Security professionals with cloud skills are like needle in a haystack.
The lack of skilled cybersecurity professionals, especially for cloud environments, may represent an existential crisis to our fledgling digital economy.
By Rajesh Maurya, Regional Vice President, India & SAARC, Fortinet.
The need for talented IT professionals remains a top concern for most organizations. According to one recent report, organizations say they currently face skills shortages across a range of IT specialties, including server/systems administration (43%), general network administration (36%), and database administration (31%). The lack of seasoned cybersecurity professionals is even worse, with a skills gap estimated at just under 3 million workers. As a result, according to a report from ESG, 53% of survey respondents reported a problematic shortage of cybersecurity skills at their organization. And that’s just for general cybersecurity personnel needed to support and secure primarily traditional network environments.
But as networks rapidly expand to include the cloud, the problem becomes even more acute. Nearly a third of organizations have identified a challenge in locating individuals capable of managing converged infrastructures that blend traditional and cloud networks into a coherent networked environment. The lack of trained personnel in the area of cloud networking and development is a similar IT challenge, with 41% of organizations struggling to find skilled DevOps professionals, and 37% looking for folks with skills in container administration.
So it’s no surprise that finding security professionals with cloud skills can be like finding a needle in a haystack. As a result, security deployed in the cloud tends to be just like the security running on the physical network: isolated. To make things worse, the security policies, devices, configurations, and protocols deployed on the cloud are often run by an entirely different team, which means there is little consistency in terms of enforcement, correlation, management, or orchestration.
Of course, cybercriminals are all too willing and able to exploit those security gaps between different networks that still need to share data and workflows.
Key Cloud Cybersecurity Gap Areas
Here is a breakdown of some of the key security skills gap challenges faced by organizations operating cloud networks and services.
1. Cloud Native Security — Organizations adopting cloud networks generally recreate the same security problems that exist in their traditional networks. First, they tend to add security as an afterthought, usually after their cloud infrastructure plans have already been designed. Next, they tend to implement the same legacy solutions in the cloud that they have been using in their core network. Many vendors have simply loaded virtual versions of their physical security devices into the cloud store, and organizations select them because they believe they already know them. However, these solutions tend to have several serious problems:
First, these different security tools still operate in isolation, which means that not only can you still not share threat intelligence or security events between solutions, you now can’t do it between different network environments either, which compounds the challenge of things like correlation and enforcement.
Second, virtual versions of security solutions deployed in the cloud often run quite differently from their physical version. Not only do many feature function differently, many may not even exist at all. Which means that even if you can see all versions of your firewall through a central management console, your ability to establish consistent configurations and policy enforcement can still be severely compromised.
And finally, these tools are also unable to take advantage of the performance and functionality built in the cloud because they were not designed to leverage cloud APIs and native functionality, which means they run slower and are less effective than those tools designed to run natively in the cloud
Cloud security experts need to be able to deploy, configure, and manage cloud native solutions designed to run in the same elastic and distributed way that cloud applications run and that modern cloud computing platforms require — which is very different from traditional security tools.
2. DevOps vs DevSecOps — Security professionals need to be integrated into your DevOps team in order to ensure that security is built into applications, infrastructure, and services from the beginning at the beginning of every project. Agile application development, for example, needs to be able to link application functionality—especially when critical data is being handled—to security functions in a single, reliable chain in order to protect users without compromising the effectiveness and performance of the application. Generally speaking, this requires skills outside the scope of most cybersecurity professionals focused on mainstream network security strategies.
3. Container Security — This becomes even more challenging when implementing specialized environments, such as containers, that require specific security solutions to be in place. Container security needs a security professional capable of addressing specific challenges, including:
Integrated container security to address corrupt or malicious data inserted into a container.
Container-enabled security tools such as web application firewalls running inside a container that enable DevOps teams to better integrate application security into their application development process.
Container-aware security that can define and enforce security policies based on contextual factors such as container tags and labels.
Securing the container registry to protect developers from checking out an infected module and then building new application capabilities on top of that compromised code.
4. Multi-Cloud — These challenges are compounded when spread across multiple cloud environments. And with some experts estimating that 81 percent of enterprises currently have a multi-cloud strategy in place, this is just about everyone.
The challenges in a multi-cloud environment include:
Consistent protection — Applications, data, and workflows tend to move across and between cloud environments. From a security perspective, this means that security policies need to be able to move seamlessly along with any transaction so that critical data and resources receive the same protection regardless of their location.
Consistent policy — The other challenge is that different cloud environments function quite differently, which means that moving policies between different cloud networks can be difficult. Different security functionalities need to be taken into consideration, and protocols need to be able to translate rules and policies on the fly to eliminate gaps in enforcement that can be exploited by cybercriminals.
Addressing the skill challenge
The lack of skilled cybersecurity professionals, especially for cloud environments, may represent an existential crisis to our fledgling digital economy. Addressing this challenge requires a concerted effort on the part of both the private and public sectors of our communities. In the meantime, organizations need to identify IT personnel—preferably, someone with a DevOps background—that can be specially trained in the area of cloud security.
Those individuals then need to be embedded in both the IT security and DevOps teams to not only implement effective security solutions, but also serve to bridge the divide between traditional IT and the cloud. Failure to understand and effectively implement a cloud native security strategy can leave your organization vulnerable to policy and enforcements gaps, as well as limit the performance and functionality of your cloud infrastructure, applications, and services. And that can determine whether or not your organization is able to thrive in today’s digital marketplace.