* [Blog](https://www.paloaltonetworks.com/blog)
* [Palo Alto Networks](https://www.paloaltonetworks.com/blog/corporate/)
* [Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/)
* Implementing Cloud-Native...

# Implementing Cloud-Native Security

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2023%2F01%2Fstrategies-to-augment-cloud-native-security%2F)  
[](https://twitter.com/share?text=Implementing+Cloud-Native+Security&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2023%2F01%2Fstrategies-to-augment-cloud-native-security%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2023%2F01%2Fstrategies-to-augment-cloud-native-security%2F&title=Implementing+Cloud-Native+Security&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/2023/01/strategies-to-augment-cloud-native-security/&ts=markdown)  
\[\](mailto:?subject=Implementing Cloud-Native Security)  
Link copied  
By [Stephen Ellis](https://www.paloaltonetworks.com/blog/author/stephen-ellis/?ts=markdown "Posts by Stephen Ellis")  
Jan 13, 2023  
5 minutes  
[Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown)  
[Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)  
[Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)  
[Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown)  
[Cloud-Native](https://www.paloaltonetworks.com/blog/tag/cloud-native/?ts=markdown)  
[Government](https://www.paloaltonetworks.com/blog/tag/government2/?ts=markdown)  
[Palo Alto Networks Government Cloud Services](https://www.paloaltonetworks.com/blog/tag/palo-alto-networks-government-cloud-services/?ts=markdown)  
[Prisma Cloud](https://www.paloaltonetworks.com/blog/tag/prisma-cloud/?ts=markdown)

## Four Key Strategies for the U.S. Government

Over the course of U.S. history, antagonists have leveraged vulnerabilities to initiate attacks against our critical infrastructure. Security approaches that mitigate these risks are vital to helping secure the nation. As cloud infrastructure continues to grow in importance, securing it has become a central area of focus across government. Therefore, implementing cloud-native security is a key area of focus.

#### **An Example from History**

[Just over 200 years ago, on January 8, 1815](https://www.youtube.com/watch?v=xXHgLATmxwc), the British military attempted to capture New Orleans, which was considered a backdoor into the US heartland, via the nation-critical infrastructure of the Mississippi River. Fortunately, a motivated and diverse cadre of Americans (that included Native and African Americans) singularly routed the invading British force at the doors of New Orleans [in 30 minutes by some calculations](https://www.history.com/topics/war-of-1812/battle-of-new-orleans).

#### **Fast Forward to Today**

In some ways, cloud infrastructure has replaced the "riverways of old" as nation-critical infrastructure. Vulnerabilities to the systems and environments in the cloud expose us to analogous grave threats, given application capabilities, as well as the amount and sensitivity of data.

#### **Importance of the Cloud Is Only Growing**

[The continued sprint to the cloud](https://tinyurl.com/2d6r2a4u) makes this risk-area even more serious. Several factors have combined to spur this accelerating cloud migration, including substantial technology advancements, the impact of COVID on workforce deployments, and the ever-present challenges in hiring and maintaining IT and IT security teams.

### **Key Strategies to Secure the Cloud:**

As we move an increasing number of systems to the cloud, applications and data can be at risk from flaws and vulnerabilities. In forming our defensive arsenal, combating these risks will take several interrelated areas of focus:

1. **Shift Security Focus and Responsibility "To the Left"**

The [shift-left cloud security](https://www.paloaltonetworks.com/blog/2022/11/shift-left-and-increase-your-security-posture/?ts=markdown) mindset incorporates security testing and validation earlier in the cloud-native development process. Cloud-native development introduces new development assets, like infrastructure as code (IaC) files, container image specifications, APIs for microservices and cloud deployment artifacts, to name just a few. With these new assets also comes new attack vectors. These new attack vectors, combined with the speed and scale of the cloud, demand that vulnerabilities and security risks cannot be left for the security team or SOC to address during operational deployment. They must be identified and addressed during the development process, preferably by the developers themselves. By "shifting left" the timeline in which security issues are identified and mitigated, agencies are able to reduce both the cost of remediation, as well as the risk of exposure or breach of cloud-native applications.

**2. Cloud-Native Applications Require Cloud-Native Security Solutions**

As mentioned above, cloud-native application development generates assets unique to cloud-native deployments. The process for developing, testing and deploying such applications is also distinct and introduces several [security risks that require cloud-aware or cloud-native security solutions](https://www.paloaltonetworks.com/blog/prisma-cloud/what-are-the-top-five-cloud-native-risks/?ts=markdown) to address them. Whether it's addressing containerized application vulnerabilities, cloud infrastructure security misconfigurations, cloud-aware malware, overprivileged cloud permissions, or insecure APIs supporting microservice based architectures, these risks cannot be addressed by legacy security solutions. Only cloud-native security solutions will have the cloud awareness, scalability and end-to-end application lifecycle coverage to address these risks from development through deployment.

**3. Right-Size Security Investments to Address the Elevated IT Complexity**

A recent McKinsey study considered that, "the [budgets of many if not most chief information security officers](https://www.mckinsey.com/capabilities/risk-and-resilience/our-insights/cybersecurity/new-survey-reveals-2-trillion-dollar-market-opportunity-for-cybersecurity-technology-and-service-providers) (CISOs) are underfunded." This can mean challenging decisions on where to make investments. It could mean scaling new projects to account for the bandwidth and cyber teams' training. Additionally, it can mean new and creative approaches to obtaining additional dollars for cyber investments, including [technology modernization funds](https://tmf.cio.gov/) or [grants](https://www.paloaltonetworks.com/blog/2022/09/new-cybersecurity-grant-program-is-a-game-changer/?ts=markdown). Gartner's recent report on [Cloud Native-Application Protection Platforms](https://start.paloaltonetworks.com/gartner-report-cloud-native-application-protection.html?utm_source=google-jg-amer-prisma_cloud&utm_medium=paid_search&utm_term=prisma%20cloud&utm_campaign=google-prisma_cloud-cnapp-amer-multi-lead_gen-en&utm_content=gs-16994480386-136033040579-635091330195&sfdcid=7014u000001hKxoAAE&gclid=EAIaIQobChMIk5fVpcm9_AIVldzICh2UZwHMEAAYAiAAEgK6PvD_BwE) (CNAPP) is a good resource to start the process of ideating the investments needed.

**4. Leverage a Proven Vision in Zero Trust to Your Cloud Security Strategy**

Zero Trust is a strategic approach to cybersecurity that secures an organization by eliminating implicit trust and continuously validating every stage of a digital interaction. This approach includes securing on-prem, cloud or multi-cloud public environments.

[Zero Trust is just as relevant to the cloud world](https://www.paloaltonetworks.com/blog/2020/07/cloud-zero-trust-for-cloud/?ts=markdown) as it is to your traditional environments. In a multi-cloud world, compliance and visibility are the linchpins of maintaining a Zero Trust approach. We have found that inconsistencies in configurations across different cloud platforms can lead to substantially elevated risk.

### **Securing Our Nation from Today's Threats**

At first glance, the Battle of New Orleans and the fight to secure our cloud-native government infrastructure appear totally unrelated. In reality, they both share nation-critical consequences. If the British had won the Battle of New Orleans, it could have had far-reaching implications for our nation, potentially undermining our independence and radically changing the day-to-day lives of all Americans. Similarly, if today's cyber adversaries are able to successfully penetrate the government's cloud application development, there could be serious consequences for agencies, nation-critical data, vital IT systems, as well as a grave impact to our day-to-day lives.

*** ** * ** ***

## Related Blogs

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### More on the PAN-OS CVE-2024-3400](https://www.paloaltonetworks.com/blog/2024/04/more-on-the-pan-os-cve/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown)

[#### Accelerating Cloud Adoption Across the Scottish Public Sector](https://www.paloaltonetworks.com/blog/2024/03/cloud-adoption-across-the-scottish-public-sector/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown)

[#### Partnering with Government to Strengthen Cyber Resilience in Poland](https://www.paloaltonetworks.com/blog/2024/01/strengthen-cyber-resilience-in-poland/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown), [News \& Events](https://www.paloaltonetworks.com/blog/sase/category/news-events/?ts=markdown), [Partner Integrations](https://www.paloaltonetworks.com/blog/sase/category/partner-integrations/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [SD-WAN](https://www.paloaltonetworks.com/blog/sase/category/sd-wan/?ts=markdown)

[#### Orange and Palo Alto Networks Deliver Cloud-Native Managed SASE](https://www.paloaltonetworks.com/blog/2023/08/orange-and-palo-alto-networks-deliver-cloud-native-managed-sase/)

### [Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### Cracking the Code --- How Machine Learning Supercharges Threat Detection](https://www.paloaltonetworks.com/blog/2023/06/cracking-the-code-how-machine-learning-supercharges-threat-detection/)

### [Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### Hasta La Vista Human Powers --- Automating the Automation](https://www.paloaltonetworks.com/blog/2023/05/automating-the-automation/)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language