The Future of Cloud Security: 2022 and Beyond


Cloud adoption is growing rapidly, helping companies improve scalability, promote growth, and facilitate agile development. However, in a post-COVID world, cloud technology has become a necessity and cloud security is a fundamental concern.

Almost overnight, companies of all sizes needed to adapt to an abrupt shift to remote work. It was cloud technology that helped achieve this goal, allowing companies of all sizes to operate remotely. In addition, it has become necessary to expand digital operations and accelerate digital transformation. These digital capabilities enabled consumers to access services remotely and employees to work remotely on an unprecedented scale.

Remote access paradigms, enabled by cloud technology, have become critical to ensuring business continuity in the pandemic. Unfortunately, this has made cloud infrastructure a prime target for attackers.

The state of cloud security

Cloud computing offers many benefits, but unfortunately, it also presents new security risks and new challenges. To illustrate this, nearly three-quarters of organizations using the public cloud reported that they were affected by a breach, according to the 2020 Sophos Cloud Security Report.

Many more studies reveal the difficulty of cloud security. For example, the CheckPoint 2020 Cloud Security Report highlights the challenges of protecting workloads and data in public cloud environments. The key findings include:

  • Three-quarters of organizations are interested on its ability to protect public clouds.
  • Violations are more important in the cloudAccording to 52% of respondents, who believe the risk of breaches is highest in the public cloud.
  • Cloud security budgets are increasing, with 59% of surveyed organizations expecting to increase spending on cloud security next year. On average, 27% of security budgets are dedicated exclusively to cloud security.
  • Security is a major barrier to cloud migration, with 37% of respondents saying that data privacy concerns were preventing them from migrating to the cloud.
  • Security tools take time to adapt to cloud environments, with 82% of respondents saying that existing security tools either do not work at all or can only provide limited functionality in the cloud. Additionally, 36% said they delayed migration to the cloud due to lack of integration with local security tools.
  • Top Public Cloud Security Threats they are incorrect cloud platform configurations (68%), unauthorized access to cloud environments (58%), insecure interfaces (52%), and account hijacking (50%).

The Cloud Security Arms Race: Emerging Cloud Security Technologies

The cloud security challenge is beginning to dominate enterprise security operations and budgets. Therefore, new technologies are emerging that can help organizations defend themselves. These are some of the notable technologies that will shape the future of cloud security.

Extended Detection and Response (XDR)

XDR technology provides a unified incident response and security platform to collect and correlate data from various proprietary components. Importantly, these solutions offer platform-level integration out of the box. This means that they do not require organizations to buy and integrate multiple tools.

Organizations running their workloads in public clouds face many security risks, including misconfiguration, insecure APIs, insider threats, and unauthorized access. In response to these threats, XDR addresses the following challenges:

  • Secure identity management—XDR tools monitor end users and service roles, and collect data from various cloud environments. XDR solutions can identify anomalous behavior in privileged accounts and alert security teams.
  • Analyze logs in the cloud—Cloud workloads generate large volumes of logs, which can be difficult to analyze manually. XDR tools can process logs in the cloud and apply artificial intelligence (AI) algorithms to identify risks.
  • Analyze network flows—Public cloud networks are complex and often difficult to monitor for threats. XDR tools analyze network traffic throughout the cloud ecosystem. XDR tools use intelligent analysis to identify network security incidents and even respond automatically, using network segmentation to isolate an infected system.

How will cloud security change?

XDR will allow you to detect and respond to attacks, even if they traverse layers of the IT environment. These include clouds, local networks, and unprotected endpoints.

Zero Trust Network Access (ZTNA)

Zero Trust Network Access Technologies (ZTNA) help organizations establish secure remote access to cloud services and applications. They do this by applying dynamic access control policies.

ZTNA technologies allow remote access, but without granting full access to a cloud network. In contrast, ZTNA solutions deny access by default. This means that they only provide explicitly granted access for the current user, based on time, type of operation, data accessed, and action taken.

ZTNA solutions prevent users from viewing services and applications that they do not have permission to access. This allows ZTNA to protect against lateral movement attacks, in which credentials or compromised endpoints allow an attacker to move to other services and systems.

How will cloud security change?

ZTNA uses the zero trust model to control user access with high granularity, in complex and dynamic cloud services.

Secure Access Service Perimeter (SASE)

Secure Access Services Edge (SASE) technologies help organizations protect access to cloud services, private applications, and websites. They can also reduce the complexity of endpoint protection. This makes SASE particularly useful for securing the virtual workforce, digital customer experience, and digital enterprises first.

Notable features of SASE include endpoint access controls, advanced threat protection, security monitoring, and data security. In addition, SASE offers centralized controls for acceptable use, which are enforced through API-based integration.

SASE is often offered as a cloud service, but some vendors provide on-premises and agent-based components. According to Gartner, SASE solutions should also provide zero-trust and least-privilege access based on context and identity.

How will cloud security change?

SASE recognizes that in cloud environments, remote access is a first-class citizen. It goes beyond outdated technologies like VPN, providing secure access for remote users with granular permissions and advanced anomaly detection.

SSPM

Modern businesses use dozens of software as a service (SaaS) applications. Each of these applications has its own security and access settings, and presents its own risks and vulnerabilities. SaaS Security Posture Management (SSPM) offers a set of security tools and automation capabilities for SaaS applications.

SSPM solutions first evaluate existing security measures and configurations for a company’s entire SaaS portfolio. They can then provide information, including recommendations for improvements to existing SaaS configurations. Advanced solutions can also automatically apply secure settings to SaaS applications across the enterprise.

How will cloud security change?

SaaS applications were, until recently, uncharted territory for security teams. SSPM makes SaaS visible and enables security teams to verify security controls and monitor security breaches.

Web Application and API Protection (WAAP)

Web applications and APIs, which are an integral part of cloud environments, are designed to be exposed to the Internet. As a result, these technologies have access to sensitive data and credentials, making them a valuable target for cybercriminals.

Web Application Protection and API (WAAP) technology plays a role similar to traditional firewalls. However, unlike firewalls, which focus on protecting the network layer, WAAP focuses on application layer traffic. As a result, WAAP solutions are deployed at the outer edge of your network, on the public side of the web application.

Key capabilities provided by WAAP solutions include Next-Generation Web Application Firewall (Next-Generation WAF), Malicious Bot Protection, Advanced Rate Limiting, Protection for Microservices and APIs, and Account Acquisition Protection (ATO). Additionally, it can help detect unauthorized access to customer accounts through an authentication API or an application’s customer-facing authentication process.

How will cloud security change?

Web applications and APIs are the primary interfaces to cloud systems, but they are often the least secure. WAAP builds on existing technologies like WAF to address vulnerabilities, detect malicious traffic, and prevent it from reaching a cloud environment.

conclusion

Cloud security is gaining prominence and attackers are becoming more sophisticated. Fortunately, the security industry is up to the challenge with new security tools and platforms:

  • XDR—Provides unified threat detection and response across the cloud, local networks, and endpoints.
  • SSE—Integral protection of access for remote users.
  • SSPM—Blocking SaaS applications.
  • ZTNA—Centralized access control built for dynamic cloud environments.
  • WAAP—Securing web applications and APIs, the user-facing interfaces of cloud systems.

In 2022 and beyond, organizations will adopt these new technologies to address a new wave of cloud threats and secure the core of our evolving digital economy.

Image credit: Mateusz Dach; Pexels; Thanks!

Gilad maayan

Tech Writer

I am a technology writer with 20 years of experience, working with leading technology brands such as SAP, Imperva, Check Point, and NetApp. Three-time winner of international technical communication awards. Today I lead Agile SEO, the leading marketing and content agency in the technology industry.


readwrite.com

Leave a Reply

Your email address will not be published.