While the cloud has delivered a massive boost to organisations in every sector, it has also created new challenges with security near the top of that list. With Gartner reporting that most cloud breaches will come from misconfigurations, getting things right is a significant challenge. And with the rise of generative AI tools now being leveraged by threat actors, getting a single view of everything across the entire infrastructure stack is critical.
Asjad Athick, the Cyber Security Lead for the Asia Pacific region at Elastic says creating a single view that enables security professionals to see all activity multi-cloud and hybrid infrastructure can reap benefits.
“You can't underestimate the strategic importance of the single pane of glass that gives visibility across all your platforms,” says Athick. “As well as enabling a better security posture, it can deliver operational benefits.”
The challenge comes from bringing all those disparate datasets together. While cloud providers provide telemetry and other data, it’s often hard to integrate into a unified view. This leads many organisations to deploy point solutions and engage in ‘swivel chair analytics’ where they look between multiple screens to try and build a picture of what’s happening across their entire estate.
As well as the cloud, Athick says the importance of data that comes from endpoints should not be underestimated.
“Endpoint detection and response is designed primarily for workstations and the threat vectors that it looks at. While that telemetry is not suited to detecting threats to cloud estates, modern cloud tools can bridge the gap between configuration and runtime security and tie that back with the rest of the estate. Taking a whole-of-platform strategy to security really pays off.”
Athick says that Generative AI tools offer many potential opportunities for cybersecurity teams. And while criminals are leveraging new tools such as WormGPT, there are some great benefits from using this technology.
“Security analysts can receive better context around alerts to help them make more accurate determinations around the risk associated with that alert. Large language models provide analysts with information to help them keep on top of the evolving threats in the industry and can reduce the entry barrier for junior analysts.”
Cloud technology has revolutionised the way we do business. A key to maximising the benefits of the cloud and minimising risks is access to the right data, at the right time, in a form that makes it useful.
Emerging tools such as generative AI offer great opportunities. By working with experienced and trusted partners that understand the complexities of the multi-cloud, hybrid infrastructure world will enable your organisation to achieve the best possible outcomes from the cloud while keeping threat actors at bay.
Access the full iTnews State of Security report: Here