EXPERT SPEAK
PROTECTING MODERN CLOUD PLATFORMS THROUGH REAL TIME VISIBILITY
What is needed to protect the cloud is an incident response plan capable of focusing on cloud-specific risks while also providing coverage for other attack surfaces says Migo Kedem at SentinelOne .
Cloud computing has introduced new security challenges and threats that require enterprises to take a different approach to security , compared to traditional on-premises infrastructure . What is needed in today ’ s digital landscape to protect the cloud is a robust incident response plan capable of focusing on cloud-specific risks while also providing coverage for other major attack surfaces like endpoint and identity .
Modern cloud platforms are dynamic , and internal security teams need to have real time visibility of cloud services and applications to secure them . The sheer volume of data and architecture in the cloud requires incident response teams to be thoroughly familiar with their environment .
A well-defined response plan is critical for effective incident response . This plan should include procedures for responding
Migo Kedem , VP of Growth , SentinelOne to various incidents , such as data breaches , DDoS attacks , and malware infections . It should outline steps to contain the incident , investigate it , and recover from it . And ultimately , it should help businesses recover as quickly as possible should an attack occur .
Here is a recommended approach towards developing a cloud incident response plan :
Risk assessment
Cloud incident response starts with understanding the scope of cloud-based risks . The first step in mastering cloud incident response is to conduct an endto-end , comprehensive risk assessment . This involves identifying potential threats , vulnerabilities , and risks to the cloud environment . The risk assessment should consider data sensitivity , legal requirements , access controls , encryption , network security , and third-party risks .
Infrastructure
Security teams need to understand their cloud infrastructure and know what is in it
A final critical imperative to have in place is a workflow plan that states , which executive is to be informed and when , in the face of an ongoing cloud security incident .
62 www . intelligenttechchannels . com