Since inception, our focus has been on delivering innovative and practical solutions to address critical security concerns faced by companies that use public cloud infrastructure.
Based on our team’s experience in running cloud security operations, we knew that the key to turning cloud security from a barrier into an innovation enabler is reducing human intervention to the minimum, and directing it to where it is most needed.
Cloud security engineers are dealing with increased cognitive load. The ability to easily provision and scale cloud resources has transformed the way organizations run their IT infrastructures. At the same time, the ease of setting up resources in the cloud is also what makes it so difficult to manage.
Due to the rapid growth of human and machine identities requiring access to cloud resources, security engineers must constantly manage changes, evaluate risks, and update access permissions and policies accordingly. In such a dynamic environment, things can quickly spiralout of control. Consequently, misconfigurations and errors are more likely to occur and remain unnoticed, creating access vulnerabilities that can be exploited by malicious actors.
It’s therefore no surprise that human error is the top cause of cloud security breaches. As cloud environments continue to expand in size and complexity, the probability of human error increases dramatically. This is evident in market surveys such as the recently published 2023 Thales Cloud Security Study where 55% of respondents selected human error as the top cause of cloud data breaches – way above exploitation of vulnerabilities, the second highest factor (21%).
The human factor
The well-known fact that humans are the most vulnerable link in the cybersecurity chain is often a starting point for attackers. In accordance, Gartner predicts that by 2025, lack of talent or human failure will be responsible for over half of significant cyber incidents.
Furthermore, a Gartner survey conducted in 2022 revealed that 69% of employees have bypassed their organization’s cybersecurity guidance in the past 12 months. In the survey, 74% of employees said they would be willing to bypass cybersecurity guidance if it helped them or their team achieve a business objective.
These overwhelming numbers point to the shortcomings of existing cloud security solutions. As cloud environments continue to expand, cybersecurity is struggling to keep up with the pace and scale of change, and constantly update security policies and controls, causing disruption to legitimate business operations and leading to growing frustration among employees.
To maintain control of cloud access and implement effective policies, it’s essential to reduce the operational burden of continuously reconfiguring security policies. Automating the steps for monitoring, identifying, and mitigating risks can make this process easier.
However, automation must be backed by a thorough understanding of the access landscape, which can be utilized to create policies and entitlements that accurately reflect the risk level. Traditional identity and access management approaches that are based on users’ roles and responsibilities are not enough – contextualization is essential for assessing risk accurately and automatically applying policies that match the real threat.
SecurityGenie to the rescue
SecurityGenie adds an important component to our offering of cloud-based services aimed at streamlining security operations using smart automation, enabling security engineering to save valuable time and effort.
A SecurityGenie is an AI-powered companion for cloud security specialists. It serves as an intuitive interface to get insight from Solvo’s multidimensional, contextual analysis of infrastructure resources, applications and user behavior, and the data associated with them.
Using an advanced NLP engine, SecurityGenie enables cloud security engineers and executives to manage ongoing operations naturally and intuitively so they can stay in their flow. Users can assess their cloud security posture simply by asking specific questions about resources, networks, databases, and data storage, and SecurityGenie translates the questions into actionable insights.
Cloud security engineers can ask about their overall compliance status – either in general or in the context of specific regulations – and SecurityGenie will provide a compliance score as well as a list of issues prioritized by severity along with automated code remediation options. Similarly, SecurityGenie can pinpoint cloud resources containing sensitive data (e.g., PII) susceptible to unauthorized access, overly privileged accounts, suspicious external identities accessing cloud resources, and much more.
Based on these capabilities, SecurityGenie saves cloud security engineers, on average, 5 hours a week in misconfiguration handling and remediation. By seamlessly integrating with AWS, Azure, GCP, or hybrid environments, SecurityGenie can be used to gain instant, yet comprehensive visibility into multi-cloud environments, and identify and resolve the most critical issues beforethey escalate.
We believe that there is no match for the cognitive abilities of the human brain. We also believe that human intelligence should not be “wasted” on mundane, repetitive tasks. By facilitating time-consuming and error-prone tasks, SecurityGenie reduces the burden on cloud security engineers, enabling them to focus on higher-value activities that require human expertise and creativity.