Adoption to the cloud is no longer stymied by security concerns as it once was. If anything, companies believe too fully in the security of the cloud service provider (CSP) these days. This belief may exist because security teams are understaffed, overburdened or because of true security competency within the cloud provider. But at the end of the day, the organization is on the hook for protecting its data in motion and at rest. CSPs are not responsible for the ingress and egress of data but rather only what resides within its data center. And even that is shared responsibility.
One might say the new security perimeter is identity and data which are the underpinnings of every action taken in this digital world. To secure this new perimeter a deep understanding of data inventory and classification is required. The other side of this coin is knowing the identify and privileges of the user and which data they have access to. However, these requirements are not easily satisfied. With digital transformation comes an explosion of applications, APIs and delivery methods. “Cloud” can be private, public, as a Service and part of a many-cloud or “multicloud” approach. IT staff is still burdened with legacy security tools and lines of business are increasingly engaging in platform solutions which impact security. While these new platforms fuel digital growth and customer engagement they also complicate security visibility because they are outside the purview of the security staff.
Managed security services (MSS) have existed for decades and they, too, are evolving to embrace the cloud ecosystem. Traditionally, MSS providers (MSSPs) managed and monitored the on-premise security appliances for a customer. Today we are seeing a rapid buildout of tools which provide MSSPs the ability to visual the customer’s entire architecture from on premise to SaaS-based including single and multicloud. Gaining visibility allows the MSSP to then quantify vulnerabilities against the threat landscape which in turn provides a view into risk. According to an IDC study conducted last year we see that the MSSP purchasing form factor is shifting from predominately on-premises to hosted and SaaS based (see chart below).
Adoption of MSS which once was an ROI-based decision swapping Capex for Opex cost is now one of imminent necessity if for no other reason than to provide visibility.
We can’t protect what we can’t see. We can’t thwart what lurks in the shadows and we can’t respond if we don’t know what and where the danger is. With more and more of the architecture in cloud and multicloud the challenge of finding, tracking and combatting an adversary is compounded. MSS provide the “eyes on screen” of a Security Operations Center (SOC), advanced detection capabilities and increasingly they provide automated detection and response. It’s no surprise then that advanced detection and analytic techniques are called out by nearly 40% of respondents as “required as part of a managed cloud services engagement.”
Visibility is the one aspect of security that will in the end “right the ship.” When a SOC analyst receives an alert and discovers it to be an actual incident the advanced detection tools and threat intelligence the MSS provider (MSSP) possesses can vastly improves the analyst’s ability to see within a hybrid environment where the attack is and when it first entered.
Today the Band-Aid approach of “look, alert, combat…repeat” is becoming more and more automated with the use of machine learning and big data analytics; meanwhile the skills of the MSSP provide the glue to keep the enterprise safe. The market is demanding greater cloud security capabilities and cloud providers are responding with enhanced visibility and response tools but remember that their responsibility stops at the door to their data center and the organization is ultimately responsible for the data outside.
In our next blog we’ll diver deeper into addressing identity and access management challenges in MSS. To learn more about Oracle Managed Security Services and how MSS can help you, visit our website.
Follow Christina Richmond @Xtina_richmond
Follow Greg Jensen @GregJensen10