FINAL WORD

Jess Abell

In this interview with Intelligent CIO ’ s Jess Abell , Neil Thacker , EMEA and LATAM CISO for Netskope , highlights why traditional network security architecture is no longer fit for purpose , as well as why organisations should consider adopting a Security Service Edge ( SSE ) approach .

In this cloud era , most organisations ’ workforces are more dispersed than ever , as well as the applications they ’ re using and , of course , the data . The apps and data we use are no longer on an asset or server that we own within our data centre .

The challenge for most organisations is that connecting employees through a corporate network and back out to the cloud continually shows a diminishing return – and adds a level of risk while increasing friction and complexity . We ’ ve seen organisations look to move their network and security controls to the Edge – a virtual interconnectivity platform between a device and the services that are being consumed , with the goal to provide quick and efficient access to services wherever an employee is .

Organisations that are having to steer employees back through a data centre , multiple silos or products to apply security or network controls are thinking about their existing network and security architecture not being fit for the cloud era .

How have attacker techniques evolved to the cloud ?

Identifying misconfigurations in cloud is one of the top threats security teams face . Attackers know that if they can compromise a misconfigured cloud instance , they can not only access data but also use the cloud as a proxy for further access into the organisation . If you gain access to one cloud application or piece of infrastructure and you can get access to APIs , those keys may allow the attacker to move across multiple cloud environments Another aspect is phishing , which is still common . We ’ ve seen attackers are moving to host their phishing pages on known and well trusted cloud applications .

82 INTELLIGENTCIO MIDDLE EAST www . intelligentcio . com