Thursday, July 18, 2024

NSA Releases Top Ten Best Practices For Cloud Environments

Threat actors aim at Cloud environments because of their wide acceptance and one-stop storage of important information. 

Exploiting shortcomings in cloud security may enable unauthorized access to sensitive data, interruptions in infrastructure, or earning money.

The fact that the systems are highly scalable and interconnected makes them good targets for cyber-attacks.

Cybersecurity analysts at the NSA recently released the top ten best security practices for cloud environments.

Top Ten Best Practices For Cloud Environments

NSA researchers recently released cloud security mitigation strategies in an attempt to educate cloud users about important security practices. Threat actors mostly target cloud users while they shift their data to cloud environments.

The document has 10 Cybersecurity Information Sheets (CSIs), every one focusing on a distinct approach.

For six of the 10 strategies, the Cybersecurity and Infrastructure Security Agency (CISA) collaborates with the National Security Agency (NSA).

Here below, we have mentioned all the top ten best security practices for cloud environments provided by the NSA:-

  • Uphold the cloud shared responsibility model: This CSI educates on a cloud framework by clarifying the security responsibilities for both CSP and customers in securing their chosen cloud instance.
  • Use secure cloud identity and access management practices (Joint with CISA): This CSI clarifies cloud identity management threats and suggests best practices to mitigate them for organizations in the cloud.
  • Use secure cloud key management practices (Joint with CISA): This CSI suggests key management options and best practices for their use. It emphasizes the importance of understanding shared security responsibilities with cloud KMS.
  • Implement network segmentation and encryption in cloud environments (Joint with CISA): This CSI advises on applying principles in cloud environments that are distinct from on-prem networks. Cloud tech offers an infrastructure for ZT without specialized appliances. It primarily highlights the best practices using common cloud features.
  • Secure data in the cloud (Joint with CISA): Securing cloud data is crucial as organizations migrate. Understanding data sensitivity, choosing proper storage, and applying security measures are the key factors. This CSI gives an overview and practices for securing and auditing cloud storage.
  • Defending continuous integration/continuous delivery environments (Joint with CISA): NSA and CISA offer this CSI to enhance cloud DevSecOps defenses. It guides integrating security into DevOps CI/CD environments, leveraging government guidance for robust CI/CD cloud deployments.
  • Enforce secure automated deployment practices through infrastructure such as code: IaC, baselines, and golden images, which are templates for deploying resources across on-premises and in the cloud. IaC automates deployment using code, including security policies. Baselines and golden images provide secure starting points. 
  • Account for complexities introduced by hybrid cloud and multi-cloud environments: This CSI tackles challenges in implementing hybrid and multi-cloud by offering solutions to mitigate increased complexity.
  • Mitigate risks from managed service providers in cloud environments (Joint with CISA): MSPs manage IT services in the cloud, offering backup, infrastructure, and security. They provide tailored solutions, but using them increases cybersecurity risks.
  • Manage cloud logs for effective threat hunting: Cloud tenant access is complex due to virtualization, as the security relies on unmodifiable logs. So, the access policies, logs, and audits must be monitored. Organizations must manage logs for threat hunting and compliance.

Cloud computing boosts IT efficacy and security if deployed correctly.

However, data concentration attracts the threat actors, so these guidelines will allow them to safeguard their cloud environment.

With Perimeter81 malware protection, you can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits. All are incredibly harmful and can wreak havoc on your network.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.


Latest articles

Octo Tempest Know for Attacking VMWare ESXi Servers Added RansomHub & Qilin to Its Arsenal

Threat actors often attack VMware ESXi servers since they accommodate many virtual machines, which...

TAG-100 Actors Using Open-Source Tools To Attack Gov & Private Orgs

Hackers exploit open-source tools to execute attacks because they are readily available, well-documented, and...

macOS Users Beware Of Weaponized Meeting App From North Korean Hackers

Meeting apps are often targeted and turned into weapons by hackers as they are...

Hackers Exploiting Legitimate RMM Tools With BugSleep Malware

Since October 2023, MuddyWater, which is an Iranian threat group linked to MOIS, has...

Cybercriminals Exploit Attack on Donald Trump for Crypto Scams

Researchers at Bitdefender Labs remain ever-vigilant, informing users about the latest scams and internet...

New TE.0 HTTP Request Smuggling Flaw Impacts Google Cloud Websites

HTTP Request Smuggling is a flaw in web security that is derived from variations...

Volcano Demon Group Attacking Organizations With LukaLocker Ransomware

The Volcano Demon group has been discovered spreading a new ransomware called LukaLocker, which...
Tushar Subhra Dutta
Tushar Subhra Dutta
Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles