According to a recent survey by 451 Research, 41% of enterprise workloads are currently running in the cloud. By mid-2018, that’s expected to increase to 60%. On the whole, cloud security has kept pace with the rapid rate on which enterprise’s dependence on the cloud has grown. However, there is one very significant area where it has not and that is cloud visibility. According to a SANS Institute survey of 485 IT professionals, lack of visibility into cloud activity is the number one cloud security problem today. Those finding are bolstered by another survey of 1,200 IT decision makers. Not being able to do cloud threat detection doesn’t sit well with security teams.
Filling this cloud visibility gap is not an easy problem to solve. While legacy solutions, which are appliance based and typically deployed at the perimeter of a network, don’t provide complete visibility into network activity within traditional enterprise boundaries, it’s what IT departments have become accustomed to. But even that limited visibility disappears when moving to the cloud. After all, companies are going to be allowed to install their appliances into an IaaS providers’ (e.g., AWS) infrastructure.
And even if that limitation could be set aside, those legacy solutions aren’t architected to work in cloud environments, which come with their own unique challenges. Cloud instances are constantly in flux. New workloads are continually being spun up, moved, and torn down. The elasticity of the cloud means workloads can easily expand as demand grows. That's a lot more network activity. Any solution attempting to fill this visibility gap must therefore be able to monitor and effectively analyze large data sets.
The ProtectWise Grid™ can help. Running on-demand and entirely from the cloud, it performs full-packet capture to create a lasting memory of network activity wherever it occurs - in the cloud, of course, but also within traditional enterprise networks, in hybrid environments, and on industrial controls systems (ICS). The ProtectWise Grid provides cloud threat detection via real time and retrospective security analytics in a rich, innovative visualizer. Using it as their investigative platform, security teams can detect insider threats (e.g., compromised users), perform incident response, and threat hunt.
Join us in a webinar on Tuesday 10 January 2017 where I, along with Kelly Brazil VP of Systems Engineering, will talk through how The ProtectWise Grid can very effectively fill the cloud visibility gap. We’ll present the best practices for getting cloud visibility, describe how to deploy in the cloud and show you a demo of The ProtectWise Grid providing visibility into network activity in the cloud.
Next blog post