Cyber security investments have been steady in recent years, but that doesn’t mean the risk to business has decreased. In a March 2023 white paper, “Modern Unified Cloud Workload Security,” IDC says now is the time to rethink the security threat landscape. 

Threat actors are making it past endpoint and perimeter defenses and using legitimate ports and protocols to start and progress their attacks. And as cloud increases in complexity, the attack surface expands and the risk of breaches increases. 

The IDC white paper offers in-depth insights and best practices for securing modern multi-cloud environments in these challenging times. Here are a few of my takeaways:

1. Understand security priorities and associated risk. IDC researchers believe that understanding security priorities and associated risks is the bedrock of cloud workload security. As shown in  the figure below, to meet customer requirements and keep up with the highest security priorities, employing a holistic cloud security approach across the entire software development lifecycle is necessary. 

Organizations participating in the IDC 2022 Cloud Workload Protection Survey recognize they need to be proactive and want advanced workload and lateral security controls. Thirty-six percent of respondents understand the correlation of vulnerabilities with risk scoring to prioritize alerts and want protection from malware and ransomware, including fileless and living-off-the-land attacks.

1. Plan for the scope of the challenge. If you have one cloud environment, protecting applications is not that daunting a task, says IDC. Implementing proper configurations, access permissions, and policies is challenging but doable with a little effort and resolve. Having two environments does not double the complexity of the task but rather quadruples it. An organization with three infrastructure-as-a-service (IaaS) environments and one on-premises virtualized environment faces 16 times the complexity. For most organizations today, multi-cloud and hybrid cloud are the reality, which means they are dealing with expanding attack surfaces and an increasing specter of data breaches.
   
2. Address the need for speed. The time between a vulnerability being discovered and exploited is growing shorter. In IDC’s survey, when leaders were asked on average how long it took for their security operations center (SOC) or cloud security analyst teams to perform basic research once a unique alert was received, 30% answered one day or more. 

Operational efficiency and taking quick action can, of course, make all the difference. Having on-demand prioritization of alerts is key, but alert fatigue is also a concern. With access to additional resources, including targeted deep telemetry, security teams gain visibility into the connections being made as well as the conversations happening on those connections. Prioritization of misconfigurations and vulnerabilities, artificial intelligence/ machine learning–driven analytics, and network detection and response are just some of the services that need to be on tap to secure modern environments.

Security risk is business risk. As companies seek to understand their security health and hygiene, IDC’s white paper offers an overview of holistic cloud security best practices and other insights to consider when making important cyber security decisions.

Download the white paper: Modern Unified Cloud Workload Security

DOWNLOAD NOW

1. N=620; Cloud Workload Protection Survey, IDC, September 2022.