Organizations continue to move toward cloud-based networks, which can offer advantages to a scaling business. Even improved technology carries risks, and organizations must remain diligent in their security efforts.
What's new
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published a factsheet to assist transitioning companies in identifying necessary tools and techniques to maintain the integrity of their data security systems.
The tools are designed to assist in preventing malicious compromises, detecting malicious activity, mapping potential threat vectors, and identifying malicious activity after it has occurred.
According to the document, many organizations engage in a hybrid cloud model, using both an on-premise and private cloud and a third-party, public cloud service. In this situation, both the organization and the cloud service provider are responsible for securing critical data.
Related: A guide to HIPAA and cloud computing
Going deeper
First and foremost, the CISA recommends organizations take advantage of the built-in security of the cloud service provider (CSP) they use.
The CISA also outlines five tools that organizations should utilize:
- The Cyber Security Evaluation Tool uses industry-recognized standards, frameworks, and recommendations to help organizations evaluate their current cybersecurity efforts. Using a series of targeted questions regarding components, architecture, policies, and procedures, CSET generates a report outlining the current security of the system.
- SCuBAGear M365 Secure Configuration Baseline Assessment Tool was initially designed for federal agencies in the cloud environment but is useful for any organization looking to harden their security, especially if using authorization tokens for sign-in.
- Untitled Goose Tool is designed to assist with security in programs like Microsoft Azure, AAD, and M365. It can collect logged data long-term, allowing organizations to review activity a significant time after the event occurred.
- Decider Tool assists in mapping past observed activity to help organizations learn common strategies employed by cyber attackers.
- Japan Computer Emergency Response Team Coordination Center sets up memory image analysis on Amazon Web Services, which can be helpful when analyzing fileless malware attacks.
What was said
According to the report, the factsheet is designed to provide "tools and guidance that can be used to help mitigate the risk of information theft, data encryption and extortion, and information exposure."
The CISA advises cloud-based or hybrid organizations to carefully analyze these tools and others to prevent and recover from attacks, stating, "It is important for businesses to develop practices that evaluate industrial control systems (ICS) and IT security practices that best fit your organization before using cloud services."
The big picture
Currently, some cloud-based services remain vulnerable to cyberattacks, and it can be challenging for organizations to prepare, prevent, and recover from attacks. Organizations should understand what security capabilities exist within the cloud service provider they are using and what steps the organization can take to ensure data remains secure during and after the transition.
Related: HIPAA Compliant Email: The Definitive Guide
Abby Grifno
