By Sanjay Raja, CMO Lumeta
According to the Cisco 2017 Midyear Cybersecurity Report, cloud deployments are severely lacking when it comes to offering the same levels of security as on-premise. I doubt that comes as surprise to anyone, but in the report, Cisco provides data points that show that malicious actors are starting to take advantage of and are increasingly compromising cloud infrastructure due to the inherent lack of visibility and real-time security monitoring. The Cisco MDR report describes an increase in attacks by adversaries that recognize they can infiltrate connected systems faster by breaching cloud systems. These adversaries are also finding that enterprises are becoming more comfortable with using cloud systems to support "mission-critical" data despite the security risks.
Fundamental Challenges to Securing the Cloud
In a 2017 Gigamon (a Lumeta Integration Partner) survey, 67 percent of respondents cited network "blind spots" as a major obstacle to effective data protection while 50 percent of those who do not have complete visibility of their network, reported that they lacked sufficient information to identify threats. Furthermore, 48 percent of respondents who do not have complete visibility over their network report they do not possess information on what is being encrypted in the network.
Today’s security and analytics tools with capabilities that fall short when it comes to security monitoring and visibility are completely missing things on the network that need to be secured. This is only exacerbated when they are deployed in cloud environments. Most enterprises and government agencies have a security stack of multiple solutions, using different inspection methods to find advanced threats. Even in combination none of these solutions are suited for the cloud for several reasons, not least of which is their inability to obtain a complete level of visibility, which is critical for any sort of security analytics to be effective.
In the Cisco MDR, they also point to how ransomware continues to be the fastest growing attack scenario as malicious actors focus on revenue versus just theft. "The breadth and depth of recent ransomware attacks alone demonstrate how adept adversaries are at exploiting security gaps and vulnerabilities across devices and networks for maximum impact," the report says. Cloud infrastructure provides a faster and easier way to be successful with an initial compromise, resulting in attackers targeting those environments with ransomware more actively.
Extending Cyber Situational Awareness into the Cloud
Cloud adoption is obviously only going to increase. We know this, which is why we’ve evolved Lumeta’s patented approach to create Cyber Situational Awareness for enterprises and cloud providers. Lumeta Spectre is the first solution that gives organizations full real-time visibility into the entire end-to-end infrastructure, even as it stretches into the cloud, while also monitoring for dynamic changes in real-time. Cyber Situational Awareness is achieved as we marry unique real-time network context with security threat intelligence to detect threats and potential breach activity all the way to the endpoint.
Even better, Lumeta Spectre can perform monitoring for breach detection activity that is being obfuscated using encryption since it doesn’t rely on cracking open packets. Why is that important? Lumeta provides an early warning for malicious activity even if an attacker tries to hide it from traditional security solutions.
Lumeta Spectre finds over 40% of your unknown, rogue and shadow IT infrastructure, but also monitors in real-time by using passive and active listening techniques. Lumeta is also included in the Cisco Midyear Cyber-security Report, to learn more go to http://www.lumeta.com/resources/blog/lumeta-is-a-key-contributor-cisco-2017-midyear-cyber-security-report/. To learn more about Lumeta Spectre, go to http://www.lumeta.com/products/spectre/ or contact us for more info at firstname.lastname@example.org.