Cloud adoption is rapidly growing, helping businesses improve scalability, promote growth and facilitate agile development. However, in a post-COVID world, cloud technology has become a necessity, and cloud security is a critical concern.
Almost overnight, businesses of all sizes needed to accommodate an abrupt shift to remote work. It was cloud technology that helped achieve this goal, enabling businesses of all sizes to operate remotely. In addition, it has become necessary to scale up digital operations and accelerate digital transformation. These digital capabilities enabled consumers to access services remotely, and employees to work remotely at an unprecedented scale.
Remote access paradigms, enabled by cloud technology, have become critical to ensure business continuity in the pandemic. Unfortunately, this has made cloud infrastructure a primary target for attackers.
The State of Cloud Security
Cloud computing offers many benefits, but unfortunately, it also introduces new security risks and new challenges. To illustrate this, nearly three-quarters of organizations using the public cloud reported they were hit by a breach, according to the 2020 Sophos Cloud Security Report.
Many more studies reveal the difficulty of cloud security. For example, the 2020 CheckPoint Cloud Security Report highlights the challenges of protecting workloads and data in public cloud environments. Key findings include:
- Three-quarters of organizations are concerned about their ability to secure public clouds.
- Breaches are more significant in the cloud, according to 52% of survey respondents, who believe the risk of breaches is higher in the public cloud.
- Cloud security budgets are increasing, with 59% of the surveyed organizations expecting to increase cloud security spending next year. On average, 27% of security budgets are devoted exclusively to cloud security.
- Security is a primary barrier to cloud migration, with 37% of respondents saying data privacy issues prevented them from migrating to the cloud.
- Security tools are slow to adapt to cloud environments, with 82% of respondents saying existing security tools either do not work at all or can only provide limited functionality in the cloud. In addition, 36% said they delayed cloud migration because of a lack of integration with on-premises security tools.
- Top public cloud security threats are cloud platform misconfigurations (68%), unauthorized access to cloud environments (58%), insecure interfaces (52%), and account hijacking (50%).
The Cloud Security Arms Race: Emerging Cloud Security Technologies
The cloud security challenge is starting to dominate enterprise security operations and budgets. Therefore, new technologies are emerging that can help organizations defend themselves. Here are some of the notable technologies that will shape the future of cloud security.
Extended Detection and Response (XDR)
XDR technology provides a unified incident response and security platform to collect and correlate data from several proprietary components. Importantly, these solutions offer platform-level integration out of the box. This means they do not require organizations to purchase and integrate multiple tools.
Organizations that run their workloads on public clouds face many security risks, such as misconfiguration, insecure APIs, insider threats, and unauthorized access. In response to these threats, XDR addresses the following challenges:
- Securing identity management—XDR tools monitor end-users and service roles, and collect data from several cloud environments. XDR solutions can identify anomalous behavior on privileged accounts and prompt security teams with alerts.
- Analyzing cloud logs—cloud workloads generate massive volumes of logs, which can be challenging to analyze manually. XDR tools can process cloud logs and apply artificial intelligence (AI) algorithms to identify risks.
- Analyzing network flows—public cloud networks are complex and often difficult to monitor for threats. XDR tools analyze network traffic across the entire cloud ecosystem. XDR tools use intelligent analysis to identify network security incidents, and even respond automatically, using network segmentation to isolate an infected system.
How will it change cloud security?
XDR will make it possible to detect and respond to attacks, even if they cut across layers of the IT environment. These include clouds, local networks, and unprotected endpoints.
Zero Trust Network Access (ZTNA)
Zero Trust Network Access (ZTNA) technologies help organizations establish secure remote access to cloud services and applications. They do this by applying dynamic access control policies.
ZTNA technologies allow remote access, but without granting complete access to a cloud network. Instead, ZTNA solutions deny access by default. This means they only provide explicitly granted access for the current user, depending on the time, type of operation, data accessed, and action performed.
ZTNA solutions prevent users from seeing any services and applications they do not have permission to access. This allows ZTNA to protect against lateral movement attacks, in which compromised credentials or endpoints allow an attacker to move to other services and systems.
How will it change cloud security?
ZTNA uses the zero trust model to control user access with high granularity, across complex, dynamic cloud services.
Secure Access Service Edge (SASE)
Secure Access Services Edge (SASE) technologies help organizations secure access to cloud services, private applications, and websites. They can also reduce the complexity of endpoint protection. This makes SASE particularly helpful for securing virtual workforces, digital customer experience, and digital-first businesses.
Notable SASE features include access controls for endpoints, advanced threat protection, security monitoring, and data security. In addition, SASE offers centralized controls for acceptable use, which are enforced by API-based integration.
SASE is often delivered as a cloud service, but some vendors provide on-premises and agent-based components. According to Gartner, SASE solutions should also provide zero-trust and least-privileged access based on context and identity.
How will it change cloud security?
SASE recognizes that in cloud environments, remote access is a first-class citizen. It goes beyond aging technologies like VPN, providing secure access for remote users with granular permissions and advanced anomaly detection.
SSPM
Modern enterprises use dozens of Software-as-a-Service (SaaS) applications. Each of these applications has its own access and security configurations, and presents its own risks and vulnerabilities. SaaS Security Posture Management (SSPM) offers a set of security tools and automation capabilities for SaaS applications.
SSPM solutions first assess existing security measures and configurations for a company’s entire SaaS portfolio. They can then provide insights, including recommendations for improvements in existing SaaS configurations. Advanced solutions can also automatically apply secure configurations to SaaS applications across the enterprise.
How will it change cloud security?
SaaS applications were, until recently, uncharted territory for security teams. SSPM makes SaaS visible, and allows security teams to verify security controls and monitor for security violations.
Web Application and API Protection (WAAP)
Web applications and APIs, which are an integral part of cloud environments, are designed to be exposed to the Internet. As a result, these technologies have access to sensitive data and credentials, making them a valuable target for cybercriminals.
Web Application and API Protection (WAAP) technology play a similar role to traditional firewalls. However, unlike firewalls, which focus on protecting the network layer, WAAP focuses on application layer traffic. As a result, WAAP solutions are deployed at the outer edge of your network—on the public side of the web application.
Key capabilities provided by WAAP solutions include Next-Generation Web Application Firewall (Next-Gen WAF), malicious bot protection, advanced rate limiting, protection for microservices and APIs, and account takeover (ATO) protection. In addition, it can help detect unauthorized access to customer accounts through authentication APIs or the customer-facing authentication process of an application.
How will it change cloud security?
Web applications and APIs are the primary interfaces of cloud systems, yet they are often the least secured. WAAP builds on existing technologies like WAF to address vulnerabilities, detect malicious traffic and prevent it from reaching a cloud environment.
Conclusion
Cloud security is gaining center stage, and attackers are growing more sophisticated. Luckily, the security industry is rising to the challenge with new security tools and platforms:
- XDR—providing unified threat detection and response across cloud, on-premise networks, and endpoints.
- SSE—comprehensively securing access for remote users.
- SSPM—locking down SaaS applications.
- ZTNA—centralized access control built for dynamic cloud environments.
- WAAP—securing web applications and APIs, the user-facing interfaces of cloud systems.
In 2022 and beyond, organizations will adopt these new technologies to address a new wave of cloud threats, and secure the core of our evolving digital economy.
Image Credit: Mateusz Dach; Pexels; Thank you!
The post The Future of Cloud Security: 2022 and Beyond appeared first on ReadWrite.
Comentarios recientes