This year at RSA 2017, we caught up with VP Cloud Research Mark Nunnikhoven to get his insights on trends and challenges the modern security team is facing and the steps we can take towards a more secure and layered approach to hybrid cloud security. Whether you’re moving to cloud, your DevOps team is feeling the pressure of security responsibilities, or you can’t determine if the latest “silver bullet” solution is what you really need, Mark provides the answers to your burning security questions.

Here are some great takeaways from the interview to help you answer your hybrid cloud security questions.

More and more we see DevOps teams feeling overwhelmed by the challenges of increasing responsibilities with fewer resources. What can your security vendor do to help balance the load?

There is currently an overload in messaging from all vendors, but you have to can’t rely on one thing and have to look to your security best practices. Advanced techniques like machine learning can help, but if you can catch a problem with a simple check of what’s known good or known bad, why wouldn’t you go for the simpler solution?

“Machine learning” is the newest fad in security, but the definition isn’t always so clear. How do you define machine learning and what is it doing to improve security?

It’s a big buzzword right now in security, but it isn’t even a new tool to Trend. Machine learning, to the IEEE Computational Society and tech communities, is clearly defined. The simple result is setting up a computer program that will be able to look at something and make a decision whether it matches a known set of something or not. Over time the model learns and will be able to make judgements based on its learnings.

With that understanding of machine learning, it’s easy to understand why others might consider it to be the be-all end-all solution. Why might it not be enough?

Nothing is perfect. Even the best trained machine learning models are only in the high 90’s for accuracy. You can’t expect there to be a one-trick pony solution for security. When responsible for a customer’s data, you can’t responsibly protect it with one tool. People have made those controls, people make mistakes.

You’ve been hit with ransomware. What are the steps you should take in the first 24 hours?

It depends what level of user you are. Hopefully you’ve take the steps to back up your data and apply basic security controls. While it’s hard to give generic advice, if you have been breached, the easiest thing you can do is disconnect your system from the network, but leave it on. Once you’ve disconnected, you prevent further damage, but if you turn it off, you can actually increase the damage. Then get in touch with an expert, IT help desk, consulting companies, or service providers. But leave it as is! This gives a better chance of recovering your data. This is a nightmare scenario. Ideally it is better to take the preventative measures up front.

Many teams are making the move to a hybrid cloud environment. What can security vendors be doing to help with that move and make the transition easier?

What people need to realize up front, it’s not a spontaneous move, it’s a transition that applies to both security and operations. Look at where you want to be in the cloud and your ideal end state, and the tools needed to make that change and start applying those changes today in your data center. The faster you can get your teams used to those new tools and skill set as you migrate your assets out to the cloud, the smoother transition you will have.

Follow @marknca for your daily dose of cloud security news

As more and more organizations are starting to realize, hybrid cloud is already happening and will continue to evolve as we strive to find better, faster and more efficient ways to store and share data. Not unlike the great cities of our world, we often see old and new side by side – the ancient architectures of yesterday nestled next to the futuristic glass skyscrapers of tomorrow.

When it comes to securing your on-premise and virtual environments it may seem like you’ve got it all figured out, but what happens as we move along the server evolution and bring environments like the cloud and containers into the mix? In an effort to be agile and cost efficient many organizations are using these new environments but may not have the protection to match.

Bridging the hybrid cloud

We are very excited to announce the release of Deep Security 10 powered by XGen™ security. Deep Security 10 continues to embrace the challenge of hybrid cloud, delivering enhancements designed to give you even more visibility across all of your environments—physical, virtual, cloud, and now containers. You’re working to leverage these environments to support your business – and that business needs to be protected.

The first step is visibility. With the new smart folders feature, applications that span different infrastructures can be treated as one using a smart attribute-based grouping system. Now you can manage applications across vastly different infrastructure platforms as if they were one, be it physical, virtual or cloud.

Next, let’s talk about layered security.  Deep Security 10 is powered by XGen™ Security, a blend of cross-generational threat defense techniques. Deep Security leverages server-centric threat defense techniques from tried and true technologies like intrusion prevention, anti-malware, and application control right up to the most leading threat defense techniques like sandbox analysis, machine learning and behavioral analysis to guard against the most sophisticated threats.

New in Deep Security 10 we introduce behavioral monitoring capabilities, which can identify changes in installed software and/or changes in system files. These enhanced protection capabilities for Windows environments including new ransomware capabilities, protection against unauthorized encryption, and new real-time memory scanning, combine to ensure a more advanced layered security protection across Windows environments and your entire hybrid cloud.

This new release adds many integration and management enhancements, including faster connection and time to protection for Azure workloads, along with support for the latest Azure account format, Azure Resource Manager v2 (ARM). It also expands beyond server workloads to protect Docker containers, leveraging proven techniques like anti-malware, IPS and application control to protect dynamic container deployments.

Security that fits your environment, and your team.

Deep Security 10 has at its core the support for flexible deployment, hybrid policy management, support for auto-scaling, and blue/green deployments. We understand how to secure the long-standing physical servers, right up to the ephemeral servers living for mere minutes or even seconds in the cloud. This includes consumption-based licensing options for truly dynamic workloads that you can find in the Azure Marketplace and by using our Deep Security as a Service product. No matter how you manage security, Deep Security is designed to support the traditional IT security model or the latest DevSecOps – or both!

Stay tuned for the general availability of Deep Security 10 this March, and be sure to check back here often for new updates and releases about your favorite hybrid cloud security tool for Azure!