This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Fastest Two Minutes in SecOps: Cloud Security [Video]

Posted on 03-29-2024 09:00 AM
and filed in security-blog
ahnna
Staff

The “Google on SecOps” blog found on chronicle.security has moved to the Community Blog. This blog was originally published on July 6th, 2022 by Dan Kaplan. Going forward, all Google Security Operations (formerly known as Chronicle Security Operations) blogs will be published here. 

Welcome to the cloud, where capabilities exist that security practitioners have long desired. Just ask Dave Herrald, Global Head of Adoption Engineering at Google Cloud and a former CISO at a payment processes company.

These wants include: fast and accurate inventory, robust telemetry, granularity in how to apply security controls, programmability to support automation (as the cloud is naturally API driven), and continuous authentication and authorization. The less desired part is understanding how these capabilities exactly function and how to optimally take advantage.

But arguably the most worrying challenge facing organizations when it comes to the cloud is security. The cloud changes your security boundaries, and traditional, on-premises-focused controls may not be adequate to prevent or mitigate cloud-specific threats, especially around identity. (To help protect organizations, Google Cloud, for example, offers services that automatically and in real time analyze every IAM grant to detect outsiders being added.)

All these threats, of course, lead to increased risk, bolstered by organizational tendencies to hit the gas on cloud adoption, which in turn forces security teams to rush when preparing for the increase in workload, spikes in alert and log volume, and required updates to tooling. When visibility isn’t built to scale in the cloud, security suffers, and analysts can become easily overwhelmed.

How can you succeed in the cloud’s new detection (and response) context, architect a more resilient cloud, keep SOC teams less frustrated and more upbeat, and most of all leverage the cloud to kickstart your security operations transformation? In the below video, Herrald boils down a very big conversation—cloud security—into something salient and actionable. Enjoy!

0 0 79
Authors
0 Likes