Image Credit: Bitdefender
As the cyber threat landscape in Southeast Asia is rapidly evolving, organisations are going to great lengths to close security gaps at all levels – all while balancing the need to adopt new technologies that drive growth and efficiency.
In markets like Singapore, this need is particularly driven by high profile data breaches – like the 2018 incident, which exposed the personal data of the 1.5 million people, including the Prime Minister’s medical records. High profile cases like this have underscored the need for companies to address areas that directly impact business continuity and reputation.
One particular area to be addressed is managing multi-cloud security – especially as many organisations in the region tend to “leapfrog” traditional infrastructure and turn to cloud-based solutions. According to the 2024 Cybersecurity Assessment Report, when asked what the biggest challenge is about an organisation’s current security solutions, respondents in Singapore we polled rated extending capabilities across multiple environments (on-premises, cloud, hybrid) as one of their biggest challenges. Other challenges include adhering to data compliance and regulations and having too many cybersecurity solutions to manage.
To address the requirements of managing a multi-cloud environment, organisations should first look towards taking an outcome-focused approach. Being outcome focused means that you are driving impact by addressing the risks that matter to your organisation, taking into consideration your unique profile and constraints.
This approach emphasises achieving specific security goals, such as minimising risks or ensuring compliance, rather than just implementing tools or technologies, prioritizing measurable results that align with the organisation’s overall security objectives.
What are the security gaps in multiple cloud systems?
The transition from a single-cloud environment to multi-cloud poses numerous challenges for technology providers in today’s organisations that use several cloud service providers and are connected to thousands of applications, tools, and APIs.
The sheer complexity that teams face in managing a large and diverse infrastructure may generate, in some cases, an exponential increase in access numbers as organisations scale their cloud usage. At times, this has led to upwards of 40,000 different access permissions across the top three largest cloud providers.
This exponential increase creates a significant number of potential security gaps and makes it difficult for teams to manage technology providers that they are not yet familiar with, as each provider has a different way of configuring compute, databases, network connectivity, and policies.
Threat actors find these positions advantageous when looking to exploit loopholes in an organisation’s approach to security. Companies that fail to adequately invest in proactive security measures such as managed detection and response services (MDR), extended detection and response (XDR) and cloud security posture management (CSPM) solutions are at a higher risk of identifying breaches only after significant damage has occurred.
Stay actionable and outcome-driven
The most important aspect for an organisation when adopting an outcome-focused approach is to be clear and realistic about the desired results.
As an example, for organisations with small teams and large infrastructures, it is simply not realistic to focus on protecting against nation-state attacks. In this case, what matters is understanding the basic level of cybersecurity hygiene and considering the unique needs of the organisation.
– Raphael Peyret, Director of Product Management, Cloud Security at Bitdefender
For some companies, this will be obtaining an independent certification such as SOC2 or ISO27001 to support large enterprise deals, while for others it could be protection against an industry-specific threat.
Not being outcome-focused on your security approach leads to two different scenarios that we regularly see. The first one is when security investment has been lacking as the organisation doesn’t have a clear picture of what impact they will get from security investments.
One practical example I can share is of an organisation that got their cloud environments breached due to a lack of security hygiene. They failed to detect this data breach until they were notified by a third party that some confidential data appeared on the dark web.
After that incident, they aligned on a set of outcomes that mattered to them and invested heavily into security to reach them. In this specific case, it was by setting internal objectives for the minimum CIS benchmark score of all their environments.
Another scenario is when organisations have invested into security, but without a clear strategy in place with measurable outcomes. So, the effort put doesn’t translate to the expected impact to businesses. One relatively common instance we see of this is organisations buying tools that their teams were not able to use either from lack of training or time. This resulted in expensive investments that were never used.
Focus on building your core infrastructure
Many organisations do not have the know-how or the need to manage the full level of granularity and customisation available in a cloud service provider (CSP) operating model.
Technology providers help develop the security strategy by working with the CSPs to provide solutions that are better tailored to specific needs and resources. Organisations that fit a specific profile will be less complex to manage with these more tailored solutions.
While CSPs typically provide the building blocks, others can offer pre-built solutions based on those existent assets that allow organisations to build and deploy their applications without starting from scratch.
Cloud technology providers work with CSPs and private data centres, where customers already have a presence, to solve an organisation’s specific security challenge.
However, the effective use of these building blocks requires considerable expertise and effort. Therefore, rather than focusing solely on the implementation of specific tools, technologies, or compliance measures, a specific and measurable security outcome can ensure that cybersecurity efforts are directly aligned with an organisation’s broader goals and risk management strategies.
It is important to remember that cloud transformation is a long journey. Obstacles to an organisation’s digital transformation can be overcome when breaking down the cloud security strategy into manageable pieces. This way, the teams working on the process are able to set milestones to assess and quantify the impact on the business.
Raphael Peyret is Director of Product Management, Cloud Security at Bitdefender.