At the industry-leading global cyber event, CPX 360 2021, thousands of guests watched the presentations delivered by some of the best cloud security experts of our era. Understanding cloud complexity and design is key in leading a successful 21st century enterprise.
Cloud security expert and Check Point Technical Marketing Engineer Maya Levine offered insights into how cloud technologies drive innovation and transformation. Maya Levine is a regular speaker at technology conferences and conducts media interviews with news channels. Her must-have insights can also be found here.
As Levine describes it, attackers are taking advantage of the changes cloud environments have prompted. They’re eager to exploit security gaps. Nonetheless, it is possible to mitigate cloud-based risks.
So, what is it about cloud applications that is different from on-premise?
- You’re only paying for what you’re using. This is a big draw from a user or operations perspective. You don’t have to pay for the peak times year-round, you can just pay for what you use, as you use it. This model is especially applicable to serverless functions, containers and infrastructure as a service offerings.
- You have procurement in seconds. Our ability to procure and create infrastructure used to take a long time. Now it can happen very quickly. This is probably the greatest gift for everybody except the security teams, who consequently lack the time to ensure that everything is configured correctly.
- These applications are built with small pieces of code. You’re looking at a much more complex architectural diagram than previously. The pieces are unique, so it’s easier to understand their specific roles. However, there is a larger number of them and they’re interacting with a lot more resources, so you end up with a much more complex architecture.
- You’re a click away from production. Developers are literally rolling out to production in a matter of hours. This is really scary to security teams because a commit to GitHub can automatically go through testing, staging, and production with no human involvement whatsoever.
So what we’re seeing, as we move towards more cloud-native tools and cloud-native approaches, is that the journey for the security teams is the opposite of everybody else’s. The more cloud native tools are embraced, the less control security teams have and the more power developers have.
Comments
Post a Comment