Can a business reliably entrust its most sensitive data and workloads to a cloud service provider without loss of visibility and control?
Need to risk the security of commerce for convenience in a hybrid and multi-cloud environment?
This is the kind of question that comes to mind when you move your assets to the flexibility and decentralized nature of a cloud environment.
As companies turn to the cloud, Diana Kelley, Microsoft's CTO of Cybersecurity in the field, told LaComparacion Middle East that they (the organizations) did not have the same kind of visibility that they had on the site but that does not mean that have no visibility.
Microsoft has two data centers in the United Arab Emirates, one in Abu Dhabi and the other in Dubai.
"You can exploit all the traffic on your network when you are on-premises, but when you switch to the cloud, you are in a shared environment," he said.
With proper planning and cloud partners, he said even the most sensitive assets can be transferred to the cloud safely and reliably without loss of visibility and control.
"We provide organizations with the means to gain visibility into what is happening with their applications and data in the cloud in different ways. One of them is to use Microsoft Graphs and Intelligent Security Graphs. These are trusted APIs for organizations to see their participation in. Cloud.
"Then we will have Azure Security Center, which will take an inventory of the systems that are running on your rental and tell you how many of these are Linux or Windows, what is the patch level and what are the configuration levels," he said. she stated.
Additionally, he said that the Azure Security Center offered additional visibility, such as the Compliance Officer built into Azure and capable of reporting on compliance status. We also have Secure Score, which allows organizations to understand the current ranking of their Azure configuration and compare it to similar organizations in terms of size and protocol. "
But, he said that what is right for one organization is different for other organizations.
"You can get visibility in the cloud, but it's a different model than the one used on the site. In Office 365, you can see who touched the apps and what document in One Drive, who sent the document from and who was accessed, and be it inside or outside. Many reports, audits and tools are currently available, "he said.
Reduce exposure to vulnerabilities
When asked if a company could get 100% visibility, Kelley said it all depends on each use case and that "we work with each organization to make sure we are in good hands." they get the visibility they need. We are constantly improving our solutions to meet the needs of our customers. "
However, he said companies can certainly do a lot to reduce their vulnerability to vulnerabilities and adapt to their situation by running vulnerability tests or running Secure Score to find out where they are and performing multi-factor authentication to locate them. the bar farther for the attacker.
"If you can make your attack very costly, in most cases the hacker will attack the easiest and most flexible targets. We work very hard with organizations to give them an idea of what they can do to deploy safely. Azure Blueprint provides security guidance in Azure and also offers CIS standards that provide organizations with a set of controls that can be defined in Azure to help them stay fit, "he said.
The US company has detailed information on the 6.500 billion security signals that it scans every day to track and analyze vulnerabilities, exploits, malware, unwanted software, and attack group methods and tactics. .
"We were able to intercept all malicious activity on endpoints in milliseconds and lock them in the cloud. There is so much data to think about when we study the use of machine learning (ML) and this has allowed us to increase the precision of our benchmarks to reduce the number of false positives and number of false positives alerts, as well as to focus on the real issues and potentially shocking activities taking place within the organization, "he said.
Machine learning pays off
Kelley said ML is paying off, but one-size-fits-all isn't perfect yet, but it's definitely an essential.
"The threat model and security architecture of the future must be taken into account when we use ML and, similarly, hackers also use ML. As the technology continues to develop and the defenses of the technology will develop as well," he said .
"Machine learning and artificial intelligence," he said, will become an integral part of security strategies.
"We currently have 6,5 liters of data and it is useful to have ML and AI robots as additional advisors to locate the perpetrators, but we strongly believe that ethics will come into play. We also have responsible AI and seven components of ethical AI: justice. , reliability and security, confidentiality and security, inclusion, transparency and responsibility, "he said.
"If we don't think about the ethics of AI, it is very possible that things are skewed." We examine the diversity of teams involved in AI. There are security scientists, but as we design the model, we can engage lawyers, sociologists, and privacy experts and determine the impact on the person protecting them. applications. We take it very seriously, "he said.
Designing artificial intelligence to be trustworthy, he said, presupposes creating solutions that reflect deeply rooted ethical principles in important and timeless values.
Hackers will attack IoT devices
The CTO hopes that attackers will turn more to AI and attack the IoT space.
She said the bad guys are obsessed with data and there is no better source than interconnected IoT devices.
Therefore, he stated that every IoT device must be protected and deployed in a highly secure manner, but it does not mean that it must be protected by a firewall.
The nice thing about the cloud, he says, is that organizations can see the business around the world. "Instead of an attacker discovering a technique that works in one country, and then deploying it in multiple countries, we can see that malicious techniques and elements and malicious code (malicious code) can do it." send this information around the world very quickly, "he said.
The cloud is a big part of the "security wisdom" about the attack techniques that are happening and can find the culprits before they do much damage, he added.