Skip to content

Why migrating your systems to the cloud can help with cybersecurity

american football

Paul Fletcher, cybersecurity evangelist at Alert Logic, explains why you should consider migrating your systems to a cloud environment.

Over the years, we information security professionals have seen the threat landscape and attitude to cybersecurity change significantly.

Even the language we use has changed – from ‘if’ to ‘when’: If we get attacked becomes when we get attacked.

We’ve all heard the same advice – we should be operating as if we’ve already been attacked and our systems are compromised.

We’ve thought about it and considered this approach. We’ve seen the research that indicates it takes on average of 205 days for a compromise to be discovered on the network.

So, at a high level, in our logical and reasonable thought pattern, we’ve conceded that this is likely true.

But acting on that advice is another story entirely.

Most of our security operations teams take important actions, like building good defence-in-depth strategies, monitoring for security events, developing most of an incident response plan, educating users, completing assessments and complying with audit standards.

These are all best practices, but they don’t make your organisation a smaller target.

Foundational security

Having foundational security is important and necessary, but what is it that prevents us from acting on the idea that we need to operate as if we were already breached? The answer is that you need a game changer.

If you’re familiar with American football, you’ll see how your cybersecurity program is similar.

Foundational security (as described above) is like the running game of football.

In the early days of football, throwing the ball forward was against the rules. In order to win you had to run the football and play good defence.

The game was good, but scores were usually low and the action wasn’t very fan friendly. The rule change to allow a forward pass was a game changer. It made the game more dynamic, with more options, more scoring, and more fans.

Using the forward pass

It’s time for your security program to start using the forward pass.

Be offensive in your approach to security. Want to reduce the number of days an attacker is sitting on your network? Get on the offensive—hunt them down.

You know your environment the best; you know what your team is capable of, so use those skills to go find the problem.

I know what you’re thinking: “So, if I go on the offensive and try to hunt down the threat within my environment, if I find something, doesn’t that make my team look bad? If we’ve done our jobs well, we shouldn’t find any issues. If we do find something bad living and breathing on our network, then it’s my fault.”

Herein lies the biggest problem.

On the surface, we agree with the idea that we are operating in a new world, a world where attackers are already in our IT infrastructure.

But we hesitate to apply this realisation to our day-to-day operations, simply because of pride. So, in theory, we believe attackers are on network, but in the application of our security, we don’t.

In the same way that the forward pass was a game changer in the game of football, changing our rules of engagement and launching an offensive attack is our cybersecurity game changer.

The ability to actively pursue attackers in our own IT infrastructure is the next phase of security operations.

Twenty years from now, CISOs are going to go to a security conference and hear stories about the early days of the internet, and how our only strategy was a good defense.

It will sound as strange and ancient to them as playing football without the forward pass seems to us.

At this point in the discussion, we as security professionals feel like we understand the challenge and deep down know we need to do something about it.

But that pride keeps sneaking back into our minds. “How can I be on the offensive and ensure that I won’t find a hornets’ nest of problems in the process?” The answer is easier than you might think—the cloud.

‘A game changer’

The cloud is one of the tools that can make the game changer happen.

Migrating your systems to a hosted cloud environment opens the opportunity to go on the offensive: you eliminate vulnerabilities in your core infrastructure. Game changer.

You may or may not be able to move everything into a hosted cloud environment, but migrate what you can, as soon as you can.

If you’re able to move 50% or 70% or 90% of your IT to the cloud, then your traditional IT infrastructure just got smaller.

In football, you can still win with a good running game and a good defence (in depth) strategy, but you have to pass the ball to open up running lanes.

Having this effective combination helps keep the other offense off the field, making the target of opportunity smaller for your opponent.

If we truly believe and operate in an environment where our systems are already compromised, then we need to add a passing game (hunting for attackers) to our already good running game and defence.

A good defense will always be necessary, but just like in football; some times the offense is just too good.

The game changer is to have a good offense and hunt down attackers and zero days in your environment.

Migrating to the cloud is the offensive playbook that makes it easier for you to be the real game changer.

Topics

Register for Free

Get daily updates and enjoy an ad-reduced experience.

Already have an account? Log in