There was a time when cloud was just a small subset of IT infrastructure, and cloud security referred to a very specific set of tasks. The current reality is very different -- organizations are heavily dependent on cloud technologies and cloud security has become a much more complex endeavor.
Organizations increasingly rely on the cloud to deliver new applications, reduce costs, and support business operations. One in every four organizations already have majority workloads in the cloud, and 44% of workloads currently run in some form of public cloud, says Fernando Montenegro, a senior principal analyst for infrastructure security at Omdia. Montenegro is speaking on trends and challenges in cloud security this week at the SecTor conference in Toronto.
Practically every midsize and large organization now operates in some kind of a hybrid cloud environment, with a mix of cloud and on-premises systems. For most organizations, software-as-a-service constitute the bulk (80%) of their cloud environments, followed by infrastructure-as-a-service and platform-as-a-service deployments, he says.
In the past, cloud security conversations tended to focus on making sure cloud environments are being configured properly, but cloud security nowadays goes far beyond just configuration management. The sprawling cloud environment means security management has to be centralized, Montenegro says. Security functions also need to be integrated into existing application deployment workflows.
On top of all of this, multicloud is becoming more common among organizations as they shift their workloads to avoid being dependent on a single platform. The three major cloud providers – Amazon Web Services, Microsoft Azure, and Google Cloud Platform – account for 65% of the cloud market, Montenegro says.
Cloud Security Tooling
In Omdia’s recent "Decision Maker Survey," CISOs and other security practitioners were asked to list their top cloud security concerns. The majority of the focus was on the cost of security tools, followed by the kind of functionality available by these tools, the ability to respond to incidents, and data security.
The key challenge facing organizations today is equipping security teams with the correct tools and identifying best practices in order to adequately respond to cloud incidents, Montenegro says.
A cloud workload protection platform (CWPP) tool helps security teams discover workloads within the organization's cloud deployments and on-premises systems and look for potentially exploitable security issues. CWPP also provide security controls to address identified issues.
Cloud permissions management (CPM) tools provide visibility into permissions assigned to all identities -- not just human users, but also machine identities and workloads -- as well as to resources across cloud infrastructures. CPM helps reduce the impact of exposure as a result of excessive privileges.
Cloud security posture management (CSPM) is an important tool in the security team's cloud arsenal. CSPM tools help security teams gain visibility over security configuration and compliance concerns, Montenegro says. CSPM tools automate the identification of risks across cloud infrastructures and also help remediate the risks.
According to Montenegro, the Omdia survey suggests that security teams at organizations that have deployed CSPM in production are able to focus on other issues such as data security and the time it takes to respond to incidents because configuration and compliance concerns have been addressed.
Each platform handles security differently, so instead of trying to manually manage the controls on each platform, the goal is to centralize security management. With the increased adoption of cloud technologies, security teams are interested in managing security controls in one place and have them cascade down to individual platforms, says Montenegro.