Security teams need to change their approach in order to be successful in the AWS Cloud.
Sure the controls you’re using are similar but their application is very different in a cloud environment. The same goes for hows teams interact as they embrace cloud technologies and techniques. The concept of DevOps is quickly becoming DevSecOps which is leading to strong security practices built directly into the fabric of cloud workloads.
When embraced, this shift can result in a lot of positive change.
Teams Level Up
With security built into the fabric of a deployment, the integration of technologies will have a direct impact on your teams. Silo-ed teams are ineffective. The transition to the cloud (or to a cloud mindset) is a great opportunity to break those silos down.
There’s a hidden benefit that comes with the shift in team structure as well.
Working hand-in-hand with other teams instead of a “gate keeper” role means that your security team is now spending more time helping the next business initiative instead of racing to put out fires all the time.
Security is always better when it’s not “bolted on” and embracing this approach typically means that the overall noise of false positives and lack of context is greatly reduced. The result is a security team that’s no longer combing through log files 24/7 and other security drudge work.
The shift to a DevSecOps culture lets your teams focus on the tasks they are better at.
Resiliency
The changes continue to pay off as your security team can now start to focus more on information security’s ignored little brother, “availability”.
Information security has three primary goals; confidentiality, integrity, and availability.
The easy way to relate these goals is that security works to ensure that only the people you want (confidentiality) get the correct data (integrity) when they need it (availability).
And while we spend a lot of time worrying and talking about confidentiality and integrity, we often ignore availability typically letting other teams address this requirement.
Now with the functionality available in the AWS Cloud we can actually use aspects of availability to increase our security.
Leveraging features like Amazon SNS, AWS Lambda, and Auto Scaling, we can build automated response scenarios. This “continuos response” is one of the first steps to creating self-healing workloads.
When you start to automate the security layer in an environment where everything is accessible via an API some very exciting possibilities open up.
Learn More
Trend Micro is a diamond sponsor at this year’s AWS re:Invent (6—9-Oct–2015) and we’re hosting two talks that speak to some of the areas.
DVO206, “Lessons from a CISO: How to Securely Scale Teams, Workloads, and Budgets”, highlights the lessons that Infor has learned moving to the AWS Cloud. This breakout session features Jim Hoover, CISO, Infor along with Matt Yanchyshyn from AWS with our very own Adam Boyle.
You’ll not only hear about Jim’s experience but also how that experience ties into larger trends that AWS is seeing with it’s largest customers.
Our other session is DVO207, “Defending Your Workloads Against the Next Zero Day”. In this talk, I’ll (Mark Nunnikhoven) be looking at how you can increase the security and availability of your deployment in the AWS Cloud.
Specifically, we’ll be looking at how to combine key AWS features with other security controls to increase the resiliency of your workloads.
Both sessions are geared toward giving you some concrete advice that you can use to improve your teams and the security of your workloads immediately. They are both a worthwhile addition to your re:Invent schedule.
If you’re at the show, make sure to stop by booth 1004 to say hi. If you’re watching from afar, I’d love to hear from you on Twitter where I’m @marknca.
