Securing the hybrid cloud is a balancing act

Issue 6 2023 Security Services & Risk Management, Infrastructure


Steve Flynn.

To protect data and other digital assets in hybrid cloud environments, businesses need to adopt a modernised, flexible and scalable cybersecurity approach. “While small and mid-sized companies may not have the same IT challenges—and benefits—as larger organisations, their security needs, especially in an increasingly hybrid cloud world, are equally essential,” says Steve Flynn, Sales and Marketing Director at ESET Southern Africa.

Globally, organisations have taken to hybrid cloud in a big way for many well-documented reasons: flexibility, cost efficiency, the ability to balance internal control with workload migration, widespread scalability and faster time to value for new applications and services. In South Africa, businesses are shifting their IT environments’ structure to take advantage of the cloud, with many adopting a cloud-first architecture or, increasingly, a hybrid cloud model.

Hybrid cloud, however, is not immune to something that is often organisations’ top fear and operational snag; security risks. Organisations certainly understand the need to secure their data, devices and applications in the cloud, even though overall IT spending growth in 2020 was dampened by the pandemic; research indicates that spending on cloud security jumped by 33%. Irrespective of size, businesses need to stay on top of the rapidly evolving cyber risk landscape and seek out new, modernised and highly flexible solutions to help mitigate those risks in a hybrid cloud environment.

Security challenges in hybrid-cloud architectures

Organisations are experiencing an increase in the number, diversity and sophistication of cyber threats. Advanced threat protection and overall cybersecurity management are often at the front and centre of an organisation’s approach to modernised cybersecurity, especially in hybrid cloud environments. Using a centralised approach to cybersecurity through advanced software solutions, often as a cloud service, to stay secure from these multiple threats is an ideal method for protecting end users and valuable business data. Implementing a comprehensive security solution is far more efficient to deploy, simpler to manage and, in many cases, more cost-effective than purchasing individual products for different threats.

Compared to legacy approaches, cloud-based cybersecurity management is:

• A more appropriate fit for the increasingly challenging threat landscape, driven by overlapping attacks of different natures, often with no advanced warning.

• A better strategy to gain increased visibility into network, application, data and user behaviour over physical and virtual networks.

• A far simpler and more automated approach to coordinate a unified response to security threats.

Long gone are the days when organisations could focus on mainstream, relatively simple security threats like viruses and keystroke logging. Now, the growing diversity of threats, combined with their overlapping attacks and long dwell times (the length of time an attack remains undetected inside an organisation’s cyber defences), has raised the stakes.

As organisations adopt hybrid-cloud frameworks such as cloud-native application development/deployment, container-based architectures, microservices and serverless computing, they need a security approach designed for a cloud-first or even cloud-only environment.

What to look for in a cloud-based security platform

Selecting the right toolset for security in hybrid-cloud environments carries far-reaching implications. Solutions that do not fully and properly address threats can result in compliance violations, data governance problems, legal exposure, and the loss of customer confidence. At the same time, solutions that are difficult and expensive to deploy cost money, degrade employee productivity and take security professionals away from other tasks.

As businesses create their checklist, it is important to keep in mind some core functionalities for hybrid cloud security. These functionalities include:

• Protecting traditionally unprotected or poorly protected endpoints, networks and applications now being used more frequently in remote work, such as home networks or personally subscribed cloud services.

• Enabling cloud sandboxing as isolated test environments to study, analyse and plan action against suspicious programs and/or files.

• Delivering multilayered protection of the expanding number of applications, data and devices at the endpoint, server, network and cloud levels.

• Supporting an integrated platform design, rather than disparate security point products, to ease management and support automated prevention, detection, response and remediation.

• Improving time to value by speeding deployment, facilitating scalability, and reducing costs.

• Embracing a multi-purpose console to do more than just threat monitoring.

• Avoiding one-size-fits-all solutions through customised solutions, configurations, and policies.

• Securing both data at rest and data in motion, due to the need to support both cloud and on-premises protection, as well as securing data as part of workload migrations.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Amendments to the Private Security Industry Regulations
Technews Publishing Agriculture (Industry) Surveillance Access Control & Identity Management Fire & Safety Perimeter Security, Alarms & Intruder Detection Information Security Asset Management News & Events Integrated Solutions Infrastructure Security Services & Risk Management Education (Industry) Entertainment and Hospitality (Industry) Financial (Industry) Government and Parastatal (Industry) Healthcare (Industry) Industrial (Industry) Mining (Industry) Residential Estate (Industry) Retail (Industry) Transport (Industry) Conferences & Events Associations Videos Training & Education Smart Home Automation Commercial (Industry) Logistics (Industry) AI & Data Analytics Facilities & Building Management IoT & Automation Power Management
SANSEA, SASA, National Security Forum, CEO, TAPSOSA, and LASA oppose recently published Amendments to the Private Security Industry Regulations regarding firearms.

Read more...
A passport to offline backups
SMART Security Solutions Technews Publishing Editor's Choice Infrastructure Smart Home Automation
SMART Security Solutions tested a 6 TB WD My Passport and found it is much more than simply another portable hard drive when considering the free security software the company includes with the device.

Read more...
Rewriting the rules of reputation
Technews Publishing Editor's Choice Security Services & Risk Management
Public Relations is more crucial than ever in the generative AI and LLMs age. AI-driven search engines no longer just scan social media or reviews, they prioritise authoritative, editorial content.

Read more...
How can South African organisations fast-track their AI initiatives?
AI & Data Analytics Security Services & Risk Management
While the AI market in South Africa is anticipated to grow by nearly 30% annually over the next five years, tapping into the promise and potential of AI is not easy.

Read more...
Efficient, future-proof estate security and management
Technews Publishing ElementC Solutions Duxbury Networking Fang Fences & Guards Secutel Technologies OneSpace Technologies DeepAlert SMART Security Solutions Editor's Choice Information Security Security Services & Risk Management Residential Estate (Industry) AI & Data Analytics IoT & Automation
In February this year, SMART Security Solutions travelled to Cape Town to experience the unbelievable experience of a city where potholes are fixed, and traffic lights work; and to host the Cape Town SMART Estate Security Conference 2025.

Read more...
Stallion repositions itself as a services provider
News & Events Security Services & Risk Management
Stallion has rebranded as Stallion Integrated Solutions to reflect its expanded capabilities beyond traditional security services to delivering integrated solutions that enhance safety, asset management, and operational efficiency.

Read more...
Seven tips to help ensure your backup batteries work
Power Management Security Services & Risk Management
Load shedding is back, officially or not. Lance Dickerson offers seven tips to prolong the life of your power backup systems and ensure they perform as intended when needed.

Read more...
Cybersecurity best practice
Information Security Security Services & Risk Management
Breach and attack simulation has become an essential element of cybersecurity strategies in any modern business by allowing companies to actively detect and resolve vulnerabilities through real-world attack simulations.

Read more...
Historic Collaboration cuts ATM Bombings by 30%
Online Intelligence Editor's Choice News & Events Security Services & Risk Management
Project Big-Bang, a collaborative industry-wide task team, has successfully reduced ATM bombings in South Africa by 30,7% during the predetermined measurement period of November, December and January 2024/5.

Read more...
Keeping safety central to enterprise risk management
Zulu Consulting Security Services & Risk Management
[Sponsored] As employee safety becomes an ever-more critical aspect of corporate risk management, Risk-IO assists risk managers in ensuring a safe working environment, whether in an industrial setting, an office, or anywhere.

Read more...