Cloud security

Cloud Technology Bringing New Possibilities in Threat Management

Irfan Shakeel
April 14, 2017 by
Irfan Shakeel

Business leaders know that they are answerable for cyber security and privacy threats, wherever they occur in disparate enterprise systems. What many do not understand is how to design, implement and manage a real-time threat intelligence and information-sharing program.

As threat management requires expert skills set in strategic and analytical thought, a multiple interconnected system must be created to ingest, correlate, analyze and contextualize information from multiple sources.

Learn Cloud Security

Learn Cloud Security

Get hands-on experience with cloud service provider security, cloud penetration testing, cloud security architecture and management, and more.

To accomplish an advanced threat monitoring, a foundation of cloud-based monitoring and analysis technologies, an interoperable information-sharing strategy and platform, and carefully tailored processes is required.

For that, expertise in four key areas is needed:

  • Ingesting and surfacing meaningful, validated intelligence in real time.
  • Assessing the organizational impact of that intelligence.
  • Identifying actions to mitigate threats.
  • Taking prompt technical, legal and operational action.

Moreover, organizations will also need deep cyber security expertise as well as a multidisciplinary team that includes stakeholders from IT, legal counsel, risk, and privacy and business units. This team will further create custom processes to integrate activities across systems and the enterprise.

Endless Possibilities of New Combinations in Cloud:

As far as threat intelligence and information sharing are concerned, the cloud technology offers a centralized foundation for constructing, integrating and accessing a modern threat program. The power and interoperability of a centralized cloud platform enable organizations to synthesize a range of synergistic threat management technologies.

The fusion of advanced technologies with cloud architectures can help organizations more quickly identify and respond to threats, better understand customers and the business ecosystem, and ultimately reduce costs. Moreover, the cloud also can enable safer information sharing by combining analytics from multiple sources without compromising data security.

Cloud Evolution:

Cloud-based threat management capabilities are evolving rapidly and are changing the model of on-premise cyber security and privacy solutions. "We're seeing a rapid uptake of the cloud model because of its cost advantages, the compute and scalability that it provides—and the ability to rapidly and flexibly adjust computing capabilities, we believe cloud-based cyber security will evolve to the point where you can realistically take any type of threat data and process it, normalize it and understand its impact to your business in real time. Today's on-premise solutions simply can't do that," said Christopher O'Hara, PwC US Co-Leader, Cyber security and Privacy.

Integrating Essential Threat Management Tools in the Cloud:

Many organizations are intensely adopting key technologies that are necessary for gathering and analyzing threat intelligence. Increasingly, they are opting for cloud-based managed security services rather than traditional on-premise systems.

According to a survey conducted by PwC in 2016, around 62% of respondents use managed security services for initiatives like authentication, identity and access management, real-time monitoring and analytics, and threat intelligence.

PwC Survey, October 5, 2016

Businesses have usually focused on in-house information such as log files and access activity. However, lately, the cyber security and privacy capabilities of external business partners became the main concern after several high-profile breaches were attributed to the compromise of vendors' systems.

What Cloud-Based Threat Intelligence Looks Like?

Today, only a few businesses have successfully implemented an integrated cloud-based threat intelligence and information sharing platform. The reason behind this lower adaptation rate is that some of the component technologies are just now becoming accessible to businesses. However, enterprise-wide threat management is also an extremely complicated puzzle to piece collectively on premises, one that can effortlessly extend technology and resource capabilities.

That is starting to change, however, as cloud-based technologies mature and deliver new levels of service. "This year, we have figured out how to use technology to ingest massive amounts of unrelated information and find the relationships that make the information understandable," said Burg.

In fact, many organizations are working towards designing and developing a new cloud-based cyber security solution that best fit all advance needs of an organization in combating the threat and to help strategically manage cyber security risks and protect critical assets.

The advanced technologies with cloud architectures can leverage machine learning and artificial intelligence techniques to aggregate and analyze enormous volumes of data, correlate this data with a global database of threat intelligence, identify threats in real time and prioritize responses based on impact to affected assets.

Learn Cloud Security

Learn Cloud Security

Get hands-on experience with cloud service provider security, cloud penetration testing, cloud security architecture and management, and more.

Moreover, adopting cloud technology for threat management will allow organizations to customize and integrate systems to accommodate individual business needs fully. It can also give organizations complete control in compliance with government and industry regulations. However, implementing such technology will be a challenge for many, but those organizations that somehow succeed in implementing cloud technology for threat management will be better prepared to proactively monitor for threats, identify compromises, quickly respond to incidents and share threat intelligence. Ultimately, these capabilities will help build competitive advantages by protecting customer data, business assets and brand reputation.

Irfan Shakeel
Irfan Shakeel

Irfan Shakeel is the founder & CEO of ehacking.net An engineer, penetration tester and a security researcher. He specializes in Network, VoIP Penetration testing and digital forensics. He is the author of the book title “Hacking from Scratch”. He loves to provide training and consultancy services, and working as an independent security researcher.