Verizon security recently published a white paper titled “CISO’s Guide to Cloud Security: What to know and what to ask before you buy” that points out five steps to help decision making on purchasing Cloud products and services. For each step, the white paper also provides recommendations to consider. This is a summary of this white paper.
Step 1: Assess your situation
According to Forrester research, 28% of enterprises have already moved to public Cloud, 44% are actively building private clouds. When you assess your situation, consider:
- Where are you in the process of migrating to Cloud
- What is your Cloud strategy? Cloud-first or Cloud-only?
- Is this right time for you to move to Cloud?
- Are you ready to move to Cloud?
Step 2: Define your requirements
To make sound decisions, defining security requirements and making sure the selected Cloud platform meets these requirements is essential. Following are recommendations from this white paper.
- Scalability – Will the Cloud solution grow as your needs grow?
- Extensibility – Does the platform offers APIs and other means to extend it?
- Automation – Will you be able to automate routine security tasks in the Cloud?
- Intelligence – Can you get contextual information for analysts and threat hunters?
- Ease of Use – Is the user interface easy to use?
Step 3: Identify Use Cases
Legacy products may not be effective in Cloud environment. Adding new products for Cloud may not a good idea either. The recommendation is to identify use cases and consider the following:
- IDS/IPS – Consider products that provide machine learning, full packet capture capability, passive visibility and help in investigations.
- SIEM and Analytics – Consider capability in terms of your requirements mentioned in step 2 and support of new types of logs including IoT and support for 5G.
- Incident Response – Responding to Cloud incidents brings new challenges in terms of visibility and ownership.
- Threat Hunting – Consider speed, visualization, contextual data and packet capture capability.
Step 4: Define Success Metrics
How would you prove success of any Cloud security product or service? Consider building success metrics and dashboard with the following in mind:
- Reduction in false alarms
- Improvement in threat detection
- Reduction in time for detection, deployment and dwell time
- Increase in visibility and network coverage
Step 5: Evaluate your options
The white papers provides a sample table for evaluating different solutions that you can modify based upon your needs defined in steps 2 to 4 above.
When it comes to making purchase decisions for Cloud security products and services, this white paper provides a systematic approach for planning, evaluation, and decision making. The approach is not limited to a particular product or service and can be applied universally to any Cloud solution.
References
Verizon White Paper on CISO’s guide for moving to Cloud – https://enterprise.verizon.com/resources/whitepapers/cisos-guide-to-cloud-security-final.pdf