Cloud security team structure and roles

Cybersecurity is a hot topic, as security threats continue to evolve. Today we discuss the cloud security team structure and roles, along with 5 critical features for cloud security.

  • The first computer virus was the creeper virus discovered in 1971
  • The Massachusetts Institute of Technology (MIT) received a patent for the first cybersecurity solution back in 1983 — an encrypted computer communications system
  • Millions of household computers were infected with viruses in the 1990s, forming botnets. This problem is not solved until now, as people don’t want to buy proprietary software and install paid-for antivirus systems — and keep getting infected with viruses through cracked .exe files, malware and in other ways.
  • The first DefCon focused on cybersecurity was held in 1993
  • Anonymous, the first well-known hacker group as formed in 2003. They still crack proprietary software and games for free and have made several disk protection systems like Starforce completely obsolete
  • An infamous Target breach took place in 2013 when 40 million of customer credit and debit card records were stolen
  • Hackers breached Yahoo in 2016. Twice. They stole more than 500 million customer accounts. Yahoo was sold to Verizon and is pretty much dead now.
  • The Petya and Not-Petya ransomware attack struck in 2016, encrypting hard drives of Windows-based computers and causing dozens of billions of dollars in operational losses. The sad part is, the ransomware used the backdoor that was closed by Windows security fix released half a year earlier — but who has time for those pesky Windows updates, amirite?
  • The ill-fated Equifax security breach of 2017 resulted in disclosing personal information of more than 147 million US citizens
  • The European Union implemented the GDPR in 2018, aiming to improve customer data protection policies and procedures and fight spam.

The goal of building security on cloud systems

Types of cloud security threats

  • Malware — malicious software where harmful components are disguised as legitimate files. This includes various kinds of viruses, spyware, Trojans, worms, etc.
  • Ransomware — a malware type that operates by locking the victim’s system files under the encryption and demanding payments to unlock them
  • Social engineering — using social relations to gain the trust of a victim and force it to provide access to confidential information
  • Phishing — a technique of sending emails resembling credible messages, but containing links that infect your computer with malware and try to steal your credit card details or banking account login information.
  • USB sticks, micro SD cards and other portable data storage devices
  • browser extensions of unclear origin
  • infected websites
  • unused social media accounts
  • malicious advertisements
  • online tests, quizzes and personality questionnaires (yes, you would be surprised how many people want to know what type of bread they were last year and get their PC infected)

Cloud security components

  • Application security — shift to the left all the security checks during the application development lifecycle to ensure a malicious code will not be able to force your apps to misuse some sensitive data
  • Information security also dubbed infosec — implementation of data protection practices and policies that work regardless of whether the data is stored or actively used, or how it is transmitted or formatted
  • Operational security or DevSecOps — implementation of stringent data security workflows to ensure tight control over critical business processes and define the protocols of providing access to them. It is also intertwined with infosec and application security, as DevOps covers all aspects of your IT operations
  • Network security — implementing watertight network security policies to ensure timely detection, response and prevention to various threats using specialized applications and expert cloud security IT services
  • Business continuity or disaster recovery planning — design, implementation and testing of the scenarios to quickly resume or maintain business-critical system functions during or after a disaster (like a DDoS attack)
  • Employee education — constant training and periodic checks of cybersecurity prevention procedures and workflows; full ban of BYOD practices.

7 critical features for cloud security

  1. In-depth understanding of software development and code. It is vital to have someone on the team who has ample experience with coding. This way, even if you outsource your software development to a reputable dedicated software engineering team (like the ones provided by IT Svit), your security team will be able to control the quality and security of the code they deliver.
  2. Threat identification — when a software engineer has worked in this field for some time, he or she can identify potential security threats before they bring disastrous results and work on removing them proactively and minimizing the potential attack exposure surface
  3. Breach detection — it is crucial to be able to detect the intrusions quickly and either stop them or limit their destructive potential by quickly enabling countermeasures to mitigate the danger
  4. Incident recovery — once the incident took place, it is important to restore normal system operations as quickly as possible, so your cloud security team should have automated procedures for backup and recovery in place
  5. Weak links audit and removal — each chain is only as strong as its weakest link. Your cloud security team should regularly perform system security audits, identify potential security threats and deploy the solutions for them
  6. Big Data analytics — server logs are goldmines of useful data on cloud security, but processing raw logs in real-time manually is an impossible task. You should have access to Big Data analytics expertise to design and manage a system able to capture all the wealth of data produced by your IT infrastructure, identify normal operational patterns and provide timely smart alerts on the pattern breaches. The very same system will also help minimize your operational expenses by conserving cloud computing resources, so it will be a worthy investment from many aspects
  7. Communication and collaboration — regardless of the level of their hard skills, your cloud security IT team members must be able to communicate their requests and suggestions to other team members in a way that elicits collaboration. Otherwise, they will not be able to emphasize the necessity of some hard decisions, which might lead to a disaster in the future.

Cloud security team structure, size and roles

  • CISO or Chief Information Security Officer — a C-level executive responsible for analyzing the current and future cloud security demands and designing a company security strategy and roadmap, as well as overseeing the operations of your cloud security IT team and enforcing the required changes across the organization.
  • Cloud security architect — the head of the team, responsible for designing and implementing the security workflows, incident response scenarios, guidelines and policies. As this position requires both technical background and understanding of the business processes, this is a key role in ensuring the cloud security processes remain aligned with the general business growth strategy.
  • Security engineer — a person responsible for handling daily security operations and monitoring the performance of your IT infrastructure
  • Security auditor or penetration tester — this is a very important role for enabling constant optimization of your cybersecurity routine, as this professional tries to bypass your defenses as a real hacker would, thus detecting possible exploits, so the team can react and remove them proactively.

Applying AI in cybersecurity

Conclusions: hiring a cloud security expertise is a must for any business

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store