“Metaphors? Are they a new tool in the cloud security arsenal?” Nope. But they can influence the way we view, understand, and interact with the cloud security arena.

A Short History Lesson

We draw many of our computer security metaphors from history and the physical world. Traditional analogies talk about defense-in-depth (aka the Castle Approach), locks and surveillance, active defense, mitigation and response, and so on.

In the 17th century, Sébastien Vauban, a military fortifications designer and strategist, made brilliant advances in both defending and attacking point fortifications. (We can find a lot of parallels there to blue and red teaming.) Leaping ahead in time, France developed some seriously imposing defenses in the decade prior to the start of World War II by building a virtually impregnable fortification called the Maginot Line along the German border.

Of course, Vauban’s once state-of-the-art fortifications became obsolete, and we know the Maginot Line proved utterly ineffective in an age of mobile warfare. Germany simply found a “zero-day” and went around it.

The World Has Changed

As I pointed out in my SOURCE talk, many security principles carried over from the pre-cloud era — but several changed fundamentally when defense moved into the cloud. Three that have changed the most center on Scale, Control, and Transience, and it’s critical that we understand them so we don’t allow these potential strengths to become liabilities. Briefly consider the following:


A single IT admin can reasonably expect to manage between 100 and 250 physical assets. We expect cloud admins, on the other hand, to scale up to 25,000 instances and beyond. The same scale that makes using the cloud attractive for business makes managing the cloud a potential nightmare. Think about that scale in terms of security alerts, real and false positives, etc.


When an on-prem asset misbehaves, we can simply go over and troubleshoot in safe mode. When the cloud instance misbehaves, the cloud provider might just reboot it for you. Even worse, your asset might get rebooted if somebody else on the same hardware misbehaves. Cloud providers give a different granularity of control.


Transience represents the biggest paradigm shift for the cloud. Where previous admins bragged about uptime, long-running servers are a liability in the cloud. When admins use transience to their advantage, attackers can surround an asset, only to find that it has disappeared. That idea sounds like a headache for most admins, but the right tooling and mindset turns it into a necessary attribute and a fundamental strength.

Long Live the Cloud

Because the cloud is a dynamic, heterogeneous ecosystem, it is almost completely different from pre-cloud environments, which were much more like Vauban’s fortifications. Scale, transience, and control all had fundamentally different meanings and values in that world. Once built, his fortresses didn’t need to (couldn’t) scale; control was the intentional outcome of their unyielding design; and enduring permanence rather than transience defined their success.

Clearly, traditional physical defense metaphors do not reflect the paradigm shift to the new world of the cloud, so it’s time to learn from history and update our security metaphors. When they’re understood correctly and managed accordingly, scale, control, and transience can be transformed from serious challenges or potentially fatal liabilities into the greatest strengths that can be wielded in the cloud.

New Metaphors for Seeing and Managing in the Cloud

Metaphors let us see the whole picture, a concept, the forest instead of the trees. As Orson Scott Card said, they “have a way of holding the most truth in the least space.” But if they’re outmoded, worn out, or just plain wrong, they can hem in our ideas, limit our thinking, and prevent us from seeing a new reality.

Here are two metaphors that will, perhaps, guide us to more effective ways of looking at and working in the cloud.

Cattle (Not Pets)

We all love our gadgets, and tend to treat our physical machines as pets. By extension, there’s a temptation to treat cloud instances as things we get attached to. But if we see cattle instead of pets, we have a more powerful and useful metaphor. We can shed our traditional, possessive way of looking at infrastructure and adopt a new attitude that’s more suited to the cloud. With a more dispassionate view, we are better able to see cloud instances as transient (or disposable) assets to be used as necessary, to be scaled up or down in numbers according to need, and to be controlled with swiftness and agility to suit a given purpose. “Cattle” lets us focus on goals without getting hung up on the means. Scale, transience, and control can now be leveraged more effectively.

Flying Islands and Castles in the Sky

Rather than Vauban’s earth-bound fortresses, our cloud instances should look more like the flying island of Laputa from Gulliver’s Travels. Attackers can attempt to surround the island, but then we simply move it. We can move our valuable assets elsewhere or segment the instance — anything that causes attackers to realize they’re in the wrong castle. Again, transience is central to this notion, and it enables us to control with swiftness and agility.

Ensuring Security and Success in the Cloud

The history lessons and metaphors outlined above, no matter what stage you’re at — on-premise, hybrid, or fully in the cloud — can guide you to a more accurate way of looking at the cloud and cloud security. This, in turn, will provide the focus you need for developing a powerful cloud security strategy, selecting appropriate tools, and employing effective tactics to build your fortress in the sky.

To learn more about how to implement a successful cloud security strategy tailored to your organization’s unique needs, check out our Cloud Security Playbook.