Last year was a difficult year, but 50% increase in technical attrition 2023 rather than 2022. Security features were completely unaffected by this trend. recent research By mid-2023, 22% of security professionals indicated they were in organizations with reduced security talent.
And if they were in a company that was downsizing, the study We found that the remaining talented security personnel were not very satisfied with their jobs and roles. Now is the time for cyber professionals to protect their future. Kubernetes security is your secret weapon that will make you irreplaceable.
Kubernetes security makes your team invaluable
Making yourself irreplaceable means connecting your skill set to the technology that drives your company's revenue stream. Companies like Netflix, Domino's Pizza, Slack, Shopify, and the New York Times all run their digital apps in their Kubernetes environments.
of fastest growing part IBM's OpenShift is Red Hat's managed Kubernetes platform. Migration to Kubernetes has been a top priority for engineering organizations for years, all because Kubernetes allows companies to innovate faster, at a speed not possible with a monolithic approach to application development. This is due to the fact that applications and new features can be developed.
Build trust with your most influential colleagues
Many of my most influential colleagues are in engineering and actively building Kubernetes stacks. If you can work well and reliably with them as a Kubernetes security partner, you become their “next generation” security team.
why? Because today, these teams must advise on security and partner with teams that have not invested in this knowledge. At KubeCon + CloudNativeCon he asked who owns security in Kubernetes and more than a third of engineers and site reliability engineers (SREs) agreed with his opinion that security is lagging behind in Kubernetes. did.
- “Security teams have a huge knowledge gap when it comes to Kubernetes.” — Senior Engineer
- “Security technology groups are not up to speed.” — SRE
- “Security should work together, but security knows nothing about K8.” — Developer
And data shows that security teams currently own Kubernetes security in just 28% of organizations, compared to 72% for operations, DevSecOps, developers, and DevOps.
But it's clear that for many security teams, Kubernetes security remains the difference between winning and losing. His SRE at a Fortune 100 healthcare company said his security team was eventually replaced with a “more technical” team that spoke the same language when it came to his Kubernetes.
Where are security teams needed most?
Even though engineering teams are responsible for Kubernetes security, proprietary metrics and performance metrics include KPIs around uptime, cost, and performance. Inevitably, they play a broad and active role in role-based access control (RBAC), Kubernetes versions, supply chains, networks, and common vulnerabilities and exposures (CVE). But they need a partner in crime.
So where can security teams benefit the most from their involvement? Where are they needed most? Where engineers typically spend their time: RBAC, Kubernetes versions, supply chain , network, CVE), it is clear that the gap that needs to be filled in security lies in finding blind spots not covered by guardrails and shifting to the left. as well as the security posture that is the result of engineering work.
This includes specifically detecting and responding to issues as they occur, auditing RBAC permission usage against written policies, and in a broader context why you should be aware of certain CVEs. means to actively demonstrate.
Targeted attacks against Kubernetes in 2023 also demonstrate the need for security team involvement. recent research, 17% of teams overall aren't doing DevSecOps yet. 2023 brought a ton of new stuff. Kubernetes attacksSoftware supply chain attacks Looking for kubeconfig file.There were also over 7 new items. Kubernetes CVE Even in 2023 alone.
Security teams need to intervene to prevent targeted attacks and uncover blind spots that allow attacks to enter.
Your job: Be an effective collaborator.
So how can you take advantage of that opportunity without spending an unrealistic amount of time becoming a complete expert? The answer is effective and clear collaboration.
The first step to collaboration is knowing what “good” looks like. In an ideal world, at the most general level, your job would be to understand the situations that can cause major problems and work with engineering to reduce the risk of major problems while moving the business forward. is.
In practice, security and engineering work together to understand the most sensitive clusters and what types of risks require disruption to uptime (worst-case scenario) or which developers You need to determine whether the role needs to have administrator, cluster, or other privileges. admin.
It's also important to know what ineffective collaboration looks like in Kubernetes security. In the example below, security is specialized in cloud security and shift left concepts, but in reality the vulnerability management program is only being run in response to compliance requests, and before alerts reach the engineering team, he CVEs and alerts are not prioritized. .
Alternatively, detection and response is still relegated to non-containerized workloads such as EDR and xDR solutions, so even if engineering notices CPU spikes that cannot be explained by their own actions, detection and response coordination is Little to no (although this could be explained by cryptocurrency mining breaches).
conclusion
Kubernetes Security is an open invitation to further your career and become an invaluable part of the company's progress. It comes with built-in collaborators and requires features that only security teams can provide. Here are some examples of how to incorporate this into your repertoire.
YouTube.COM/THENEWSTACK
Technology moves fast, so don't miss an episode. Subscribe to our YouTube channel to stream all our podcasts, interviews, demos, and more.
subscribe
