Deceptions Everywhere ®

Insights on threat and cyber risk trends, use cases for deception technology
and strategies for combatting targeted attacks

A Deception Technologist's View of Cloud Security

Posted by Beth Ruck on May 22, 2019 2:47:12 PM

As I sat down to write this post, I couldn’t help amusing myself with yet another corny “cloud” analogy: The potential for lateral movement between different parts of the extended corporate ecosystem is a bit like all the different types of lightening there are. If, besides being a tech geek, you are also a weather geek, you can read about lighting here. Among other things, this site explains that “Anvil Crawlers are horizontal tree-like, in-cloud lightning discharges whose leader propagation is slow enough… that a human observer… can see its rapid motion across the sky.” Where cloud security is concerned, Illusive’s aim is to make malicious lateral movement to, from, and between clouds slow and visible to the human eye—so that security teams can stop cyberattacks before a successful strike.

But I digress.

There was a time when cybersecurity risks were the #1 obstacle to cloud adoption.[1]  Although data shows that security is still a big concern, cloud business is booming as if there are virtually no obstacles. 2018 saw more than 200 acquisitions of cloud-related businesses with many big names among the acquirers. Major cloud providers also experienced mega-growth: Microsoft Azure in its Q4 FY 2018 earnings report[2] stated that revenue generated from Azure grew at 89% compared to Q1 FY 2017. For the same quarter, Amazon announced a revenue growth of 45% for Amazon Web Services (AWS).[3]

No One-Cloud-Fits-All

For most organizations, the cloud isn’t just one “thing”—not just one adjunct part of the infrastructure to worry about securing; organizations leverage many forms of cloud services simultaneously. According to IBM, many enterprises already manage between five and 16 cloud vendors. Meanwhile, regulatory or performance considerations are among the factors that keep many data centers firmly rooted on corporate premises. So the typical business relies on a hybrid mix of public and private clouds, coupled with traditional on-premise infrastructure. This infrastructure diversity enables organizations to optimize costs, gain agility, and reap a wide range of innovation gains.

Protecting this business innovation mix also requires security innovation. Cloud companies have invested in security features to protect the assets they house, and many businesses are ramping up SecDevOps to make sure that the applications they’re putting in the cloud are more secure.

But there is a gap that is not getting the attention it needs—which is the potential for malicious lateral movement between cloud-based and on-premises resources. Externally hosted services and applications don’t stand in isolation—they are connected to the corporate environment. Attackers are facile at breaching one environment to gain a foothold in their ultimate target environment; wherever that target is, they’ll use whatever weak link they can find. They can move from the corporate network to the cloud, from the cloud to on-premises systems, between segmented systems in the same cloud, or pivot to another cloud. A risk to one part of the extended ecosystem is a risk to all.

How Illusive Can Help

Defending the enterprise on the ground and "in the air" requires the ability to detect lateral movement. No matter how attacker techniques change or where weaknesses exist, lateral movement is essential for an attacker to accomplish their objective.

In our new paper, "Securing the Hybrid, Cloud-Enabled Ecosystem: A Lateral Movement Defense Approach," we describe how Illusive enables businesses to proactively defend their cloud investments and all paths to and from them. Illusive's Attack Surface Manager enables teams to proactively reduce pathways between networks and systems. Auto-discovery and risk-centric visibility features help identify and quantify risks associated with "crown jewel" systems and assets. And cloud-aware deception techniques can see "through the fog" to force attackers into the open or lure them to decoy systems to study their behavior in depth. Rich forensics delivered from Illusive accelerate incident analysis.

To get the details about how Illusive defends your hybrid, multi-cloud environment while enabling you to proactively reduce risk, download Securing the Hybrid, Cloud-Enabled Ecosystem: A Lateral Movement Defense Approach today—and keep attackers from raining on your parade.

 

Sources

[1] Survey reveals security is biggest obstacle to cloud adoption, ITProPortal, December 19, 2013

[2] Microsoft reports $30.1 billion in Q4 2018 revenue, VentureBeat, July 19, 2018.

[3] Amazon Web Services reports 45 percent jump in revenue in the fourth quarter, CNBC, February 1, 2019. 

Topics: Deception Technology, Cloud Vulnerabilities, Cyber Attackers, Network Security, Lateral Movement, attack surface, Compliance, vulnerability management, cyber hygiene, cloud security, Deception Technology for Cloud Security, Cloud Security deception

Beth Ruck

Written by Beth Ruck

Stay up to date!