Scribd
Upload
93 views7 pages

Cloud Security

Uploaded by

debsar77
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
93 views7 pages

Cloud Security

Uploaded by

debsar77
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

These materials are © 2023 John Wiley & Sons, Inc.

Any dissemination, distribution, or unauthorized use is strictly prohibited.


Cloud Security &
Compliance
Palo Alto Networks 2nd Special Edition

by Lawrence Miller, CISSP,


and Petros Koutoupis

These materials are © 2023 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
Cloud Security & Compliance For Dummies®,
Palo Alto Networks 2nd Special Edition

Published by
John Wiley & Sons, Inc.
111 River St.
Hoboken, NJ 07030-5774
www.wiley.com
Copyright © 2023 by John Wiley & Sons, Inc., Hoboken, New Jersey

No part of this publication may be reproduced, stored in a retrieval system or transmitted in any
form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise,
except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without
the prior written permission of the Publisher. Requests to the Publisher for permission should be
addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ
07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions.
Trademarks: Wiley, For Dummies, the Dummies Man logo, The Dummies Way, Dummies.com,
Making Everything Easier, and related trade dress are trademarks or registered trademarks of John
Wiley & Sons, Inc. and/or its affiliates in the United States and other countries, and may not be
used without written permission. All other trademarks are the property of their respective owners.
John Wiley & Sons, Inc., is not associated with any product or vendor mentioned in this book.

LIMIT OF LIABILITY/DISCLAIMER OF WARRANTY: WHILE THE PUBLISHER AND AUTHORS HAVE


USED THEIR BEST EFFORTS IN PREPARING THIS WORK, THEY MAKE NO REPRESENTATIONS
OR WARRANTIES WITH RESPECT TO THE ACCURACY OR COMPLETENESS OF THE CONTENTS OF
THIS WORK AND SPECIFICALLY DISCLAIM ALL WARRANTIES, INCLUDING WITHOUT LIMITATION
ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
NO WARRANTY MAY BE CREATED OR EXTENDED BY SALES REPRESENTATIVES, WRITTEN
SALES MATERIALS OR PROMOTIONAL STATEMENTS FOR THIS WORK. THE FACT THAT AN
ORGANIZATION, WEBSITE, OR PRODUCT IS REFERRED TO IN THIS WORK AS A CITATION AND/
OR POTENTIAL SOURCE OF FURTHER INFORMATION DOES NOT MEAN THAT THE PUBLISHER
AND AUTHORS ENDORSE THE INFORMATION OR SERVICES THE ORGANIZATION, WEBSITE, OR
PRODUCT MAY PROVIDE OR RECOMMENDATIONS IT MAY MAKE. THIS WORK IS SOLD WITH
THE UNDERSTANDING THAT THE PUBLISHER IS NOT ENGAGED IN RENDERING PROFESSIONAL
SERVICES. THE ADVICE AND STRATEGIES CONTAINED HEREIN MAY NOT BE SUITABLE FOR
YOUR SITUATION. YOU SHOULD CONSULT WITH A SPECIALIST WHERE APPROPRIATE. FURTHER,
READERS SHOULD BE AWARE THAT WEBSITES LISTED IN THIS WORK MAY HAVE CHANGED
OR DISAPPEARED BETWEEN WHEN THIS WORK WAS WRITTEN AND WHEN IT IS READ.
NEITHER THE PUBLISHER NOR AUTHORS SHALL BE LIABLE FOR ANY LOSS OF PROFIT OR ANY
OTHER COMMERCIAL DAMAGES, INCLUDING BUT NOT LIMITED TO SPECIAL, INCIDENTAL,
CONSEQUENTIAL, OR OTHER DAMAGES.

ISBN 978-1-119-90416-8 (pbk); ISBN 978-1-119-90417-5 (ebk)

For general information on our other products and services, or how to create a custom For Dummies
book for your business or organization, please contact our Business Development Department in
the U.S. at 877-409-4177, contact [email protected], or visit www.wiley.com/go/custompub. For
information about licensing the For Dummies brand for products or services, contact BrandedRights&
[email protected].

Publisher’s Acknowledgments

Some of the people who helped bring this book to market include the following:
Project Editor: Elizabeth Kuball Production Editor:
Acquisitions Editor: Ashley Coffey Saikarthick Kumarasamy

Editorial Manager: Rev Mengle


Client Account Manager:
Cynthia Tweed

These materials are © 2023 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
Table of Contents
INTRODUCTION................................................................................................ 1
About This Book.................................................................................... 2
Foolish Assumptions............................................................................. 2
Icons Used in This Book........................................................................ 3
Beyond the Book................................................................................... 3
Where to Go from Here........................................................................ 3

CHAPTER 1: The Evolution of Cloud-Native Applications


and Their Impact on Security............................................. 5
Learning Cloud Lingo............................................................................ 6
Introducing Cloud-Native Computing................................................. 8
Why a Code-to-Cloud Security Strategy?............................................ 9
Securing the Application Life Cycle with CNAPP.............................. 11
Understanding the Shared Responsibility Model............................ 12

CHAPTER 2: Getting Started with Cloud and Cloud-Native


Application Security................................................................. 15
Building with Cloud Security in Mind................................................ 15
Defining Organizational Cloud Security Responsibilities............... 16
Benefitting from DevSecOps.............................................................. 18
Assessing Risk in the Cloud................................................................ 19
Evaluating Existing Security Tools..................................................... 20
Native public cloud security......................................................... 21
Point products................................................................................ 21
Legacy network and content security......................................... 21
Building a Security Strategy............................................................... 22
IaaS and PaaS security requirements.......................................... 22
Multicloud security requirements............................................... 25
Identifying Deployment Best Practices............................................. 27
Lock down identity management................................................ 27
Secure the compute layer............................................................. 28
Secure your storage...................................................................... 29

Table of Contents iii

These materials are © 2023 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
CHAPTER 3: Looking at Regulatory Compliance in
the Cloud........................................................................................... 31
Navigating the Regulatory Landscape.............................................. 31
GDPR............................................................................................... 32
NIS Directive................................................................................... 35
Recognizing the Importance of Automated, Continuous
Monitoring............................................................................................ 35
Avoiding the “Compliance Catch-Up” Trap....................................... 37
Implementing a Proactive Approach with DevSecOps................... 39
Four Ways to Improve Cloud Security and Compliance................. 40

CHAPTER 4: Building an Organizational Culture


around Security........................................................................... 43
Managing Cybersecurity in the Modern Era.................................... 43
Creating an effective cybersecurity team................................... 44
Planning your automation strategy............................................. 44
Assessing security effectiveness.................................................. 46
Recognizing How Cloud Maturity Affects Automation Levels........ 46
Embedding Security in the Developer Workflow............................. 47
Continuous cybersecurity skills training and
enhancement................................................................................. 48
Security from design through production.................................. 49
Executive leadership...................................................................... 49
Automation..................................................................................... 49
Cultivating the collaborative mindset.......................................... 50
Security accountability.................................................................. 50

CHAPTER 5: Forecasting Changes in Cloud and


Cloud-Native Security............................................................. 51
Surveying the Evolution of Cloud Threats........................................ 51
Consolidating Tools and the Importance of CNAPP....................... 52
Looking into the Future of Cloud Security....................................... 54
Drafting a Blueprint to Manage Risk................................................. 55
Identify............................................................................................ 56
Protect............................................................................................. 56
Detect.............................................................................................. 57
Respond.......................................................................................... 57
Recover............................................................................................ 58

iv Cloud Security & Compliance For Dummies, Palo Alto Networks 2nd Special Edition

These materials are © 2023 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
CHAPTER 6: Ten (or So) Cloud Security Recommendations..... 59
Embrace DevSecOps........................................................................... 59
Take a Cloud-Centric Approach......................................................... 60
Understand the Shared Security Model........................................... 60
Use a Zero Trust Strategy................................................................... 61
Engage with Business Groups, Governance, and DevOps Early..... 62
Know Your Potential Exposure.......................................................... 63
Understand the Attacker.................................................................... 64
Evaluate Your Security and Compliance Options............................ 64
Empower Yourself with Knowledge.................................................. 66
Believe in Prevention.......................................................................... 66
Secure IaaS and PaaS.......................................................................... 68
Use Automation to Eliminate Bottlenecks....................................... 69

Table of Contents v

These materials are © 2023 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.

You might also like