We live in a multi-cloud world. Data, applications, and systems now span corporate data centers, colocation cages, multiple clouds, edge locations, and IoT.
In fact, AWS saw sales increase 27% year-over-year to $20.5 billion in Q3 2022 and Equinix, a top colocation data center provider, said total revenues for the full year of 2022 are expected to range between $7.240 and $7.260 billion, a 9% increase over the previous year. But, all of this growth comes at a cost.
“Digital transformation” projects are eating up budgets and forcing teams to continue to evolve; however, many are failing to adapt. With challenges in software development and software supply chain security, SOC teams are faced with an ever-increasing attack surface, many of which are new and perhaps not fully understood and ready for enterprise workloads. Compliance and risk leaders are also struggling to keep up, as many new technologies are still being developed, documented, and understood by regulators and auditors.
However, the need for enterprises to have security policies that meet compliance requirements that span across their infrastructure is particularly important as the attack surface is expanding.
For example, let’s consider an enterprise with an ecommerce site and mobile application backend hosted on Azure in the U.S. and AWS in the EU. The database that drives these applications has direct access to the inventory systems hosted in a corporate data center or colocation facility. It’s a simple example of how applications have very complex architectures today. Hybrid architectures like this have numerous requirements and dependencies to consider, including:
- Compliance with frameworks and regulations like NIST, PCI, and GDPR
- A mix of compute, storage platforms, and network connectivity from Azure to AWS to the corporate WAN, and direct links to the hyperscale clouds
- Geographically dispersed security and operations teams
- Dependencies on hyperscale APIs, logging capabilities, and of course, corporate networks and appliances
- A need to maintain portability and flexibility of deployment models to ensure resilience
- Requirements to automate the scaling needed to accommodate peaks in usage
As teams across software development, security operations, cloud operations, IT, and compliance and risk learn and implement these new technologies, they are adapting to the new reality of the multi-cloud world. They are discovering that every cloud provider has different implementations of even the most basic of functions, logging, and compliance certifications–all of which have massive risk management consequences. Some of the biggest challenges include the following:
- Lack of knowledge: Fast-moving agile software development and deployments are resulting in more misconfiguration and vulnerability incidents.
- Flying blind: Little or no centralized visibility and policy enforcement tools that span deployment models, which is resulting in incident response times that are increasing.
- Exfiltration:Few EDR/DLP resources are available across multi-cloud architectures, adding to gaps or multiple point solutions.
- Consistent frameworks and ability to audit across clouds:Framework examples include PCI, HIPAA, CIS Benchmarks, NERC-CIP, NIST, or GDPR, which do not have consistent methods or clarity across deployments. For example, to prove compliance with PCI DSS 4.0 and the 1.2 Network security controls (NSCs) are configured and maintained consistently across clouds.
While legacy solutions are slowly adapting, there is a whole new generation of platforms that are being designed to solve these challenges. Perhaps this is why security teams are moving away from implementing “Fusion Centers” (combining SOC, IT, and physical security) to a “shift-left” approach (incorporating security into the design and development process). For many teams, it’s out of necessity–as the SolarWinds attack showed us, no software should be trusted–but for most of us, it’s the convergence of these new multi-cloud deployments and the application of changes to the people, process, and technologies to enable us to meet compliance requirements that are holding us back.
If your goals for 2023 include projects to drive better compliance for your multi-cloud architectures, you’ll want to look for solutions that have the following core characteristics:
- Automation for scale: Today’s architectures are ephemeral and can be automated in ways never possible in the hardware and appliance-centric world of the past
- Visibility:Infrastructure and services all have APIs and the massive compute, networking and storage capabilities are driving the growth of new solutions that can take advantage of them and offer an unprecedented amount of visibility
- Automation for response:The security stack is more integrated than ever before, enabling better detection and response across tools
- Collaboration:From software development teams to the SOC, IT, compliance and risk teams, you’ll want to make sure the solutions you select enable all teams to collaborate in real time to ensure compliance policies and security policies are monitored and enforced
All of these changes that the Atomized Network brings to the security, cloud, and IT teams force us to embrace change; perhaps more changes than ever, to network security and our ability to meet compliance requirements. This is exactly why we designed and architected Netography Fusion® to provide scalable, continuous network visibility across the Atomized Network – legacy, on-premises, hybrid, multi-cloud, and edge environments. We are focused on supporting teams that are on the journey to multi-cloud while needing to meet compliance requirements today and tomorrow.
One of our customers, Shannon Ryan, Senior Director, Core Security Services and Architecture, FICO said “In fact, teams in the SOC and our colleagues in cloud operations and risk and compliance agree – with Flow and the visibility and custom alerts and detections we setup in Netography Fusion, we are now able to greatly reduce risks and answer requests for evidence from customer auditors faster than ever before.”