March 3, 2022

Why Foundational Security Should be at the Heart of Public Cloud Strategy

If you take the time up front to make sure that your foundational security is in place, you have a vastly reduced attack surface and a well-built infrastructure for your cybersecurity program.

Cybersecurity typically falls into 3 domains: users, infrastructure, and your tool set.

A lot of organizations put a great deal of their focus on the first component — training and managing their users. There’s also a great deal of money spent on the latter — defense tools, detection tools, management tools, you name it.

But where many organizations often fall short is optimizing the middle domain: infrastructure. In the world of public cloud, infrastructure acts as the foundational layer for your overall cybersecurity program… and it’s where 65% of cybersecurity risk lives. Getting it wrong can be a huge (and costly) mistake.

What is Foundational Cloud Security

When talking about the different levels of cybersecurity, we like to think of foundational security as the essentials of a safely-built home. If you’re looking to unpack all of your valuable assets and personal data into a new home, you’re going to want to make sure that it is outfitted with all of the necessary infrastructure in place — a door with a deadbolt, windows that shut and lock, and a door and keypad on your garage. A sound overall structure…good bones, right? We’re talking about the basics of 101 home security.

This is the infrastructure of your cybersecurity program.

Sure, you can store your assets in a house with a propped-open window or a garage without a door, but you’re going to have a greater probability of a catastrophic event happening. And if you try and install a security tool on a house with no windows and no doors, you’re going to experience a constant barrage of alerts, warnings, noise, false positives, and fatigue — because everything is going to look like an urgent attack possibility.

However, if you take the time up front to make sure that your foundational security is in place — a lock on every window, a password-protected garage — you have a vastly reduced attack surface.

The Benefits of Focusing on the Foundation

65 to 70% of all security challenges in the cloud arise from misconfigurations, such as the simple human error of forgetting to close and lock the window, or leaving the back door unlocked. Putting the focus of security back on infrastructure cuts down the opportunities for these common mistakes to happen.

A great way to achieve and demonstrate this is through a third-party tool like Tenacity, which gives you a manageable program and protection against the mistakes of your users by scanning for issues in your cloud environment, spotting misconfigurations, and prioritizing the issues you need to tackle first.

This is also going to have a downstream effect on the success of your cybersecurity tools, as they now have a narrower set of things to monitor and watch in your environment. Therefore, your alerts just get better by taking action on that configuration. 

By monitoring your foundation, Tenacity also can also help reduce infrastructure, reduce spending, and reduce alerts, noise, and fatigue.

Want to learn more about how Tenacity can help you tackle your public cloud’s foundational security? Click here to schedule a quick demo.

Latest articles

Browse all