The Shared Cybersecurity Model that governs the cloud teaches us that, whether PaaS (Platform as a Service), IaaS (Infrastructure as a Service) or SaaS (Software as a Service) services have been contracted, the cloud provider is never exclusively responsible for cybersecurity. At least access and data security will always be the customer’s responsibility.
It will therefore be necessary to stress the need for adequate visibility also in these environments to detect configuration problems or other security flaws that are under one’s own responsibility.
Once the traditional security perimeter has been dissolved, security functions must also be moved to the cloud, as new vectors to protect appear for which legacy protections are not sufficient.
In order to cover all these new vectors, there are solutions such as:
- Cloud Access Security Broker (CASB)
- Data Loss Prevention (DLP)
CSPM (Cloud Security Posture Management)
Zero Trust Network Access (ZTNA)
Firewall as a Service (FWaaS)
Endpoint Protection (AV, EDR & MDR)