Feedback Friday: Industry Experts Comment on Hive Ransomware Takedown

Security Experts:

Connect with us

Hi, what are you looking for?


Cloud Security

Every Cloud Has a Silver Lining: Leveraging the Cloud as a Security Enabler

Leveraging the Inherent Strengths of the Cloud to Enhance Security Will Enable us to More Effectively Stay Ahead of Attackers

Leveraging the Inherent Strengths of the Cloud to Enhance Security Will Enable us to More Effectively Stay Ahead of Attackers

Much airtime has been given to answering the question: Is the cloud secure? We’re becoming programmed to think of the cloud as a security challenge. From loss of governance and concerns about segmentation from other parties in the cloud, to potential data loss and leakage, there are many possible security risks to consider when deploying a cloud-based strategy.

But there’s another aspect of the cloud that has largely gone ignored and that’s the fact that the cloud can be a tremendous security enabler.

Enhanced Security in the CloudThere are three aspects of the cloud that can be leveraged to enhance and modernize today’s approach to security: (1) the massive computing power, (2) the vast amount of storage capacity and (3) the shared infrastructure. In combination, these three aspects can work together to transform traditional security practices and create significant benefits for IT security professionals and technology vendors alike, for example:

Enhanced performance with lightweight and compatible IT security solutions. The cloud can be used for all the ‘heavy computational lifting’ typical in IT security solutions. If performed locally these tasks tend to slow down machines, inhibit solution performance and usually require additional hardware. Freeing an enterprise’s network and devices from this burden also enables users to more effectively support a defense-in-depth strategy since it facilitates running multiple security offerings simultaneously. Offloading heavy-duty processing to the cloud becomes even more beneficial with mobile devices that can have significant computation constraints and even more stringent power consumption requirements.

More informed security decision-making with centralized and up-to-date security information. With virtually unlimited storage in the cloud it now becomes possible to create, maintain and share extensive information on network threats, advanced malware, IP and file reputation lists, as well as geo-location and other security data. This global and centralized approach eliminates the need for enterprises to manage and store vast amounts of information on their infrastructure, increasing productivity of the security software while ensuring that the latest, comprehensive security information is available as needed.

Faster, better protection through the power of Big Data analytics. Today we see hundreds of thousands of security threats each day. Understanding the data and then translating this intelligence into protection can take days to months rendering it virtually ineffective given the pace at which new threats are introduced and increasing the time of exposure. Leveraging the processing power and storage of the cloud along with intelligence gathered from the community of cloud users, large-scale data mining techniques can be applied to identify anomalous patterns across systems and create to new detections and protections more quickly. This environment also provides a more effective ‘test bed’ for better security. New protections can be tested against live data as part of security technology development cycle rather than using isolated test sets that exist in a lab. There’s no better way to test efficacy than against real-world data.

More efficient and economical protection against real threats with intelligent delivery. Because only a small number of threats are ever seen in an individual enterprise and we can’t always determine which will become widespread, it isn’t practical or feasible to provide enterprises with every possible signature available. The time and resources required for huge downloads of largely irrelevant information is cost prohibitive and impractical. The cloud can deliver only the protections that are relevant to an organization’s risk profile and do so much more quickly to protect against the threats that matter for their specific environment.

We’re still in the early stages of leveraging the cloud as a security enabler. There is more to come. For example, we’re beginning to see technologies that can harness the benefits of storing large amounts of relevant security data to go back in time to identify patient zero—who was infected first— which is an essential first step in stopping the spread of malware. Analysis of this historical data can also be used to evaluate end-user programs previously thought to be safe against the latest threat intelligence, retroactively identify programs now deemed malware and quarantine just those infected devices without a full system scan. As technology continues to evolve it is also reasonable to expect users will be able to dynamically query the cloud to find out if an IP or file has been identified as malicious, if a signature exists and then download it to proactively protect their unique environments.

Just as hackers are accessing all available tools to accomplish their missions, so must we as defenders. Leveraging the inherent strengths of the cloud to enhance security will enable us to more effectively stay ahead of attackers as we fight this relentless and increasingly sophisticated cybersecurity war.

Written By

Marc Solomon is Chief Marketing Officer at ThreatQuotient. He has a strong track record driving growth and building teams for fast growing security companies, resulting in several successful liquidity events. Prior to ThreatQuotient he served as VP of Security Marketing for Cisco following its $2.7 billion acquisition of Sourcefire. While at Sourcefire, Marc served as CMO and SVP of Products. He has also held leadership positions at Fiberlink MaaS360 (acquired by IBM), McAfee (acquired by Intel), Everdream (acquired by Dell), Deloitte Consulting and HP. Marc also serves as an Advisor to a number of technology companies, including Valtix.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...


Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Cloud Security

Orca Security published details on four server-side request forgery (SSRF) vulnerabilities impacting different Azure services.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...