In recent years, cloud has gone from being a small part of most companies’ IT strategies to a critical business capability as organisations increasingly take a cloud-centric approach. Remote work, driven by Covid, has led to an explosion of deployed, cloud-based services. One of the advantages of cloud computing is that it has given organisations more choice in the types of technology and services they deploy. However, this proliferation of cloud adoption has made it harder for organisations to understand and assess what good services look like and how to differentiate among suppliers.
Coupled with the growth in the deployment of cloud services, there has been an exponential rise in the cyber attacks targeting the cloud. According to the Palo Alto Networks 2022 Cortex Xpanse Attack Surface Threat Report, cloud continues to be a substantial and increasing target. In the data gathered from December 2021 to June 2022, cloud infrastructure issues rose from 80% to 91% of all observed cybersecurity issues. This is not surprising, given the speed at which organisations are deploying cloud services, and this is precisely why cloud service providers need to demonstrate to their customers that they take security seriously in the face of this threat landscape.
Fortunately, the UK National Cyber Security Centre (NCSC) recognised the challenging predicament many face and developed the NCSC Cloud Security Principles to help cloud consumers become better informed and enable them to ask the right questions of their cloud service providers. At Palo Alto Networks, we recently published our conformance statement to the NCSC Cloud Security Principles.
The 14 NCSC Cloud Security Principles help organisations navigate the various challenges from a compliance, conformance and operational perspective, so they can choose cloud service providers in an informed, secure and trustworthy manner. This is key when those services are likely to come from multiple providers hosted on multiple cloud environments. Leveraging these principles can result in a more effective service with lower overall costs, including decreased risk and security exposure.
The Cloud Security Principles can be grouped into five overarching themes, set out as follows:
At Palo Alto Networks, our most important responsibility is helping to ensure the security of our customers. To demonstrate this commitment to security, as well as transparency, the Palo Alto Networks conformance statement to the NCSC Cloud Security Principles illustrates our compliance and transparency of alignment with all of the principles.
Our approach to the NCSC Principles is indicative of the position we have taken generally and internally with our Trust 360 Program, where we have established a “trust but verify” model to our security controls. This global approach to transparent security allows our customers to continually evaluate our program and understand all of the security, compliance and privacy controls that are in place to protect our customers’ most sensitive data.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.