo, and other trademarks, service marks, and designs are registered or unregistered trademarks of Accenture and its subsidiaries in the United States and in foreign countries. All trademarks are properties of their respective owners. All materials are intended for the original recipient only. The reproduction and distribution of this material is forbidden without express written permission from Accenture. The opinions, statements, and assessments in this report are solely those of the individual author(s) and do not constitute legal advice, nor do they necessarily reflect the views of Accenture, its subsidiaries, or affiliates. Given the inherent nature of threat intelligence, the content contained in this report is based on information gathered and understood at the time of its creation. It is subject to change. Accenture provides the information on an “as-is” basis without representation or warranty and accepts no liability for any action or failure to act taken in response to the information contained or referenced in this report.
Copyright © 2021 Accenture. All rights reserved.
The information in this blog post is general in nature and does not take into account the specific needs of your IT ecosystem and network, which may vary and require unique action. You should independently assess your specific needs in deciding to use any of the tools mentioned. The CSPM tool is not an Accenture tool. Accenture makes no representation that it has vetted or otherwise endorses these tools and Accenture disclaims any liability for their use, effectiveness or any disruption or loss arising from use of these tool.