Digital and cloud transformation initiatives are enabling organizations to adapt to changing business needs more quickly. While leveraging the benefits of 24x7x365 services and modern architectures, enterprises are expecting the cloud to enable the agility to quickly adapt to its future needs, avoid service disruptions, secure their data and workloads against cyber threats, and support demanding regulatory compliance requirements.
According to Wipro’s State of Cybersecurity Report 2020, 52% of the respondents prioritized scaling up secure cloud migrations during the COVID-19 crisis, while 87% stated they would continue to scale up secure cloud migrations after the COVID-19 crisis.
Cloud adoption is transforming the way enterprises leverage data and deploy applications: maintaining a consistently compliant security posture throughout the transformation is a high priority.
The Shared Responsibility Model states that AWS is responsible for security of the underlying cloud infrastructure such as compute, storage, database, and networking components. Customers are responsible for the security in the cloud such as its data, applications, operating systems, and client-side and server-side data and network traffic.
According to Wipro’s State of Cybersecurity Report 2020, 48% of organizations still consider cloud hosting risk among one of the top cyber risks.
Cloud security challenges
With the agility of the cloud, enterprises are able to accelerate the go-to-market time for their solutions, rapidly iterate on its existing offerings, and adopt new technologies with ease. With this advanced technology available to threat actors as well, cyber threats are becoming more sophisticated and intense.
Increased development and adoption of SaaS-based applications by enterprises is also opening up new threat vectors in the cloud. These, like other customer-facing workloads, are often targets of threat actors looking to exploit vulnerabilities, misconfigurations, or inadequate access control management in the front-end systems in an attempt to access more sensitive back-end systems or data.
Data breaches are among the most damaging threats that can cause severe reputational damage, loss of intellectual property (IP), and have financial impact. The complexity of AWS- based security controls and services combined with the increased speed and agility of the cloud can result in misconfigurations, which open threat vectors ready to be exploited by state or non-state actors.
User identity has become the new security perimeter. According to Wipro’s State of Cybersecurity Report 2020 -
- 95% of all identities are grossly over-provisioned.
- These identities often use less than 10% of the permissions granted to perform their daily tasks.
- 50% of these permissions can be classified as high-risk with the ability to cause catastrophic damage, if used improperly.
- 23% of responding organizations consider privilege escalations on cloud infrastructure to be among the top IT security challenges experienced during the pandemic.
Cybercriminals are actively attempting to breach the corporate perimeter by stealing user credentials, and based on the findings of our report, there is a high likelihood that a user credential is overprovisioned and could lead to lateral movement within the enterprise or gain privilege escalation to gain access to sensitive data and resources.
Additionally, lack of adequate rotation of cryptographic keys, passwords, and certificates provides a broader attack surface to cybercriminals. It’s also a good time to recall that a significant number of attacks are perpetrated by internal threat actors, and these attacks aren’t always malicious in nature. Overly broad access to sensitive systems or data exposes the enterprise to potential accidental deletion or modification.
Phishing attempts target not just senior executives and IT staff; accessing a junior-level employee account could lead to privilege escalation, access to data, and lateral movement within the network.
A vast assortment of AWS native and third party security tools and controls are available to meet the security requirements and compliance needs (regulatory and non-regularity). Often, the complexity of these integrated solutions results in the inability to get a holistic view of potential security vulnerabilities and risks in the AWS environment, which leads to security crevices and opens the enterprise to potential risk.
Managed security services for AWS Cloud
According to Gartner, through 2025, 99% of cloud security failures will be attributed to the customers.
While businesses and enterprises are leveraging the power of cloud computing, it is good to remember that “with great power comes great responsibility”. Successful enterprises are resorting to best-in-class cybersecurity services to address the ever-changing threat landscape through service providers who evolve, innovate, and deliver against these cyber risks.
Wipro provides 24/7 fully managed security service through its AWS security experts spanning across identity, infrastructure, data, security monitoring and analytics, GRC, and application security.
Vulnerability Management as a Service offers complete lifecycle management of vulnerabilities including scanning, categorization (based on customer environment), and remediation coordination with appropriate company stakeholders. Built on calculation of risk for complete AWS environment, the service offers complete contextualization of vulnerabilities and impact probability specific to the enterprise’s assets. It enables the business to discover and remediate active threats against global IT assets.
Cloud service usage, best practices, and compliance
Delivered through Wipro’s IP, Cloud Application Risk Governance (CARG) brings operational efficiency by breaking complexities and providing powerful visibility into cloud application compliance. It monitors security controls for applications on a continuous basis and provides a dynamic application risk view for business and technical stakeholders. It provides visibility into cloud misconfigurations and its potential impact on application risk.
Threat detection and response
Threat detection and response empowers cyber defense which strengthens business resilience by providing incident detection, analysis and reporting, and integrated cyber threat intelligence in AWS. The service provides near real-time alerting of critical attack indicator, analytical correlation of indicators to detect advanced threats/attacks, rapid security incident escalation and reporting and security incident kill-chain and causal analysis.
Wipro’s network security services provide security across the enterprise access, perimeter defence and internet security. Services include managed AWS network ACLs, IPS, DDoS, and third party solutions to ensure cloud compliance, configuration and baseline compliance, coverage of security controls, and access authorization.
Host and endpoint security
Managed detection and response for AWS based endpoints services offer incident data investigation, detection of suspicious activity, threat hunting, data exploration and stopping malicious activity. Services also offer continuous and comprehensive workload monitoring, including container visibility, ensuring stealthy attacks can be stopped and defence against threats from malware to the most sophisticated attacks.
Managed WAF services addresses the OWASP top 10 web application security risks. It offers protection against HTTP application attacks by filtering out threats that could be detrimental to AWS based workloads and data. Secures web and private subnets instances with deep packet inspection and helps prevent cyber-attacks and network vulnerabilities.
If you are interested in learning how Wipro is helping our clients achieve their vision of AWS cloud security, connect with us.