Cloud computing has seen multiple iterations since its inception in the 1960s and has empowered modern day enterprises, becoming integral to operations and how solutions are delivered. While the development of cloud computing spanned the last sixty odd years, at what point in time did businesses start factoring in its security?
This post examines a timeline of contributing factors that have led to the security issues many hybrid and cloud-based organizations are facing today. While attacks on the growing cloud surface will continue to evolve, organizations can learn how to put up the right defenses to start safeguarding one of the most business-critical platforms in use today.
How Cloud Computing Came to Be
Slowly entering a post-pandemic world, more businesses than ever are making the move from solely on-prem environments to either cloud or hybrid ones. Use of the cloud is unprecedented and our reliance on it has become a lucrative target for opportunistic attackers.
While cloud computing is seemingly ubiquitous now, its precursor dates back to the 1950s and 60s. Of military origins, a mainframe was first developed to connect computer terminals across an internal matrix to lower the cost of buying and maintaining individual terminals. Developing a technology to provide shared access to a single resource became the ancestor of cloud computing as a technical concept.
The 1970s saw many more advancements in operating systems, storage, and networking. By this time, multiple operating systems could be run in an isolated environment, changing the way operators interacted with data. Moving away from punch cards and teletype printers, they could interact with screen terminals that connected to the mainframe computer for a dedicated network.
By the 1990s, the adoption for non-local storage technology exploded in line with the arrival of the World Wide Web. Huge (by then standards) numbers of personal computers were connected, technology became more widely affordable, and companies began to offer applications over the internet, paving the way for the inception of Software-as-a-service (SaaS), Platform-as-a-Service (PaaS), and Infrastructure-as-a-Service (IaaS).
Though available bandwidth was paltry at first, businesses began to embrace the web and the infrastructure hosting industry was born. The need for data centers boomed and many businesses began to rely on shared hosting and dedicated servers to run their operations. In the 90s, the term “cloud” was used to describe this new, virtual environment and a race was about to begin between technology giants such as Google, Microsoft, and Amazon.
The Tech Giants Enter the Race
In the early 2000s, everyone was accessing the cloud, including governments, financial institutions, healthcare providers, and more. This was the cultural shift that catalyzed a tech-giant arms race with the end goal of gaining more market share in the cloud provider space.
First to hit the scene was Amazon Web Services (AWS) with the launch of their public cloud in 2002. The public cloud was a boon to a generation of small to mid-sized businesses, alleviating their burdens of costly server maintenance and upfront investments on hardware computing resources while helping them solve issues of efficiency and scalability.
The emerging success of AWS spurred Microsoft and Google into action. Google responded by launching Google Docs services, and later, Microsoft with their Azure infrastructure and Office 365 packages. Every tech giant brought unique offerings to the table and each continued in the race to become the new standard for cloud services.
The Afterthought: What About Security?
Security became an afterthought in the race to develop new features and claim space in the cloud provider market, most clearly demonstrated by the sheer volume and only-increasing severity of cyberattacks on the cloud surface.
Features that make cloud services beneficial to businesses are the same features that are often targeted for malicious use by threat actors. Cloud services, while offering significant advances in scaling and efficiency, are particularly susceptible to misconfigurations, insider threats, supply chain attacks, and Active Directory-related weaknesses. Consider the following statistics from the 2022 Thales Cloud Security Report:
- Multi-cloud adoption has accelerated with 72% of organizations using multiple IaaS providers versus the 57% recorded in 2021.
- Almost two-third of businesses store up to 66% of their company’s critical data in their cloud.
- 45% of businesses have experienced a cloud-based data breach in the past 12 months, increasing from 40% the year before.
- 51% of IT professions share common concerns about the increasing complexity of cloud services and agree that it is more complex to manage privacy and data protection in the cloud.
While businesses and end users benefitted from the tech giant’s race to become the new cloud provider standard, threat actors noted the increasing popularity and reliance on this technology and began to capitalize on it. Each of the tech giants had claimed that their cloud products were secure while, in reality, they were still trying to solve the problem as it came. Microsoft later began to push their Azure Sentinel services, Amazon AWS acquired a number of security firms, and Google launched Chronicle, their security arm which later merged into Google Cloud.
Shared Responsibility and Security in the Cloud
Though each of these tech giants and other cloud service providers have tried their hand at adding cloud security to their product offerings, this approach has introduced major risks to businesses as it narrows everything down to dependance on a single vendor.
Selling productivity, collaboration, and now security has increased the odds in favor of threat actors who need only one successful attack vector to affect all capabilities of the cloud service provider.
Some cloud vendors themselves have recognized that their responsibility for security cannot extend beyond securing their own infrastructure and that cloud customers must take care of securing what they put in the cloud. This model of shared responsibility means cloud customers are responsible for managing the operating systems, application software and utilities on their cloud instances. The cloud customer also must secure the network configuration of each cloud instance as well as the data and assets they store in the cloud.
As more organizations make the shift over to hybrid and cloud environments and understand the need to own the security of their cloud instances, security professionals are looking for more advanced means of keeping their cloud workloads safe from cyber threats. Other than adopting basic cybersecurity best practices, cloud security also encompasses security measures for serverless workloads and Kubernetes, containers, and virtual machines too.
Successful cloud security strategies require professionals to look at their enterprise environment and understand the risks from across all parts of the whole. This is why enterprises are increasingly turning to extended detection and response solutions to secure their clouds.
The Emergence of XDR to Secure the Cloud
Choosing the right security solution for the cloud is a task made up of several parts. The right solution must be easy to manage, scalable, and able to defend against complex and novel cloud-related threats. An end-to-end cloud security solution should fulfill the following key requirements:
- Automated Detection & Response – Threat actors count on one thing most during their attack – time. The more time they have, the higher their rate of success is in meeting their goal. This makes detection and response speed paramount to the defense of an environment. Before actors can establish a foothold and damage the cloud, having a quick detection time makes all the difference.
- Visibility for Assets & Configurations – Clouds are popular with organizations because of their ability to scale up to growing data volumes over time. However, lack of visibility and misconfiguration can leave cloud workloads exposed to potential weaknesses. Having deep visibility in a cloud can help eliminate unnecessary risks and limit the level of exposure.
- Integration with Existing Tech Stack – While infrastructure vendors do hold some responsibility in providing security, many security professionals will introduce a separate security solution to their tech stack for advanced protection. It is vital this security solution is compatible with other tools and software so that data flows seamlessly between all platforms.
The concept of an open XDR (eXtended Detection and Response) platform provides advanced security coverage where traditional single-point solutions do not. Single-point solutions are those that solve only one problem at a time. In contrast, an open XDR platform can integrate existing solutions, analyze incoming data, receive alerts in real-time, and automatically send responses as needed.
A fully-integrated, open XDR leverages the power of artificial intelligence (AI) and machine learning (ML) against threat actors targeting the cloud surface. By interpreting attack signals and autonomously prioritizing alerts and security incidents, AI and ML provides for an adapted response based on the specific characteristics of the attacker. Behavioral AI and ML have the capability to detect unknown cloud-based threats such as zero-day exploits and indicators of compromise that are similar to novel ransomware strains.
Cloud computing has undergone nearly seven decades of transformation. Starting from the first mainframe computers of the 1950s, then accelerating during the race for tech giants to become the next standard in cloud provision, cloud technology is now ever-prevalent in all critical sectors, modern workspaces, and our homes.
Cloud security may have been neglected during the unprecedented advancements of the early 2000s, but it has been driven to the forefront of every cloud-related discussion now. As organizations continue to adopt novel advancements in cloud technologies, security solutions need to be able to evaluate risk across the entire cloud surface as well as any digital entities connected to it.
SentinelOne’s Singularity™ Cloud ensures organizations get the right security in place to continue operating in their cloud infrastructures safely. Contact us today or book a demo to see how we can help improve your cloud defenses and fuse autonomous threat hunting, EDR capability, and security together to fit your business.