With enterprises racing towards digital transformation, cloud computing is increasingly taking on work previously done on-premises.
In the past years, one key selling point proponents have banked on is the increased security a cloud environment provides. In fact, before the breach, Capital One was one of the companies that vowed to move all their data and processes into the cloud.
While a lot of speculation surrounds the unfortunate event, the Capital One hack sent out a message to organizations utilizing the cloud to gain competitive advantage: how secure is your data on the cloud? Even with a Shared Responsibility Model and recent events exposing the vulnerabilities, some organizations fail to conduct due diligence in orchestrating policies to prevent attacks.
That is not to say that your data is more secure in a legacy, or on-premise environment. However, most companies are looking to leverage the true potential of cloud services, which businesses can do by paying attention to the up-and-coming trends in cloud security.
So in a post-Capital One breach business landscape, what are the crucial points organizations need to know about cloud security? Here are the most important ones:
1. Cybersecurity Will Drive Cloud Spending
Despite the more cautious investment of organizations in emerging technologies this year, cloud adoption will continue to rise rapidly. But the recent SANS 2020 Cybersecurity Spending Survey highlights that cloud security will drive this increased spending. According to the survey results, a staggering 71% of organizations are making cloud security monitoring a top priority.
2. Multi-Cloud and Hybrid Cloud Security
Multi-cloud and hybrid cloud strategies have become the norm today, with Gartner predicting that 75% of organizations will be utilizing the setup by the end of the year. While this proves advantageous to organizations running complex cloud operations, this highlights the greater need for better Cloud Governance and management solutions.
3. Persisting Shortfall of Cloud Security Professionals
With cloud services continuing to evolve and become more diverse, businesses will continue to wrestle with the disproportionate supply of professionals adept at securing their data. The staggering amount of unfilled positions in the cybersecurity space, which Maryville University predicts is three million globally, has put businesses head to head for the best talents. In fact, another survey from the Information Systems Security Association and Enterprise Strategy Group found that cloud security has the worst skills shortage across participating organizations. This has prompted organizations to rely more and more on independent vendors for all their security concerns.
4. Securing Containers
The use of cloud containers became popular last year with orchestration tools like Kubernetes emerging as a market leader. These are a much more effective way to store a lot of data as they take up less space and are quick to load. As they can now run in most cloud providers, containers are coming under pressure in terms of security. In the next months, expect to hear a lot about tools that can help developers assess the security of their applications.
5. Human Error Remains a Top Risk
While we all know by now that there’s no foolproof way to reach maximum security, Wall Street Journal notes that most of the risk will still come from human error. A report from Gartner estimates that around 95% of breaches involving cloud security are risks from human operators. A holistic strategy of rigorous and continuous staff training to create a security-aware culture remains key in securing your vital data.
Lastly, regulatory and community-led initiatives will continue to help in maintaining cloud security. The International Conference on Cloud Cybersecurity organized by the World Academy of Science Engineering and Technology is something to keep an eye out for.
Guest Post| Written by Sarah Jones
Leave a Comment