What are the Cloud Security Challenges?
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Time
1 hour 27 minutes
Difficulty
Beginner
CEU/CPE
1
Video Transcription
00:00
>> Welcome to the Check Point Jump Start Training series.
00:00
The Check Point CloudGuard is a suite of products and
00:00
solutions that can secure
00:00
your data and virtual networks in the Cloud.
00:00
In this training video series,
00:00
we'll be looking at CloudGuard Posture Management.
00:00
Lesson two, what are the Cloud security challenges?
00:00
In the second lesson, we're going to discuss
00:00
>> specific security challenges that
00:00
>> our customers face when they're
00:00
shifting their assets into the Cloud.
00:00
We're going to discuss how
00:00
CloudGuard solution can address these challenges.
00:00
In Lesson one, we talked about what posture management
00:00
is and why a company
00:00
will need a posture management solution.
00:00
We mentioned that posture management can be
00:00
broken down into four main core tasks.
00:00
Inventory, which is a list of all your assets.
00:00
Visibility, identifying
00:00
where all your assets are located.
00:00
Compliance, how compliant
00:00
are your assets to industry regulations?
00:00
Security, are all your networks and
00:00
links and your perimeter access secure.
00:00
In this video, I'm going to expand and
00:00
discuss these four core tasks a little bit more
00:00
to help us address and understand some of
00:00
the main Cloud security challenges.
00:00
There are many cybersecurity challenges
00:00
in order to keep your Cloud secure.
00:00
Sixty-six percent of our organizations could not
00:00
feel confident about their Cloud security posture.
00:00
So our organizations need
00:00
products and tools that can help secure
00:00
>> their multi-Cloud in a hybrid Cloud environments.
00:00
>> Our organizations need products that can amplify
00:00
visibility and boost clarity in their Cloud assets.
00:00
Out organizations need products to help build
00:00
confidence in their security
00:00
and protection of their data.
00:00
Our organizations need confidence
00:00
that our security solution will be
00:00
able to detect and mitigate any security breaches.
00:00
As mentioned, the Cloud
00:00
introduces many new security challenges.
00:00
Securing Cloud is very different
00:00
from securing a traditional network.
00:00
A security team and
00:00
a security group needs to be continuously
00:00
vigilant and kept informed about
00:00
any changes occurring within the Cloud infrastructure.
00:00
The Cloud is always changing, growing, and expanding.
00:00
However, with
00:00
the dynamic and flexible nature of the Cloud,
00:00
performing all these tasks can be very tricky,
00:00
as well as being time consuming and labor intensive.
00:00
With the dynamic nature of the Cloud,
00:00
it continuously requires assessment and reassessment to
00:00
avoid any misconfigurations and
00:00
to counter any compromises,
00:00
and to stop every compromise,
00:00
and to stop every cybersecurity breach.
00:00
The security of company assets is one of
00:00
the major difficulties involved
00:00
where our organizations connect to the Internet.
00:00
Cyberattacks are continuously on the rise,
00:00
both in frequency and also scope.
00:00
An organization needs to
00:00
protect their most valuable assets,
00:00
their employee data,
00:00
the consumer data, and intellectual property.
00:00
Cyberthreats have not slowed down,
00:00
but on the contrary,
00:00
they have continuously increased in
00:00
their complexity and sophistication.
00:00
With the increase of negative publicity
00:00
>> and in use of data breaches and leaks,
00:00
>> organizations need to have
00:00
the proper controls and measures in
00:00
place or risk losing the customer trust and business.
00:00
Without the proper security frameworks in place,
00:00
organizations are continuously at
00:00
risk to security breaches.
00:00
Organizations need the right tools and
00:00
technologies to empower them
00:00
to guard against cyber criminals.
00:00
Next, let's take a look at
00:00
some key challenges when moving your assets into
00:00
the Cloud and how a posture management
00:00
>> solution addresses these challenges.
00:00
>> Inventory, this refers to
00:00
the counting every Cloud assets.
00:00
Your Cloud inventory,
00:00
when adopting a Cloud strategy,
00:00
many organizations might adopt
00:00
multi-vendor a multi-Cloud ecosystems.
00:00
Having many assets in the Cloud,
00:00
in diverse Cloud providers can be
00:00
a challenge to identify and to track.
00:00
So your posture management solution needs to be able
00:00
to work what multiple Cloud vendors,
00:00
and be able to capture
00:00
all the assets into one centralized location.
00:00
Also remember that not only you or
00:00
your department are creating
00:00
assets or workloads in the Cloud,
00:00
but also the network departments,
00:00
the research departments,
00:00
the development team,
00:00
and the QA team are creating these assets.
00:00
They can be creating them in different Cloud providers,
00:00
in different accounts, in
00:00
different regions across your networks.
00:00
You need a centralized utility to keep track
00:00
of and to identify all your company assets.
00:00
Our organizations not only need
00:00
a tool and solution that is able
00:00
to keep an inventory of
00:00
all your Cloud assets in real-time,
00:00
but with this tool,
00:00
you will need to be able to dig deep into
00:00
each of your assets to examine
00:00
all the necessary details or to
00:00
change any configurations if needed.
00:00
In essence, you need to have one comprehensive index of
00:00
all your Cloud inventory into
00:00
one centralized location in order to keep track,
00:00
identify, and monitor,
00:00
and manage all your Cloud assets.
00:00
Solution, CloudGuard Posture Management
00:00
is a centralized solution.
00:00
Visibility refers to the visualization
00:00
of all your Cloud assets.
00:00
Another concern for any organization that is adopting
00:00
a public Cloud infrastructure is
00:00
the visibility and clarity of all their Cloud assets.
00:00
The more assets you deploy in
00:00
>> the Cloud and multi-Cloud,
00:00
>> the more you increase your attack surface.
00:00
You need the right tools that can help you
00:00
keep track of all your Cloud assets.
00:00
You need the tools to
00:00
identify where your assets are located,
00:00
who created them, and who has access to them,
00:00
and also how have they been configured?
00:00
We need tools not only to be able to access them,
00:00
but also to edit them directly.
00:00
Virtual networks and workloads
00:00
can be configured in minutes.
00:00
Most organizations are spending up
00:00
workloads using scripts and templates,
00:00
and they can delete them just as easily.
00:00
Enterprises need tools and
00:00
solutions that would be just as adaptive
00:00
as the Cloud to keep pace with
00:00
all the rapid dynamic Cloud changes.
00:00
Adaptive visibility equates to adaptive security.
00:00
Adaptive security in the Cloud is a must.
00:00
Any Cloud changes need to continuously updated in
00:00
>> real-time in order to keep a float of security issues.
00:00
>> The centralized visibility helps give you
00:00
the big picture of
00:00
your network to help you prevent threats.
00:00
Solution, CloudGuard Posture Management
00:00
is an adaptive security solution.
00:00
Compliance, another challenge
00:00
that our organizations face is to follow
00:00
industry standards and to keep
00:00
compliance by following security best practices.
00:00
Perhaps your organizations need
00:00
to be industry-compliant and will be
00:00
subjected to an audit to be sure it is
00:00
adhering to all the industry standards.
00:00
Perhaps your organization is
00:00
a medical supplier and you need
00:00
to be HIPAA industry-compliant.
00:00
Or perhaps you're a credit bureau
00:00
and you need to be PCI-compliant.
00:00
How do you meet and pass
00:00
compliance audits across
00:00
multiple Clouds or hybrid Clouds.
00:00
Another challenge that
00:00
our organizations face is liability.
00:00
Our organizations need to make sure that
00:00
not only the company confidential information is
00:00
secure from any intellectual property leakage
00:00
but also that your consumer data is protected.
00:00
A breach to consumer data can leave a company
00:00
liable to find by regulators.
00:00
A leakage in consumer data can
00:00
leave the consumer at risk to identity theft,
00:00
fraudulent credit card activity,
00:00
and so the organization might be obliged by law to
00:00
compensate to consumers with any monetary damages.
00:00
To say nothing off completely
00:00
destroying consumer confidence and our organization.
00:00
Surveys have shown that
00:00
three quarters of consumers have abandoned
00:00
their loyalty to a brand
00:00
after an exposure to a security breach.
00:00
Compliance not only refers to following
00:00
the current security best practices and
00:00
stay up-to-date with
00:00
leading data security and data privacy measures,
00:00
but it also entails following
00:00
regulatory industry standards and
00:00
protections and be compliant
00:00
to federal standards and controls.
00:00
Are we following the laws and
00:00
regulations within our industry?
00:00
If not, why not, and are reliable.
00:00
You can easily run
00:00
audit assessments to make sure whether or
00:00
not we meet or do not
00:00
meet the industry or federal standards.
00:00
We need to be able to
00:00
remediate security and compliance issues automatically.
00:00
Solution, CloudGuard Posture Management is
00:00
a continuously compliant platform.
00:00
>> Security.
00:00
This refers to network security within the Cloud.
00:00
We need to understand the links and
00:00
connection between all the virtual networks,
00:00
the workloads, and applications
00:00
in our Cloud infrastructure.
00:00
We need to understand what traffic
00:00
>> is egressing the Cloud, and what traffic is ingressing.
00:00
>> What protocols, what applications and
00:00
services have been accessed,
00:00
and from where and to where they had been accessed.
00:00
Specifically, we need to know the level of
00:00
exposure that your assets have to the public Internet.
00:00
What workloads are accessible to
00:00
the public and what workloads are internal?
00:00
What workloads are shared and which ones are not,
00:00
and from where and to where are they being
00:00
shared and what services are being allowed?
00:00
We need to continuously
00:00
monitor our Cloud traffic flow to help us
00:00
understand the full context of
00:00
the flow of traffic within the Cloud infrastructure,
00:00
and we need to know this information in real-time.
00:00
Moving your assets into the Cloud requires
00:00
continuous vigilance to make
00:00
sure that there are no compromises.
00:00
Solution, CloudGuard is a real-time security solution.
00:00
Misconfiguration.
00:00
Another top concern and
00:00
the number one cause of
00:00
Cloud breaches is misconfiguration.
00:00
Most security breaches can be traced to
00:00
a misconfiguration, mismanagement, and mistake.
00:00
Misconfiguration can occur due
00:00
to knowledge gaps or due to user error.
00:00
Enterprises data system,
00:00
they can help them identify
00:00
any mistakes or misconfigurations.
00:00
This system also needs to be
00:00
>> automatically self-healing.
00:00
>> Solution, CloudGuard is a self-healing platform.
00:00
As more organizations are
00:00
adopting a multi-Cloud strategy,
00:00
this means that all of these challenges are
00:00
compounded if you're using multiple accounts,
00:00
or multiple Cloud environments with
00:00
multiple regions and multiple availability zones.
00:00
It can be quite a challenge to
00:00
gain full visibility across
00:00
multiple Cloud ecosystems using various
00:00
>> and different Cloud service providers' products.
00:00
>> Using different native Cloud solutions
00:00
is highly problematic to
00:00
operate and it is labor intensive and cost ineffective,
00:00
it is highly complex and
00:00
requires expertise, knowledge, and training.
00:00
Using different clients on different Clouds can be
00:00
complex to manage and difficult to keep track of.
00:00
You need a unified console
00:00
to be able to track your network assets
00:00
and throughput across different accounts
00:00
and amongst many Cloud solutions.
00:00
Your solution must also be
00:00
a comprehensive solution and
00:00
it must be designed to secure
00:00
Cloud server workloads and containers while also
00:00
detecting and managing security and compliance issues.
00:00
Solution, CloudGuard is
00:00
a multi-Cloud comprehensive solution.
00:00
Remediation. Enterprises require a security solution
00:00
that meets all of these challenges
00:00
and many other challenges.
00:00
The ideal Cloud security solution must not only
00:00
address all of these challenges, but many more.
00:00
It must also include many other enhancements and
00:00
improvements in order to make
00:00
your Cloud journey a success.
00:00
The optimal security solution must be
00:00
proactive and not just reactive.
00:00
It should offer automatic remediation,
00:00
it should automatically fix any glitches or mistakes,
00:00
and any other shortcomings.
00:00
Manual remediation is like
00:00
finding a needle in a haystack.
00:00
It is expensive and time-consuming to find and to fix.
00:00
Sometimes it can take hours or
00:00
even days to find and mitigate.
00:00
Manual remediation is reactive,
00:00
which means it might take days before
00:00
administrator notices any issues,
00:00
and by time it might be too late.
00:00
Your Cloud solution should offer automatic remediation.
00:00
It should search for any mistakes or
00:00
misconfigurations and automatically fix
00:00
them in seconds, not days.
00:00
It should be able to detect
00:00
compliance issues and address them instantaneously.
00:00
It should be able to discover
00:00
any unauthorized changes and revert back immediately.
00:00
It should also be able to identify
00:00
any traffic abnormalities and halt them instantly.
00:00
Solution, CloudGuard is a proactive platform.
00:00
That brings us to the end of this lesson.
00:00
Let's take a quick recap before exiting this video.
00:00
In this video, we elaborated more
00:00
on what are some of the key Cloud security challenges
00:00
and how a posture management security solution
00:00
is used to address all of these challenges.
00:00
Specifically, we talked about the following main key
00:00
features that your posture management must address.
00:00
Inventory of your assets,
00:00
visibility of your networks.
00:00
It must enforce compliance and ensure security of
00:00
your workloads and it must detect
00:00
any misconfigurations and support multi-Cloud vendors,
00:00
and also offer automatic remediation.
00:00
Inventory, your posture management solution needs to
00:00
list all of your assets in one centralized location.
00:00
CloudGuard posture management
00:00
>> is a centralized solution.
00:00
>> Visibility, your posture management solution needs to
00:00
view all changes occurring in the Cloud.
00:00
CloudGuard is a posture management adaptive solution.
00:00
Compliance, your posture management solution
00:00
needs to follow industry standards and regulations.
00:00
CloudGuard posture management is
00:00
a continuously compliant platform.
00:00
Security, your posture management solution needs
00:00
to identify how exposed are your Cloud assets.
00:00
CloudGuard posture management is
00:00
a security solution running in real time.
00:00
Misconfiguration,
00:00
your posture management solution needs to
00:00
identify any misconfiguration or
00:00
security gaps and heal them.
00:00
CloudGuard posture management
00:00
>> is a self-healing platform.
00:00
>> Multi-Cloud, your posture management solution
00:00
needs to work with the multiple Cloud providers.
00:00
CloudGuard posture management is
00:00
a multi-Cloud comprehensive solution.
00:00
Remediation, your posture management solution
00:00
needs to fix issues automatically.
00:00
CloudGuard posture management is a proactive platform.
00:00
That brings us to the end of Lesson two.
00:00
In the next lesson,
00:00
we'll discuss how CloudGuard posture management helps
00:00
solve all of these security challenges.
00:00
I will see you there.
Up Next
Instructed By
Similar Content
