SAN JOSE, CALIFORNIA – The future’s security protection is expected to be built in the cloud; meaning, cloud needs need to be put first, with solutions needed to secure access to sensitive cloud-based data and mission-critical systems. This is the gist of the discussion of IT experts here at NetEvents, a gathering of technology sector experts and opinion shapers.
As background, cloud spending across industries have been increasing over time. As per GVR (2020), the global cloud computing market size grew from around $266.0 billion in 2019 to around $289.7 billion in 2020. The catch: Even with organizations already hosting two fifths (41%) of their applications in the cloud, with the figure expected to increase to 57% in the next 18 months, as many as 81% of organizations actually experience a cloud-related security incident in the last 12 months, with at least 45% suffering at least four incidents, according to a 2022 study by Venafi.
Meaning, this concern is just expected to aggravate.
According to MK Palmore, director of the Office of the CISO of Google Cloud, there is a need to rethink the issue of security since “cloud changed the parameters of this (discourse).” Here, “busineses need to take a moment to rethink cybersecurity. Old form frameworks are still applicable, but there needs to be reframing.” This is particularly since “a breach of an environment is a risk for everyone with data there.”
This issue is – arguably – rushed by Covid-19, with the changing of the the ways businesses are now being run. Here, “the idea of remote work… has become preeminent,” Palmore added, so that “what we need to be concentrating on is the delivery of security at the point of entry. If you think about it in those terms… you begin to get the idea to get the users to get a seamless experience while getting business operability.”
For Reduka Nadkarni, chief product officer of Aryaka, “it’s not an easy problem to solve” since “users are working from home, coffee shops, etc.” With security seen as “where the weakest link is”, the focus for businesses should be “how to make security enforceable.” And for him, “security has to be enforced closest to the source. Then you have a presence.”
Not surprisingly, the 2022 Venafi study similarly found that 51% of security decision makers believe security risks are higher in the cloud than on premises, with cloud-related security incidents already experienced including: security incidents during runtime (34%), unauthorized access (33%), misconfigurations (32%), vulnerabilities that have not been remediated (24%), and a failed audit (19%).
And so for Srinivas Rao, AVP and solutions specialist of TATA Communications, “security has to be built in.”
For Prakash Mana, CEO of Cloudbrink, cloud is not a monolithic entity, and is “distributed”. Dealig with this, therefore, needs to change since – if in the past “we used to facilities” – businesses are now doing hybrid.