Monitoring the Hybrid Cloud: Evolving to the CloudSOCBy Mike Rothman
This cloud thing is going to have major repercussions on how you protect technology assets over time. But what does that even mean? We start this paper by defining how and why the cloud is different, and then outline a number of trends we expect to come to fruition as described in our The Future of Security paper. Then we look at how security monitoring functions need to evolve, as an increasing amount of technology infrastructure runs in the cloud.
An excerpt from the introduction sums this up nicely.
As the mega-trends of mobility and cloud computing collide, security folks find themselves caught in the middle. The techniques used to monitor devices and infrastructure no longer work. There are no tap points, and it is often prohibitively inefficient to route cloud traffic through inspection choke points. Security monitoring needs to change fundamentally to stay relevant – even viable – in this cloud age.
Although the industry isn’t going to shut down all of our data centers overnight. Not everything is moving whole hog into the private cloud or over to a SaaS-based service. So you will need to exist in purgatory between traditional data center technologies and cloud computing for a while. Thus you need to revisit your active controls and your security monitoring functions.
Monitoring the Hybrid Cloud: Evolving to the CloudSOC describes and assesses the new cloud use cases you need to factor into your security monitoring strategy, and discusses emerging technologies which can help you cope. Finally we will discuss coexistence and migration to a system to monitor the hybrid cloud because the existing stuff will be around for a while.
We would like to thank IBM Security for licensing the content. Without our licensees you would be paying a king’s ransom to read our research.