Balancing On-Premise and Cloud Security

Delta Risk Expert Weighs In on Balancing On-Premise and Cloud Security in 2020

What’s the best way to balance your cyber security priorities between on-premise and the cloud in 2020? Find out in the on-demand webinar “Balancing Security on Premise and In the Cloud,” featuring Delta Risk expert and VP Dan Harding. The webinar is part of the (Security) Balancing Act series with Diana Kelley, Cybersecurity Field CTO and included panelists Dominique West, Senior Cloud Security Consultant at EY, and Jon Garside, Director of Product Marketing at Securonix.

During the webinar, the panelists discussed key topics related to on-premise and cloud security, including:

  • What are the differences between cloud security vs on-premise security and why do they matter in 2020?
  • How do you normalize your security posture across legacy and hybrid/multi-cloud environments? Is it possible to improve security as part of a digital transformation program?
  • What kind of cyber hygiene do you need to practice?
  • Where does DevOps (or DevSecOps) fit into all of this?
  • Are cloud security failures the customer’s fault?
  • What is SASE and how will it impact your organization?

Balancing On-Premise and Cloud Security

When it comes to differences in on-premise and cloud security, West said one key difference is the level of responsibility. Typically, with a data center, for example, the organization is responsible for its security “from the top down,” she said, calling it a “perimeter mentality.”

West pointed out that when an organization moves to the cloud, some security responsibility falls on the cloud service provider, but the rest falls to organizations using the cloud services, adding that different cloud security models mean different levels of responsibility.

Harding said the issue can be viewed through two lenses, endpoint-based monitoring and sensor-based monitoring, or API-based monitoring.

Dan pointed out that when Delta Risk was building its ActiveEye platform, “We saw a lot of traditional vendors taking an older approach to putting sensors or putting endpoints out into the cloud infrastructure,” he said. “Whereas by leveraging the APIs that are out there and accessible you get a much richer amount of content when you couple that with the endpoint itself. So, bringing them together is paramount.”

Harding said he’s seen a lot of companies that already have a solid on-premise solution in place, but over time, cloud security has fallen off their priority list. “Being able to maintain those as they ebb and flow, I think is paramount to any cloud strategy because they will continue to move in in different ways,” he said. “And being able to have that sort of agility within your organization is very important.”

But, even if you have the right tools in place to manage your organizations cyber security, knowing how to use those tools is a crucial part of making sure you’re actually protected, Harding added. Part of that includes sorting out what’s important and what’s not and avoiding alert fatigue in the process.

For more on what the panelists discussed, view the on-demand version of the webinar here.

Is your organization experiencing alert fatigue? Learn more about how Delta Risk can help here.