Responding to a ransomware attack entails more than deciding whether to pay the ransom or not. Proactive planning can help your counter moves towards attackers deploy efficiently. Swaroop highlights how AI, hybrid cloud, and CNAP are changing the state of cloud security today.
View the entire ‘Cyber Resilience 2023’ event on-demand here.
A transcript of the video follows below. Minor edits have been made for clarity.
Steve Hill: Now, I’d like to introduce Swaroop Sham, Product Marketer at Wiz – a company that offers complete security for AWS, Azure, GCP, OCI, Alibaba Cloud, VMware vSphere, Kubernetes, and Red Hat OpenShift. Swaroop currently focuses on the areas of CNAP, container, and Kubernetes security. Welcome, Swaroop.
Swaroop Sham: Thank you, Steve, I’m excited to be here. This has been a great conversation so far.
SH: That was probably one of the most insightful programs I’ve seen on the operations of a ransomware gang. It’s just frightening.
SS: Yes, very insightful.
SH: The growing adoption of hybrid cloud across the industry has no doubt changed the model for IT security, for better or worse, and in some ways, the cloud offers greater flexibility and the potential of more automation to security. But on the other hand, it also opens new vectors for the initial intrusion that can lead to data compromise and hostile activities like ransomware. So, where do you see the state of cloud security today?
SS: Yeah, that’s a great starting point, Steve. I think when we step back and look at where we are from an overall cloud journey, it’s fair to say that we’re probably in the infancy of a broad digital transformation to the cloud. I would say only a small fraction of existing workloads have moved to the cloud. So, with that context being said, security in the cloud tends to be extremely different than traditional security. The issues that are at play are very different.
The things that we see quite often as a senior platform or cloud native application protection platform at Wiz is that issues that traditionally did not exist in an on-prem world become a lot more amplified, and a lot more visible in the cloud. Earlier, when we thought about risks or issues in the cloud, the issue really becomes a simple misconfiguration that can lead to a large data breach. Right? And the challenge is that it’s not security professionals who are missing the beat or anything. It’s not a knock on the security team as a profession.
It’s very important to understand the way we build and secure applications in the cloud is very different, right? Today, developers are in the front and center of that security conversation. And quite often, everything you build from a security standpoint, all the configurations you do are done through a developer – through a config file, as they ship out those applications. So, the overall nature of risk has completely changed, and the underlying technologies we need to protect have changed quite a bit in the cloud. And developers are the front and center of that conversation.
From a security standpoint, yes, you have issues of vulnerabilities and ransomware like our speakers before we’re talking about, but you also see this whole idea of a misconfiguration’s lateral movement becoming more and more prevalent in the cloud. That is what we see from a cloud security standpoint. There are many new areas and frontiers for cloud security professionals to conquer.
SH: This is an evolving process, so that also makes it challenging. Given its ability to sort through the noise of it, how do you see AI eventually fitting into the CNAP security model?
SS: Yes, it is really the question of our times, right? It’s at the top of everyone’s thinking and everyone’s mind in terms of – what role does AI Play in Today’s cybersecurity landscape? I think the answer to that is there’s multiple different facets that AI can have a huge impact on from a security perspective. Right? The first aspect when we think about it is in being an enabler. Enabling organizations to adopt AI services and technologies in a very secure manner without being an impediment.
So, in this case, what really comes out is that platforms like CNAP provide a lot of visibility to the security team. There’s so much innovation happening today with different teams splitting up different resources and trying out new might new AI services. Visibility becomes a big problem when you have such rapid innovation happening in the enterprise. That’s the first area where a security platform can provide a lot of value. The are two other areas that you’re seeing a lot and we’re hearing murmurings of it in some ways.
In the world of AI, data becomes the new oil in some ways, right? You need to make sure that you have the right set of controls around your data strategy. And from an attacker perspective, disrupting the data flow becomes a very enticing target to drive some malicious outcomes for a company. So, because of that, think about how to protect the data and make sure that you don’t have data poisoning-type of attacks. This becomes very critical in the cloud, right?
Now, when you think about data buckets that are being created and where your data repositories are being created in the cloud, having the right set of security controls, authorization, visibility, and lateral movement is important. Making sure that the right identities have access to that data point becomes very important too, right? So, a platform like CNAP can become very critical in making sure that you have the right sort of controls around your overall data strategy that impacts how we use AI.
Watch the entire ‘Cyber Resilience 2023: How to Keep IT Operations Running, No Matter What’ live virtual event on-demand here.
What to Read Next:
Top Cloud Security Mistakes (And How to Avoid Them)
US Probes Microsoft Email Breach, Cloud Security
Quick Study: Security and the Cloud