Incorporating cloud security teams into the SOC enhances operational efficiencies
Security leaders are recognizing that cloud and the way cloud security teams work today are becoming increasingly critical to business and IT operations, according to Trend Micro.
As a result, cloud security and the foundational practices of their teams will be absorbed into the SOC to increase efficiencies in the coming years.
“Valuable innovations always cross the threshold and are absorbed into standard operations — happened with virtualization, and it will happen again with cloud,” said Mike Milner, VP of cloud technology at Trend Micro. “The organizations and individuals that lean into this will lead the way.”
Cloud security practices
Leaders who have successfully navigated cloud security are well placed to navigate a similar move to the modern SOC landscape.
Software is consuming everything, creating system infrastructure that is increasingly defined as code and reliant on large volumes of data with automation as the cornerstone for delivering value at increasing speeds.
All these principles are foundational to teams building and securing in the cloud, but SOC and IT infrastructure teams’ tooling, like cross-detection and response (XDR), also leverage these concepts and can benefit from absorbing the scale, skills, and expertise of cloud teams.
Trend’s prediction is that viable SOC tools will grow to include cloud protection capabilities. With the increased inclusion of cloud detection and response (CDR) within XDR platforms, the SOC function will have an increased scope that will also impact leadership qualifications.
Global organizations are set to spend $600 billion on public cloud services this year as the technology increasingly becomes an integral part of standard IT operations. Recent estimates suggest 87% of enterprises have already embraced multi-cloud and 72% are running hybrid cloud environments.
Organizations wanting to leverage the combined strengths of their organizations might look to security partners with expertise in both cloud security and SOC tooling to smooth the transition in addition to these thoughts.
Recommendations for organizations:
- Give CIOs more freedom to experiment with handling cloud and cloud security teams
- Look seriously at a cloud security leader as the next CISO
- Encourage or deliberately connect the leadership of the two teams – via joint executive briefings or having both reports into the CIO
- Consider rotational programs for security and engineering teams
Recommendations for aspiring CISOs:
- Gain experience in cloud transformation
- Pick a cybersecurity partner with experience adopting and integrating technologies between cloud security and SOC tools
- Maintain cloud practitioner certifications from partners such as (AWS, Microsoft Azure, Google Cloud Platform, etc.)
- Leverage learnings from the cloud like immutability, building from code, and automation to improve security posture and respond quickly