4 minute read
Why should financial services choose cloud native?
Initiated by the pandemic, numerous organisations throughout nearly all sectors have rapidly migrated to cloud native technologies and facing new cybersecurity risks to mitigate. The cloud native movement is an area which is always rapidly changing and can be daunting for organisations and authoritative parties that are struggling to keep up. Organisations within the financial services sector have also made this rapid transition at the risk of experiencing especially large losses if faced with a cyberattack.
With this, Kubernetes and Docker have grown in popularity by DevOps (development operation) teams as revealed by a recent Stackoverflow survey which discovered that more than 55 per cent implemented Docker within their teams. On the other hand, the use of currently running Linux container technologies, which security teams become dependent on, have only left them at a significant disadvantage and lagging behind. For cybersecurity throughout the financial sector to be effective new methods must be applied in new ways for security departments to implement new practices to better safeguard their environments.
Evaluating the risks
When considering implementing any cloud native technology there are five key risks that organisations should evaluate beforehand:
• Blurring the boundaries: Availability, Confidentiality, Integrity are straightforward concepts to identify within conventional models. However, with cloud native technologies, these boundaries and definitions are easily blurred – making the segregation of duties model a more complex task. The leaves access control functions and deploying protections for data assets much more difficult to define
• Internet exposure – a real concern to this computing model is the level of internet exposure that is risked. Even if done accidentally, a simple error in judgement can expose vital systems and information to potential cyberattacks. This along with the rapid advancement of cyberattacks methods means that reinforcing all security weaknesses and improving information asset management tools need to be addressed as soon as possible
• Problems with GDPR – as cloud based systems are being increasingly adopted on an international scale also brings the overlap of GDPR regulations within and throughout different countries. What may be a requirement to GDPR compliance in one country could possibly be a violation to GDPR compliance in another
• Generic protections – to ensure overall ease of use by all end users, many cloud native applications are developed with basic security capabilities. This leaves unaware users with generic default settings that are incapable of maintaining critical applications effectively. Instead, the focus should be towards setting up proper controls early on in development to reinforce these generic settings
• Incompatible new systems – organisations should first consider if their current security operations systems can be integrated with newer ones before investing in a conventional SaaS platform, as it may not have the integration points needed for security control and monitoring functions
Mitigating the risks
Education is fundamental to appropriately mitigate the risks that come with transitioning to cloud native. Arming security teams, owners, and system developers with the knowledge to correctly react and adjust their tactics is they best way to guarantee the safe and proper use of the technology. Combining this approach with CNAPP (or cloud native application protection platforms) is what organisations will need to develop the suitable controls that can accommodate design and development of current cloud native applications.
In addition, altering the management of secret information (credentials and API keys) as applications are distributed to ephemeral containers should be done before the transition to cloud native to prevent any credentials be stolen which could possibly result in changes within the system. Though there are definite hurdles to overcome caused by this paradigm shift, there are also a number of valuable advantages which may help to make their role of security teams a little simpler. One way to achieve this is storing away all information within a computing environment by moving to “infrastructure as code”, this is where systems and the applications within them are defined in an encrypted language. This method allows for practices such as static analysis to recognise vulnerabilities through re-evaluating the data to and allocate it to a control database.
Cloud native computing can also be used to reinforce security measures by implementing an “immutable infrastructure” which are designed for system administrators to frequently replaced instead of being altered in an ad-hoc approach. This operation model allows for defenders to accurately identify a lateral movement attack within an environment.
The rate and global adoption of cloud native technologies is due to bring with it new changes for the financial services sector to keep up with. Cybersecurity and ITOps teams must be proactive in keeping with these constant changes and that they are in the best position possible to benefit from the changes. By modifying their systems and procedures to meet these oncoming waves of change is the way to handle all the risks that come along with it.
