Collaboration between cloud providers and the unification of cross-environment data will be critical to cybersecurity in the multi-cloud world, according to AWS CISO Chris Betz.
Responding to a question on how the hyperscaler approaches multi-cloud and hybrid cloud security, Betz told ITPro that he thinks about it in two key ways, the first being collaboration.
“One of the things that I love about the security community is how small a community it is,” Betz said.
Among fellow CISOs, there is a clear sense of being on the same side, he added. Security execs from different companies or providers are not adversaries, rather, their adversaries are threat actors.
“I frequently have conversations with my peers. I pick up the phone and talk to them on a regular basis. We share information about current threats,” Betz said.
“Because we're all focused on a common enemy, that collaboration is incredibly important,” he added.
This appears to feed into the firm’s ethos on multi-cloud. Betz noted that “the partnership between the clouds remains incredibly important because we recognize that customers operate in that space - we recognize that adversaries are outside.”
AWS has invested heavily in multi-cloud security capabilities in recent years. A key factor in this sharpened focus has been driven by the fact many customers are ramping up multi-cloud adoption as part of their cloud modernization strategies.
AWS offers solutions that automatically go multi-cloud, Betz said, as well as environments that allow customers to bring data together from multiple clouds to bolster visibility and ensure consistent observation of environments.
Released in 2023, Amazon’s Security Lake centralizes organizational security from across AWS providers, SaaS providers, on-prem systems, and clouds into a data lake. This allows users to act more quickly and simply across hybrid and multi-cloud environments.
“We continue to build systems that allow for bringing the data together to have a consistent view of what happened,” Betz said. “And I think that's something that we're going to continue to see the industry do at large, and remain important for us and for our customers.
The multi-cloud era
Betz’s comments come just weeks after AWS and Oracle announced a partnership focused on supporting multi-cloud environments. The offering allows for the use of Oracle database services within AWS.
Multi-cloud was the focus point at Oracle CloudWorld 2024, the event where this partnership was unveiled, and customers across the board are operating on increasingly larger cloud environments that bring together different vendors.
For example, research from OVHcloud earlier this year found that 64% of IT decision-makers (ITDMs) in the UK see their use of multi-cloud increasing over the next two years.
RELATED WHITEPAPER
But while multi-cloud is growing in appeal for enterprises globally, this approach can have its pitfalls, especially with regard to complexity. Research from PwC earlier this year revealed IT leaders have grown concerned with the levels of complexity associated with multi-cloud security, for example.
“Many leaders of large organizations assume security is taken care of by cloud providers. Even if they recognize that’s not enough, many struggle to pinpoint where to invest resources to strengthen their cloud security. This is often because of the sheer complexity of their multi-cloud hybrid environments,” PwC said.
More from CloudPro
- Partnerships are Oracle's key to success in the "multi-cloud era"
- Storage architectures must change to meet the needs of AI
- How Snowflake is helping customer navigate new and emerging challenges
-
Cleo attack victim list grows as Hertz confirms customer data stolenNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
Lateral moves in tech: Why leaders should support employee mobilityIn-depth Encouraging staff to switch roles can have long-term benefits for skills in the tech sector
-
The Wiz acquisition stakes Google's claim as the go-to hyperscaler for cloud security – now it’s up to AWS and industry vendors to reactAnalysis The Wiz acquisition could have monumental implications for the cloud security sector, with Google raising the stakes for competitors and industry vendors.
-
Abandoned S3 buckets could have caused a catastrophic supply chain attack – and all at a cost of just $400News Researchers think they just uncovered what could’ve caused the mother of all supply chain attacks.
-
AWS expands Ohio investment by $10 billion in major AI, cloud pushNews The hyperscaler is ramping up investment in the midwestern state
-
Microsoft hit with £1 billion lawsuit over claims it’s “punishing UK businesses” for using competitor cloud servicesNews Customers using rival cloud services are paying too much for Windows Server, the complaint alleges
-
AWS re:Invent 2024 live: All the news and updates from day-three in Las VegasLive Blog ITPro is live on the ground in Las Vegas for AWS re:Invent 2024 – keep tabs on all the news and updates from day-three here
-
Westcon-Comstor bags major European distribution deal with AWSNews The company plans to launch a dedicated European AWS cloud business unit
-
AWS opens physical sites for fast data uploads – but it could cost you up to $500 an hourNews Amazon Web Service (AWS) has launched a new Data Transfer Terminal service to allow customers to upload data to the cloud from a physical site.
-
Three things to look out for at AWS re:Invent 2024Analysis The cloud giant is likely to come in hot on sovereign cloud and multi-cloud, alongside generative AI updates
