Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

12/10/2018
10:30 AM
Ory Segal
Ory Segal
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

6 Cloud Security Predictions for 2019

How the fast pace of cloud computing adoption in 2018 will dramatically change the security landscape next year.

In 2018, more organizations adopted cloud computing, and at a rapidly growing pace. The main drivers for cloud were high efficiency, easier and faster deployments, and, of course, scalability. But from a security perspective, the speedy adoption of cloud computing is forcing security professionals to learn about new challenges, cloud-specific risks, and relevant mitigations as well as to develop more modern cybersecurity strategies.

The past year also brought with it a greater number of security incidents related to misconfigured cloud accounts, which is a trend that I expect to increase as more organizations adopt cloud computing without growing their cloud security teams or hiring professionals with a deep understanding of cloud security issues.

What do those recent trends portend for the future? Here are six cloud security predictions for 2019:

Prediction 1: Serverless adoption will drive cloud security automation.
As organizations increasingly move to serverless architectures, they are also discovering more use cases for cloud security automation because serverless functions provide a means to launch security logic as a response to cloud events. Examples include: when there are spikes or anomalies in cloud account billing expenses as a result of service abuse, denial-of-service attacks, or cryptomining; when someone attempts to deploy new cloud assets/services or code outside the normal deployment pipeline; or running compliance checks on new code or cloud resources as part of the deployment pipeline.

Prediction 2: Cloud providers will take on a major role in security.
With serverless adoption skyrocketing in 2018, more teams are choosing to either switch from container-based architectures to serverless, or simply skip containers all together. The reason? An increasing number of system components are now abstracted and, subsequently, they require less management. This is also the case for cloud security. Serverless architectures are the highest abstraction of cloud computing to date, which makes application owners only responsible for security at the application layer and in cloud configurations. As a result, much of an organizations' security responsibility has now passed to the cloud provider. This includes physical security, operating system security configurations and patches, network security, and virtual machine or container security.

Prediction 3: Expect to see more cloud-native guidelines and research.
In 2018, several industry analysts released research papers and recommendations around cloud-native technologies, with Neil MacDonald of Gartner spearheading into the serverless domain with his research on Security Considerations and Best Practices for Securing Serverless PaaS. I expect analysts will pay even more attention in 2019 to cloud-native security in general and serverless security in particular, as organizations continue to modernize their applications and seek help in determining the right security strategy.

Prediction 4: Declining demand for security support in multicloud deployments.
In 2017 and 2018, much attention was given to the topic of cloud vendor lock-in. As a result, cloud security vendors were required to answer inquiries regarding their support for multicloud deployments. In late 2018, several thought leaders in the cloud computing industry called out the fact that cloud vendor lock-in is mostly fear, uncertainty, and doubt (FUD)! As Simon Wardley, a UK researcher for Leading Edge Forum and the lead practitioner for Wardley Maps, stated: "It would be nice to have a competitive environment with different providers you can switch between. But that is secondary to usefulness and functionality." We expect to see less and less attention being given to this topic, and cloud security vendors will see less demand for supporting multicloud deployments.

Prediction 5: Security will shift even more to the left.
As an increasing number of system components become the responsibility of cloud providers, application owners will find themselves dealing less with infrastructure, operating system, and networking security. This shift in security responsibility is maximized in serverless architectures, where the only responsibility for application owners is in the application layer. As a result, organizations will see an internal shift, with a lot less involvement from traditional corporate IT security teams in corporatewide high-level security strategies. On the other hand, expect development teams to become more involved and responsible for security, which will push the adoption of the DevSecOps movement.

Prediction 6: Traditional security vendors will move into cloud-native security.
In 2018, traditional security vendors started making strategic efforts to modernize their security offerings and adapt to cloud-native environments. Recent examples include Palo Alto Networks, which acquired Evident.io and RedLock, and Check Point, which recently acquired Dome9. This trend is expected to continue in 2019, as vendors realize that cloud computing is not just the domain of startup companies but is also being adopted by large corporations, financial services, healthcare, and even government offices. Bottom line: Organizations now recognize that public cloud infrastructure is not less secure than on-premises, and that cloud vendors provide a high level of security.

Related Content:

Ory Segal is a world-renowned expert in application security, with 20 years of experience in the field. Ory is the CTO and co-founder of PureSec, a start-up that enables organizations to secure serverless applications. Prior to PureSec, Ory was senior director of threat ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/10/2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
Researcher Finds New Office Macro Attacks for MacOS
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/7/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-11976
PUBLISHED: 2020-08-11
By crafting a special URL it is possible to make Wicket deliver unprocessed HTML templates. This would allow an attacker to see possibly sensitive information inside a HTML template that is usually removed during rendering. Affected are Apache Wicket versions 7.16.0, 8.8.0 and 9.0.0-M5
CVE-2020-13179
PUBLISHED: 2020-08-11
Broker Protocol messages in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows prior to 20.04.1 are not cleaned up in server memory, which may allow an attacker to read confidential information from a memory dump via forcing a crashing during the single sign-on procedure.
CVE-2020-8918
PUBLISHED: 2020-08-11
An improperly initialized 'migrationAuth' value in Google's go-tpm TPM1.2 library versions prior to 0.3.0 can lead an eavesdropping attacker to discover the auth value for a key created with CreateWrapKey. An attacker listening in on the channel can collect both 'encUsageAuth' and 'encMigrationAuth'...
CVE-2020-9244
PUBLISHED: 2020-08-11
HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier than 10.1.0.160(C00E160R...
CVE-2020-9403
PUBLISHED: 2020-08-11
In PACTware before 4.1 SP6 and 5.x before 5.0.5.31, passwords are stored in a recoverable format, and may be retrieved by any user with access to the PACTware workstation.