Organizations are increasingly turning to defense-in-depth strategies to address the growing challenges of securing data stored in the public cloud. According to research conducted by TechTarget’s Enterprise Strategy Group, organizations are more confident in their ability to secure on-premises data compared to data saved in the cloud. This is because organizations have complete knowledge and control over their on-premises IT infrastructure and have established trusted relationships with third-party security vendors.
However, when it comes to cloud-resident data, organizations must assess the effectiveness of their cloud service provider’s (CSP) native tools and controls in securing that data. While respondents of the survey expressed confidence in their CSP’s monitoring, logging, and auditing capabilities, their confidence in other key activities such as risk assessments, encryption, and access policies was lower.
To address this, organizations are adopting a preference for defense-in-depth strategies, which involve using a combination of CSP-native controls and third-party tools. In fact, over half of the organizations surveyed reported using this approach, with nearly a quarter relying on a managed service provider (MSP) for some or all of their cybersecurity controls. This preference highlights organizations’ confidence in selecting third-party vendors and their understanding that defense-in-depth strategies enhance their ability to secure sensitive data in the cloud.
Research has shown that a defense-in-depth strategy can significantly reduce data breaches. Organizations that relied solely on CSP-native controls were twice as likely to experience data loss compared to those using a combination of CSP-native and third-party tools. The complex nature of SaaS, IaaS, and PaaS cloud environments with large attack surfaces requires multiple tools to provide optimal security outcomes.
Several challenges that organizations face with cloud data security can be mitigated by employing a defense-in-depth strategy. Misconfigurations, which account for a significant percentage of data loss incidents, can be reduced with overlapping layers of defense. Similarly, policy violations and access control breaches can be better addressed with multiple security tools rather than relying on a single point of defense.
Managed service providers (MSPs) also play a crucial role in providing an additional layer of defense. Organizations that solely relied on CSP-native controls were three times more likely to experience data loss compared to those using a combination of CSP-native and third-party tools managed by an MSP. MSPs bring the advantages of expertise in multiple security tools and the ability to apply their experience across different environments, leading to better outcomes for their customers.
While defense-in-depth strategies have proven to be successful in preventing data loss, they do come with additional investments in terms of tools, personnel, and integration efforts. CISOs and security architects need to carefully balance these investments against their desired outcomes.
In conclusion, organizations recognize the importance of defense-in-depth strategies to enhance their public cloud data security. By combining CSP-native controls with third-party tools and the expertise of MSPs, organizations significantly reduce the risk of data breaches and improve overall data security in the cloud. However, it is crucial for organizations to carefully evaluate their investments and desired outcomes to strike the right balance in their defense-in-depth strategies.