Becoming an All-Around Defender: Beware of Flying Baby Syndrome

Historically, as long as you knew about the technologies, it didn’t matter if those technologies were on-prem or in the cloud. But that idea is actually becoming incorrect, say SANS Cyber Defense Certified Instructors Justin Henderson and Ismael Valenzuela. The truth is that cloud does change things for the average security professional, and today, to be a successful all-around defender (or cybersecurity generalist), you need to know at least some aspects of cloud or risk becoming legacy yourself.

Much of the change that cloud brings to security teams boils down to access and trust. As Ismael points out, adopting cloud IaaS now means that you need to rely on the big platform providers – Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform – to supply you with access. In this way, cloud changes the model of trust, necessitating trust in a third-party to maintain physical control over your assets, which makes compliance and governance much more important for your organization and security team.

“It’s probably psychological as well,” Ismael says. “IT departments and security teams have been built to be physically in a building, usually in a basement next to the data center. So if something happens, you’re right next to the server. With the cloud, now you can’t touch anything. You can’t get in and touch any physical hardware or pull any cables, and I think that radically changes the mindset. It’s just like expecting people to go into the office every day and now all of a sudden everybody is working remotely.”

Enter the Flying Baby

On the issue of access, Justin likens the change that cloud brings to the task of taking care of a flying baby: “I call this the Flying Baby Syndrome.”

“If you have a baby, you know what we do: We put plastic covers over the outlets, buy door latches so when they pull out cabinets, the baby doesn’t jam their fingers – that’s traditional baby, that’s perimeter defense,” Justin says. “The problem is when the cloud came out, baby became a flying baby and it has access to all the things, all the time. And we, as the guardians of the baby, now are scrambling to control that level of access.”

Securing the cloud isn’t so much about infrastructure as it is about data, Justin explains. Simply put, “data-centric security has become infinitely more difficult, because we now have flying babies.”

Leveling Up in Becoming an All-Around Defender

Justin Henderson and Ismael Valenzuela are on a mission to help All-Around Defenders reach success. They’ve put together a four-part webcast series aimed at helping you define what it means to be an all-around defender, get the hands-on experience you need by building your personal lab and extending it to include cloud, and learn the soft skills required to take your career to the next level.

Today, July 1 at 1:00pm EDT (17:00 UTC), Ismael and Justin will be hosting the third webcast in the series, which has been curated based on feedback from our community to cover how to extend your home lab to include the cloud. Register
and join them to learn how you can build a home lab that integrates and uses cloud resources and security controls so you can get experience with the same controls you would have in a production environment at a fraction of the cost. For those unable to join live today, we’ll post the webcast archive here for viewing.

If you missed the past webcasts in the series, you can catch up and learn more about what was covered in these resources:

Ismael and Justin are also the co-authors of SEC530: Defensible Security Architecture and Engineering, currently available for registration in our Live Online and OnDemand formats. Demo the course for free here.

*** This is a Security Bloggers Network syndicated blog from SANS Blog authored by SANS Blog. Read the original post at: