Cybersecurity has existed for as long as computers. Nuances and complexities, however, have been added to the practice by emerging standards in cloud and artificial intelligence — and in turn, organizations have to respond to these changing threats in ingenious, equally nuanced ways.

“I like to say that every company on earth needs to get three things right,” said Jaya Baloo (pictured), chief information security officer of Rapid7 Inc. “They need to understand themselves and their risks, so security awareness. Then they need to be able to see how it’s going, so visibility. But then they get drowned in data, so visibility and risk intelligence so they can prioritize those important things. And then, finally, security capability so they know what they need to worry about, they can see how it’s going and they can act as quickly as possible.”

Baloo spoke with theCUBE industry analyst Dave Vellante at the Supercloud 3: Security, AI and the Supercloud event, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed the cybersecurity nuances of managing cross-cloud security and defending against new threats.

Cross-cloud complexity: Does it hamper cybersecurity efforts?

While preemptive cybersecurity is a no-brainer, companies can only actively defend against the threats they’re aware of. Thus, visibility and awareness across all of the disparate clouds is a must. Threat intelligence and a fundamental architectural understanding are also necessary for an effective zero-trust approach, according to Baloo.

Rapid7 is a customer-zero company, meaning that it uses internally the same suite of products it offers to customers. This gives the company unique levels of visibility to manage far-flung multiclouds with tools like InsightCloudSec, Rapid7’s cloud-native security platform that manages cloud security posture, secures cloud workloads and governs identity and access management, Baloo added.

“I can look at the GCP workloads, the AWS and Azure stuff in a single pane of glass and have this good overview, have this asset understanding and ownership status, and understand how our policy-driven baselines are complied with or not and whether we have the right coverage and the right policies in place,” she said. “When I say policies, I mean technical ones, not paper ones. So, the right technical policies in place to actually be able to monitor those things are important.”

Rapid7’s focus is delivering comprehensive, operationalized solutions for threat detection and response, vulnerability and malicious behavior monitoring, and attack resolution. But beyond security, its customers rely on a swathe of other tools for other business operations. It falls to Rapid7 to incorporate those tools into their overall security posture, according to Baloo.

“If we keep it simple, I focus on two things initially: vulnerabilities and incidents,” she said. “I have a baseline, we have frameworks and we have all different types of certification schemes. I want to understand: Where are those areas, those gaps, those potential places of exploitation for an attacker? That’s where I put my energy, because everything that is allowed to remain persistent, both in terms of vulnerabilities as well as long-running incidents prevents an opportunity for the attacker.”

Cross-platform partnerships are crucial to a secure supercloud

Every enterprise relies on a Swiss Army knife of tools to perform several intrinsic operations, such as marketing, sales, customer relationship and app development. The security tool needs to gel with all of those and perform in a platform-agnostic manner, and that’s what happens with Rapid7, according to Baloo.

“Because, again, we are a multicloud environment, it means partnering up. And we have a very strong partnership relationship with Amazon, also with GCP — we need to work together,” she explained. “In that sense, we’re very much agnostic. It’s really about ‘how can we get the best benefits of the integrations that are already there, make sure that the products work together, and then give ourselves the greatest degree of visibility and control possible?'”

To bridge that cross-cloud divide, Rapid7 employs a standardized approach with baseline builds that cloud engineers can use irrespective of the particular cloud environment, according to Baloo.

“I think it’s trying to make sure that we’re not being too rigid to our developers, [and] that they have a degree of freedom and possibility, while at the same time maintaining the standards of what we want across the board for security and quality,” she said. “That last part is not easy, so it’s really about continuously pushing out those baselines.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the Supercloud 3: Security, AI and the Supercloud event:

Photo: SiliconANGLE