Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

12/10/2018
10:30 AM
Ory Segal
Ory Segal
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

6 Cloud Security Predictions for 2019

How the fast pace of cloud computing adoption in 2018 will dramatically change the security landscape next year.

In 2018, more organizations adopted cloud computing, and at a rapidly growing pace. The main drivers for cloud were high efficiency, easier and faster deployments, and, of course, scalability. But from a security perspective, the speedy adoption of cloud computing is forcing security professionals to learn about new challenges, cloud-specific risks, and relevant mitigations as well as to develop more modern cybersecurity strategies.

The past year also brought with it a greater number of security incidents related to misconfigured cloud accounts, which is a trend that I expect to increase as more organizations adopt cloud computing without growing their cloud security teams or hiring professionals with a deep understanding of cloud security issues.

What do those recent trends portend for the future? Here are six cloud security predictions for 2019:

Prediction 1: Serverless adoption will drive cloud security automation.
As organizations increasingly move to serverless architectures, they are also discovering more use cases for cloud security automation because serverless functions provide a means to launch security logic as a response to cloud events. Examples include: when there are spikes or anomalies in cloud account billing expenses as a result of service abuse, denial-of-service attacks, or cryptomining; when someone attempts to deploy new cloud assets/services or code outside the normal deployment pipeline; or running compliance checks on new code or cloud resources as part of the deployment pipeline.

Prediction 2: Cloud providers will take on a major role in security.
With serverless adoption skyrocketing in 2018, more teams are choosing to either switch from container-based architectures to serverless, or simply skip containers all together. The reason? An increasing number of system components are now abstracted and, subsequently, they require less management. This is also the case for cloud security. Serverless architectures are the highest abstraction of cloud computing to date, which makes application owners only responsible for security at the application layer and in cloud configurations. As a result, much of an organizations' security responsibility has now passed to the cloud provider. This includes physical security, operating system security configurations and patches, network security, and virtual machine or container security.

Prediction 3: Expect to see more cloud-native guidelines and research.
In 2018, several industry analysts released research papers and recommendations around cloud-native technologies, with Neil MacDonald of Gartner spearheading into the serverless domain with his research on Security Considerations and Best Practices for Securing Serverless PaaS. I expect analysts will pay even more attention in 2019 to cloud-native security in general and serverless security in particular, as organizations continue to modernize their applications and seek help in determining the right security strategy.

Prediction 4: Declining demand for security support in multicloud deployments.
In 2017 and 2018, much attention was given to the topic of cloud vendor lock-in. As a result, cloud security vendors were required to answer inquiries regarding their support for multicloud deployments. In late 2018, several thought leaders in the cloud computing industry called out the fact that cloud vendor lock-in is mostly fear, uncertainty, and doubt (FUD)! As Simon Wardley, a UK researcher for Leading Edge Forum and the lead practitioner for Wardley Maps, stated: "It would be nice to have a competitive environment with different providers you can switch between. But that is secondary to usefulness and functionality." We expect to see less and less attention being given to this topic, and cloud security vendors will see less demand for supporting multicloud deployments.

Prediction 5: Security will shift even more to the left.
As an increasing number of system components become the responsibility of cloud providers, application owners will find themselves dealing less with infrastructure, operating system, and networking security. This shift in security responsibility is maximized in serverless architectures, where the only responsibility for application owners is in the application layer. As a result, organizations will see an internal shift, with a lot less involvement from traditional corporate IT security teams in corporatewide high-level security strategies. On the other hand, expect development teams to become more involved and responsible for security, which will push the adoption of the DevSecOps movement.

Prediction 6: Traditional security vendors will move into cloud-native security.
In 2018, traditional security vendors started making strategic efforts to modernize their security offerings and adapt to cloud-native environments. Recent examples include Palo Alto Networks, which acquired Evident.io and RedLock, and Check Point, which recently acquired Dome9. This trend is expected to continue in 2019, as vendors realize that cloud computing is not just the domain of startup companies but is also being adopted by large corporations, financial services, healthcare, and even government offices. Bottom line: Organizations now recognize that public cloud infrastructure is not less secure than on-premises, and that cloud vendors provide a high level of security.

Related Content:

Ory Segal is a world-renowned expert in application security, with 20 years of experience in the field. Ory is the CTO and co-founder of PureSec, a start-up that enables organizations to secure serverless applications. Prior to PureSec, Ory was senior director of threat ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
HackerOne Drops Mobile Voting App Vendor Voatz
Dark Reading Staff 3/30/2020
Limited-Time Free Offers to Secure the Enterprise Amid COVID-19
Curtis Franklin Jr., Senior Editor at Dark Reading,  3/31/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-11547
PUBLISHED: 2020-04-05
PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers to obtain information about probes running or the server itself (CPU usage, memory, Windows version, and internal statistics) via an HTTP request, as demonstrated by type=probes to login.htm or index.htm.
CVE-2020-11548
PUBLISHED: 2020-04-05
The Search Meter plugin through 2.13.2 for WordPress allows user input introduced in the search bar to be any formula. The attacker could achieve remote code execution via CSV injection if a wp-admin/index.php?page=search-meter Export is performed.
CVE-2020-11542
PUBLISHED: 2020-04-04
3xLOGIC Infinias eIDC32 2.213 devices with Web 1.107 allow Authentication Bypass via CMD.HTM?CMD= because authentication depends on the client side's interpretation of the <KEY>MYKEY</KEY> substring.
CVE-2020-11533
PUBLISHED: 2020-04-04
Ivanti Workspace Control before 10.4.30.0, when SCCM integration is enabled, allows local users to obtain sensitive information (keying material).
CVE-2020-11529
PUBLISHED: 2020-04-04
Common/Grav.php in Grav before 1.6.23 has an Open Redirect.