Concern about security has often topped the list of reasons IT leaders give for not moving more aggressively into the cloud. But as those concerns wane and one of the biggest IT security events of the year approaches, experts are starting to ask whether the cloud, far from being more vulnerable to attacks than traditional environments, could in fact prove to be a hacker’s greatest nemesis.
“I think we’ve moved as a profession beyond the idea that oh, my God, the cloud is something to be feared, something to be avoided, etc., and instead it’s just part and parcel of how we do business today,” argued Kim Jones, a longtime cybersecurity professional and professor at Arizona State University. “What I don’t think we’ve necessarily done is truly look at some of the value proposition that the cloud affords us in terms of defending our networks and whoopin’ up on bad guys.”
Jones, speaking during a webinar previewing RSA Conference 2019, an event that will draw tens of thousands of IT professionals to San Francisco beginning March 4, said that the cloud’s “ephemeral nature” offers a crucial advantage to organizations in keeping their networks safe. But organizations have to do more to take advantage of it.
An Idea for Reducing Hackers’ Dwell Time
“We keep hearing that it’s easy to stand up and tear down environments in the cloud and expand and retract scale,” he said. “But have we truly stopped and said, wait a second, if the cloud is truly that ephemeral in nature, are there things we can do to make it harder for the bad guy to not only get a foothold but to also maintain a foothold? If I can set up and tear down servers and rebuild accordingly, why isn’t it harder for the bad guy to grab hold within my environment and stay, if I’m truly taking advantage of the cloud?”
On the “very radical fringe of that,” Jones wondered whether organizations should plan to rebuild cloud environments routinely as a cloud security best practice. “If you tear down and rebuild cloud environments every 30 days or so, haven’t you limited the window of opportunity for a bad guy to damage your environment?”
AI, Machine Learning, Blockchain and More on Tap at RSA 2019
Attendees of RSA Conference 2019 will hear from experts on the latest threats to cloud, on-premises and hybrid environments, data center optimization, DevOps, endpoint security and much more. They’ll also get to interact with virtually every major technology company, as well as dozens of small and startup cybersecurity firms, to learn about the latest security solutions, including those that take advantage of machine learning, artificial intelligence and blockchain.
Marquee speakers include Nathaniel Gleicher, Facebook’s head of cybersecurity policy; Del Harvey, vice president of trust and safety for Twitter; Palo Alto Networks CEO Nikesh Arora; political strategists Donna Brazile and Mary Matalin; and actress and producer Tina Fey.