Cloud Security and SIEM: Eye in the Sky?

cloud security SIEM

What can solve cloud security woes?

Modern enterprises are experiencing multiple technological revolutions in their workplaces; bring your own devices, Internet of Things, and work from home are just a few examples. But no corporate revolutionary movement is as popular or as widespread as the cloud adoption revolution.

Cloud Adoption: An Uplifting Enterprise Trend?

Last year, experts predicted that 80% of all IT budgets will be committed to cloud solutions this year, and from 2016 to 2017 hybrid cloud adoptions tripled to account for 57% of surveyed enterprises. According to McAfee, these experts weren’t far off. In their recent survey, they found that 97% of enterprises use cloud services, and 83% use these services for storing proprietary data.

Cloud Security: What’s Dragging Us Down?

But cloud security concerns are starting to temper enthusiasm for this movement. McAfee found that 26%—nearly a quarter—of enterprises suffered a cloud data theft. 83% suffered at least one cloud security incident in the past year. 40% of IT professionals told McAfee that cloud security woes are slowing down their cloud adoption efforts.  

But is cloud security a real concern or a phantom of our own making? Technology research firm Gartner firmly stated that 95% of cloud security failures are the customers’ rather than the platform’s fault—and therefore cloud security fears are overstated or misplaced. Gartner predicts that by 2020 public cloud infrastructures will suffer 60% fewer security incidents than traditional data centers; firms that implement appropriate cloud visibility will experience one-third fewer security failures. Instead, the firm more concerned that these worries will push enterprises to make poor platform or purchasing decisions.

Yet that same cloud visibility might be what is tripping up cybersecurity-conscious enterprises. Respondents to McAfee’s survey found that the majority—30%—rank visibility as the biggest cloud security issue. And it should be noted that according to ComparetheCloud.net found 95% of cloud services aren’t ready for the average enterprise’s security needs.

SIEM: Keeping an Eye on the Cloud

Visibility is vital to cybersecurity in general, not just cloud security. The average time taken to detect a data breach in an enterprise’s IT environment is 191 days in 2017. After that, the average time to contain a breach is 66 days. A prolonged dwell time results in more damage financially and to your enterprise’s reputation. The faster a threat on your cloud network is closed, the better.

A lot of the internal cloud security issues can be addressed via identity and access management solutions or identity governance and administration. Encryption and role management tools can help protect your databases from prying or otherwise unauthorized eyes from accessing data not relevant to their positions…and away from external hackers.

But SIEM might be a viable alternative to solving cloud security visibility issues and allowing your enterprise to take that next step in their digital transformation. An SIEM solution centrally collects and logs security data from through your enterprise’s IT environment, including files in the cloud that may otherwise pass unnoticed. SIEM can also normalize and standardize the log formats of the security data collected. This is no small feat, as different cloud platforms will format their cloud security information differently which can make attempting to analyze these logs for incidents a confusing affair. And confusion can lead to longer dwell times.  

In other words, SIEM can provide both traditional visibility and more obscure visibility into potential cloud security incidents. Combined with SIEM’s actionable insights, threat detection, and correlation capabilities, SIEM might be precisely what your enterprise’s cloud security needs. SIEM might carry a reputation as being hard to deploy and manage, but if you are serious about helping your IT security team keep your cloud safe, it’s more than worth a look.

Ben Canner

Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner

Leave a Reply

Your email address will not be published. Required fields are marked *