What is Cloud Security Posture Management?
Cloud Security Posture Management, CSPM for short, is a term most likely coined, by Gartner, in a 2019 innovation paper.
In that paper, Gartner noted that “nearly all successful attacks on cloud services are the result of customer misconfiguration, mismanagement and mistakes.”
Effective CSPM is a set of processes and tools, designed to reduce the risk of a public cloud data or compliance breach.
With the huge growth of cloud services in recent years, CSPM tools have come a long way.
Initially, the tools helped you discover and visualize your Iaas and PaaS assets. Leading CSPM tools, including Hyperglance, now help you enforce policies, prevent misconfigurations, and automate the remediation of any issues that arise.
Why is Cloud Security Posture Management So Important?
As cloud and micro-service usage grows, so do the number of unmanaged risks and, sadly, headline-making data breaches.
By 2025, Gartner’s view is that “90% of the organizations that fail to control their public cloud use will inappropriately share sensitive data”.
Now, more than ever, is the time to take control of your cloud security.
With the right CSPM tool, like Hyperglance, in place, you can benefit from:
- Real-time, continuous visualization of your infrastructure
- Discover, classify, and risk-assess your cloud assets
- Protection against common misconfigurations such as expired keys, disabled logging, incorrect user permissions, lack of encryption, or updates not being run
- Reduced downtime, and automatic remediation of common issues
- Deliver continuously whilst enforcing DevOps and DevSecOps policies
- Out of the box compliance with security frameworks such as PCI DSS, HIPAA, SOC 2, GDPR, etc.
Who is responsible for Cloud Security Posture Management?
In a 2020 CISO MAG survey, 76% of respondents believed that the Cloud Service Provider (CSP) was entirely responsible for cloud security.
AWS and Azure, however, have other ideas.
AWS’ shared responsibility model is clear that the responsibility is split between them and the consumer of their service. They are responsible for the “...security of the cloud”, and their consumers are responsible for the “...security in the cloud”.
When it comes to Azure, Microsoft holds the same view as Amazon.
The Azure shared responsibility model states that the customer is always responsible for “data, endpoints, accounts, & access management”.
Hyperglance & CSPM
If you're looking to improve your cloud security posture, Hyperglance is the perfect place to start:
- Hyperglance is shipped with hundreds of built-in & customizable checks, all designed to help you enforce policy and reduce your cloud bill
- The checks run continuously, and are based on best practises and industry frameworks (CIS, NIST, NIST 800-53, NIST 800-171, AWS Well-Architected, HIPAA, PCI DSS, & FedRAMP)
- Checks can be used to trigger notifications, and automate fixes using AWS SNS or Azure Event Grid
- Hyperglance is self-hosted, deployed through the AWS & Azure Marketplaces, in Kubernetes, or installed on your own instance/VM