COMMENT
I
n one recent study, 46% of
organisations said they have a
“problematic shortage” of cyber
security skills – up from 28% just a year
ago. One-third of those respondents
said their biggest gap was with cloud
security specialists,
Modern security teams require a broad
and deep mix of technology skills, ranging
from twists on traditional network and
OS technology all the way to security on
data itself, to address a rapidly evolving
threat landscape. But they also need
“softer” expertise, such as knowledge
of compliance regulations and vendormanagement skills. Driving this dual focus
is the public cloud’s “shared responsibility
model,” in which service providers and
enterprises divvy up various levels of
protection across the IT stack. These
responsibilities – and the requisite skills
– vary depending on the type of public
cloud service.
Security skills
Certain skills are required across all uses of
public cloud. For example, you’ll need inhouse expertise with encryption and data
loss prevention controls for content-rich
cloud applications. Your IT teams need to
know (and track) where your enterprise
data resides in the cloud, what offerings
your cloud service providers offer for
data protection, and most importantly,
how to integrate data protection policies
in the cloud with your own company
policies. On a similar note, your team will
need sophisticated identity and access
management (IAM) and multi-factor
authentication, including tokenisation,
regardless of whether you’re deploying
SaaS, PaaS, IaaS, or a combination of
those services.
For SaaS, your security teams need to
be familiar with the various applications
in use and how to use logging and
monitoring tools to detect security
violations and alert appropriate IT
staff. Post-incident analysis is a critically
important skill for mitigating active
threats and improving your security
posture for future threats.
For PaaS deployments, you will also need
to add skills to ensure that native cloud
applications are being developed with
24
INTELLIGENTCIO
DRIVING THIS DUAL
FOCUS IS THE PUBLIC
CLOUD’S “SHARED
RESPONSIBILITY
MODEL,” IN WHICH
SERVICE PROVIDERS
AND ENTERPRISES
DIVVY UP VARIOUS
LEVELS OF PROTECTION
ACROSS THE IT
STACK. THESE
RESPONSIBILITIES –
AND THE REQUISITE
SKILLS – VARY
DEPENDING ON THE
TYPE OF PUBLIC CLOUD
SERVICE
RAJ SAMANI, CHIEF
TECHNOLOGY OFFICER, EMEA,
INTEL SECURITY GROUP
security built in at the API level. Adoption
of open security APIs can help to bridge
the gaps among proprietary cloud
environments.
For IaaS environments, the ability to
provision software-defined infrastructure
carries the need for highly technical
security professionals who can create
policies for server, storage, and network
security on AWS or other platforms. These
skills include the ability to monitor usage
of compute, storage, networking, and
database services, as well as the ability to
manage security incidents identified in
the cloud platform you’re using.
Audit and compliance skills
Many of the softer skills needed for
cloud success stem from the need for
organisations to gain more visibility into
hybrid environments that are becoming
more complex as SaaS, PaaS, and IaaS
services are cobbled together with each
other and private clouds.
Audit rights can be built into a service
level agreement (SLA) as a way to
make sure the provider complies with
corporate security policies and industry
or government regulations. This is
one reason why the ability to develop
comprehensive SLAs with service providers
is an increasingly important skill. IT and
security teams will need to work together
to negotiate terms that provide maximum
protection and visibility into third-party
services, to ensure that data, applications,
and other components of your cloud
environment are secure and compliant.
In addition to formal audits, security
professionals require skills (and tools)
for continuously monitoring compliance
and threats across SaaS, PaaS, and IaaS
deployments in two key areas: threats
and applications. S tarting with threats,
achieving (or maintaining) visibility to
specific threats across these environments
so your organisation has a full view of
attacks is critical. That visibility needs to
extend across endpoint, infrastructure,
and network elements in order to
recognise and respond to coordinated,
multi-angle attacks.
Second, application security experience
with cloud access security brokers (CASBs)
will help security professionals increase
the visibility into user behaviour and their
needs across public cloud service providers.
That said, we see convergence between
the need for application visibility,
threat visibility, and data security for
SaaS applications, so look for skills
that bridge those three areas as you
build an organisation for the future.
The same need for a blended skill set
will increasingly be true as threat and
application needs converge.
Organisations in highly regulated
industries also need to devote resources
to tracking how third-party providers
www.intelligentcio.com