The pandemic-propelled shift to work-from-home and bring-your-own-devices accelerated the already expanding move to the cloud. IDC predicts that global cloud spending will grow from $703 billion in 2021 to $1.3 trillion in 2025. Statista reports that the percentage of corporate data stored on the cloud rose from 30% in 2015 to 48% at the beginning of the COVID-19 crisis in 2019; so far in 2022, 60% of corporate data lives in the cloud rather than on-premises networks.

In this installment of Tech Talks, Tony Jarvis, director of enterprise security for Asia Pacific and Japan for Darktrace, and Dark Reading contributing editor Terry Sweeney discuss the rise of the cloud, the decline of on-premises, and the possible death of the traditional perimeter in the wake of those technological shifts. 

"There's a lot of digital transformation that's taken place virtually overnight," Jarvis says. "Some organizations are struggling with this. And for that reason, they're not going to fully abandon on-premise networks anytime soon."

Indeed, a recent InformationWeek report shows that while IT pros widely use cloud services, they believe the cloud is less secure than their traditional on-premises systems. Over half of respondents (55%) would keep sensitive data on-prem if they could, the report indicates.

As on-premises networks decline in favor of cloud resources, however, those IT departments need new security measures to accommodate the new IT environment. 

"There's no real perimeter anymore — not in the traditional sense — and that means that things can get in through a number of different ways. We need to get better at detecting that," Jarvis says.

New incursion paths require new ways to guard against invasion. At the beginning of 2022, the US Office of Management and Budget released a detailed blueprint for security measures it requires government agencies and vendors to implement, and zero-trust policies ranked prominently. Sweeney asked Jarvis whether he thinks zero-trust architectures can keep endpoint devices secure when they're away from VPNs.

"I think of zero trust almost like a new set of rules or a new perimeter. And we want to be looking for anomalies taking place within that perimeter," Jarvis says. That means looking for unusual behaviors that will give away an attacker's motivations, such as lateral movement and living-off-the-land techniques. Artificial intelligence tools can automatically look for deviations from the norm and cut off those actions.

Of course, cloud security means accepting that attackers don't care if they are targeting cloud or on-premises systems. Focusing on one at the expense of the other is a problem. The attacks will focus on wherever they see weakness.

"We're always thinking not in terms of good or bad per se, but more in terms of normal — Does this belong in the environment? — and then, by association, unusual," Jarvis said. "Attackers will always go after the weak spots; they'll go after whatever gives them the greatest chance of getting in, no matter where that is."