web analytics

5 multicloud security challenges — and how to address them – Source: www.csoonline.com

5-multicloud-security-challenges-—-and-how-to-address-them-–-source:-wwwcsoonline.com
Rate this post

Source: www.csoonline.com – Author:

From inadequate visibility to access management complexity, multicloud environments take baseline cloud security issues to another level.

A multicloud environment is now standard for midsize and large organizations, with tech leaders opting to use multiple cloud providers for the improved flexibility, resiliency, and additional advantages that operating in multiple clouds brings.

But a multicloud approach also comes with challenges, particularly when it comes to security.

In fact, CISOs listed managing multicloud and hybrid cloud as one of their organization’s biggest cybersecurity challenges, according to the 2025 Cloud Security Report from Check Point Software Technologies. It came in No. 3, after safeguarding high-value assets and intellectual property and enhancing threat visibility and detection.

Securing a multicloud environment isn’t a singular challenge, however; it’s a whole host of them. Here is a look at the five most significant challenges CISOs and their teams face in this space.

1. Achieving adequate visibility across all clouds

This challenge tops the list for many security leaders.

Experienced CISOs acknowledge that getting an accurate and complete picture of the IT environment has long been a tough task — whether it’s all on prem or all in the cloud. But they stress the job is more complicated and complex in an environment that sprawls across multiple cloud providers.

That sprawl makes it harder for CISOs to “have confidence that they’re looking across the environment holistically, that they’re looking for all the right things, and that there isn’t some security piece that they’ve overlooked,” says Randy Armknecht, who as a managing director at consultancy Protiviti leads its global infrastructure, cloud, and security engineering practice.

CISOs, of course, have some visibility across all their cloud deployments. Indeed, they may even have great visibility into one of their cloud environments — typically the first cloud the organization adopted, because they had invested heavily in training their teams to use that provider’s observability tools when they first made the move to that cloud.

However, CISOs frequently lack the resources — time, skills, and tools — to extend that visibility into the other cloud setups as their organization expanded, Armknecht says.

And even if CISOs and their teams are well versed in the observability tools provided by each cloud provider, they typically still struggle with managing information from those multiple tools, he adds.

“Most security practitioners feel more at home in one cloud than the others, and they may feel really good about one of them, but they do not have the same level of confidence about the others,” Armknecht explains.

Technology advances are helping CISOs overcome this challenge. Armknecht points to tools such as cloud-native application protection platforms (CNAPPs) that offer multicloud observability.

He sees the use of such tools as an imperative. “I’m a fan of getting full visibility as quickly as you’re able. I would not want to be at the table being asked why we didn’t know about a problem that led to a breach,” he says.

2. Balancing the ease of a uniform security program with the benefits of a provider-specific approach

Some CISOs opt to have a single security program for their entire cloud environment while others take a cloud-specific approach. Each strategy has pros and cons, says Wolfgang Goerlich, IANS Research faculty and a public sector CISO.

“If you’re treating all clouds the same, if you have a unified security program, then that means you’re not using the native security tools and you’re not driving the value out of each cloud. And not all solutions will pull in data [from each cloud provider] with fidelity, and not all apps will be as granular as the native tools,” he explains. “But if you go native, if you do a deep dive into each cloud, you add more tech and you probably won’t have teams who can work across the different clouds, so you create more challenges with processes, staff, and technology.”

Goerlich doesn’t list one option as better than the other but instead stresses the need to weigh the benefits and drawbacks of each one when devising an enterprise security plan.

“It’s all about the tradeoffs,” he says. “You can organize your team by cloud to drive more value from native capabilities, or have your team know enough about each cloud to effect change, or take it to a high level and not use the native tools.”

3. Falling short on the breadth and depth of skills required to secure multiple clouds

Securing multicloud environments requires more skills than the skills needed to secure a homogenous environment — a requirement that adds more stress onto CISOs who are already struggling to keep up with all the skills now needed to protect a modern enterprise.

Moreover, the skills the team does have tend to be unevenly distributed.

“Most companies lean into one cloud and their skills hone in on that one cloud provider, but that means they lack the skills for the others,” says George Gerchow, faculty at IANS Research and CSO at Bedrock Security.

For example, a team skilled at collecting logs from AWS may not have the aptitude to confidently handle the same task in Azure and vice versa, he says. “Even at a high level, the logs themselves are different from cloud provider to cloud provider. How you ingest all the right logs to do security investigations as well as how you find security vulnerabilities is different,” Gerchow explains.

Having a well-thought-out security strategy to balance the ease of a uniform security program with the benefits of a provider-specific approach (Challenge No. 2) can help identify the needed skills.

Then CISOs need a solid training program to ensure staff members have the skills they need to successfully execute the strategy across the multicloud environment and with each cloud provider, Gerchow says. In other words, CISOs must invest enough in getting their people trained to work effectively in each cloud used by the organization.

4. Getting configurations right

Getting configurations right in any environment is a difficult task, but security leaders say both the scale and the scope of a multicloud environment make that task exponentially more challenging, according to Gerchow. That’s because each cloud provider has its own set of services, APIs, and management interfaces, as well as its own rules and systems for managing configurations.

Taken all together, that puts more stress on security teams, who must not only learn and master all the cloud-specific tools and techniques but also keep track of which tools and techniques apply to which cloud provider to ensure they don’t make a configuration mistake.

Mistakes are common: The 2024 Cloud Security Report from Check Point found that 23% of survey respondents who had experienced a public cloud security incident blamed misconfigurations. Common misconfigurations include overly permissive access controls, exposed storage buckets, unencrypted data, and inadequate network segmentation — all of which can lead to data breaches and unauthorized access.

5. Getting identity and access management right

CISOs face similar challenges with identity and access management (IAM) in a multicloud environment, says Jeffrey Brown, former CISO for the State of Connecticut and now a cybersecurity advisor for financial services and state government at Microsoft.

To be clear, CISOs struggle with IAM in an on-prem and single-cloud environment, too. But they face more challenges in getting IAM right in a multicloud environment because they must work across the different cloud providers, each with their own IAM systems, operating models, policies, and procedures. And they must manage user identities, roles, and access control mechanisms for each cloud.

All this gives CISOs exponentially more to track and manage.

Moreover, multicloud environments also have more nonhuman entities (such as APIs and services) that must be managed across multiple clouds, too, further adding to the complexity and scale of IAM in a multicloud environment.

And, of course, each identity has to be managed over its lifecycle — further compounding the size of the challenge. All this can — and often does — lead to inconsistent policies, as well as inconsistent monitoring and enforcing of access controls.

The challenge is so significant that Brown lists identity and access management as the No. 1 challenge security teams face in a multicloud environment. However, it’s not an insurmountable problem, he says.

“If you don’t have a formal program, then formalize it. You need a named executive in charge of the program, whether it’s you as CISO or someone else. It can’t be nobody,” he says. Implement “strong authentication everywhere and a comprehensive, unified strategy.”

SUBSCRIBE TO OUR NEWSLETTER

From our editors straight to your inbox

Get started by entering your email address below.

Original Post url: https://www.csoonline.com/article/4009247/5-multicloud-security-challenges-and-how-to-address-them.html

Category & Tags: Cloud Security – Cloud Security

Views: 2

LinkedIn
Twitter
Facebook
WhatsApp
Email

advisor pick´S post

CISO2CISO Notepad Series
How Can We Structure Cybersecurity Teams To Better Integrate Security In Agile At Scale?
How Can We Structure Cybersecurity...
OCCUPYTHEWEB
Linux Basics for Hackers by Occupytheweb
Linux Basics for Hackers by...
NIST
Digital Forensics and Incident Response (DFIR) Framework for Operational Technology (OT) by NIST – Eran Salfati and Michael Pease
Digital Forensics and Incident Response...
Think Big Blog
Top 10 TED Talks to Learn about Cyber Security
Top 10 TED Talks to...
NCSC
NCSC Cyber Security for Small Business “SMEs” Guide.
NCSC Cyber Security for Small...
Practical DevSecOps
API Security Fundamentals – Your Handy Guide to Building an Unhackable System by practical-devsecops.com
API Security Fundamentals – Your...
Marcos Jaimovich
Nuevo Firewall para IA , un Cacharro nuevo para nuestro SOC y los equipos de Ciberseguridad !
Nuevo Firewall para IA ,...
Vendict
The 2024 CISO Burnout Report by Vendict
The 2024 CISO Burnout Report...
Mohammad Alkhudari
Cybersecurity Strong Strategy step by step Guide collected by Mohammad Alkhudari 2024
Cybersecurity Strong Strategy step by...
Marcos Jaimovich
The Silent Spectre Haunting Your Network: QPhishing, the CISO’s Unspoken Nightmare.
The Silent Spectre Haunting Your...
Marcos Jaimovich
Goodbye to Traditional: Why Conventional Cybersecurity Tools are No Longer Sufficient for the Future of Digital Threats ?
Goodbye to Traditional: Why Conventional...
Marcos Jaimovich
Why do we compare a SOC (Security Operations Center) with the cockpit of a commercial airplane? by Marcos Jaimovich
Why do we compare a...

LASTEST PUBLISHED POSTS

Cyberint
Retail Threat Landscape Report Q1-Q3 – November 2024 Summary by Cyberint a Check Point Company
Retail Threat Landscape Report Q1-Q3...
NCSC
Protecting Critical Supply Chains – A Guide to Securing your Supply Chain Ecosystem
Protecting Critical Supply Chains –...
Culture AI
Time to Adapt – The State of Human Risk Management in 2024 by Culture AI.
Time to Adapt – The...
National Cyber Security Centre
Engaging with Boards to improve the management of cyber security risk.
Engaging with Boards to improve...
Microsoft Security
2024 State of Multicloud Security Report by Microsoft Security
2024 State of Multicloud Security...
bugcrowd
Inside the Mind of a CISO 2024 The Evolving Roles of Security Leaders 2024 by bugcrowd
Inside the Mind of a...
Mohammad Alkhudari
Cybersecurity Strong Strategy step by step Guide collected by Mohammad Alkhudari 2024
Cybersecurity Strong Strategy step by...
Lacework
CISO’s Playbookto Cloud Security by Lacework
CISO’s Playbookto Cloud Security by...
MITRE - Carson Zimmerman
Ten Strategies of a World-Class Cybersecurity Operations Center by MITRE
Ten Strategies of a World-Class...
SILVERFRONT - AIG
Identity Has Become the Prime Target of Threat Actors by Silverfort AIG.
Identity Has Become the Prime...
CYZEA.IO
Enterprise Information Security
Enterprise Information Security
IGNITE Technologies
ENCRYPTED REVERSE
ENCRYPTED REVERSE

More Latest Published Posts

WORLD BANK GROUP
Global Cybersecurity Capacity Program
Global Cybersecurity Capacity Program
Gary Hinson
Getting started withsecurity metrics
Getting started withsecurity metrics
EDPS
Generative AI and the EUDPR.
Generative AI and the EUDPR.
Bright
2024 Guide to Application Security Testing Tools
2024 Guide to Application Security Testing Tools
HADESS
Hacker Culture
Hacker Culture
Quuensland Govermment
RISK ASSESSMENT PROCESS HANDBOOK
RISK ASSESSMENT PROCESS HANDBOOK
Ministry of MOS Security
HIPAA SIMPLIFIED
HIPAA SIMPLIFIED
Hacker Combat
How Are Passwords Cracked?
How Are Passwords Cracked?
CIS - Center for Internet Security
How to Plan a Cybersecurity Roadmap in Four Steps
How to Plan a Cybersecurity Roadmap in Four Steps
ACSC Australia
Information Security Manual
Information Security Manual
Kaspersky
Incident Response Playbook: Dark Web Breaches
Incident Response Playbook: Dark Web Breaches
ninjaOne
Endpoint Hardening Checklist
Endpoint Hardening Checklist
HADESS
Important Active Directory Attribute
Important Active Directory Attribute
ISA GLOBAL CYBERSECURITY ALLIANCE
IIoT System Implementation and Certification Based on ISA/IEC 62443 Standards
IIoT System Implementation and Certification Based on ISA/IEC 62443 Standards
Rajneesh Gupta
IAM Security CHECKLIST
IAM Security CHECKLIST
sqrrl
Hunt Evil
Hunt Evil
Searchinform
How to protect personal data and comply with regulations
How to protect personal data and comply with regulations
Giuseppe Manco
Threat Intelligence Platforms
Threat Intelligence Platforms
CSA Cloud Security Alliance
Hardware Security Module(HSM) as a Service
Hardware Security Module(HSM) as a Service
IGNITE Technologies
CREDENTIAL DUMPING FAKE SERVICES
CREDENTIAL DUMPING FAKE SERVICES
IGNITE Technologies
A Detailed Guide on Covenant
A Detailed Guide on Covenant
NIST
Computer Security Incident Handling Guide
Computer Security Incident Handling Guide
IGNITE Technologies
DIGITAL FORENSIC FTK IMAGER
DIGITAL FORENSIC FTK IMAGER
Accedere
Cloud Security Assessment
Cloud Security Assessment
YL VENTURES
CISO Reporting Landscape 2024
CISO Reporting Landscape 2024
CISO Edition
Reporting Cyber Risk to Boards
Reporting Cyber Risk to Boards
CIOB
CIOB Artificial Intelligence (AI) Playbook 2024
CIOB Artificial Intelligence (AI) Playbook 2024
INCIBE & SPAIN GOVERNMENT
Nuevas normativas de 2024 de ciberseguridad para vehículos
Nuevas normativas de 2024 de ciberseguridad para vehículos