The future of cloud security: 2022 and beyond-Zimo News

By
admin
-
0
42


Cloud adoption is growing rapidly, helping companies improve scalability, promote growth, and promote agile development. However, in the post-COVID world, cloud technology has become a necessity, and cloud security is the primary issue.

Almost overnight, companies of all sizes had to adapt to the sudden shift to remote work. It is cloud technology that makes it possible to achieve this goal, enabling enterprises of all sizes to operate remotely. In addition, it is necessary to expand digital operations and accelerate digital transformation. These digital capabilities enable consumers to access services remotely, and employees can work remotely on an unprecedented scale.

The remote access paradigm supported by cloud technology is essential to ensure business continuity during the pandemic. Unfortunately, this makes cloud infrastructure a prime target for attackers.

Cloud security status

Cloud computing provides many benefits, but unfortunately, it also brings new security risks and challenges. To illustrate this point, according to the 2020 Sophos Cloud Security report, nearly three-quarters of companies using public clouds have reported violations.

Many other studies reveal the difficulty of cloud security. For example, CheckPoint’s 2020 Cloud Security Report highlights the challenges of protecting workloads and data in public cloud environments. The main findings include:

  • Three-quarters of organizations are affected Their ability to protect the public cloud.
  • Vulnerabilities in the cloud are biggerAccording to 52% of survey respondents, they believe that the risk of violations in the public cloud is higher.
  • Cloud security budget continues to increase59% of surveyed companies plan to increase cloud security spending next year. On average, 27% of the security budget is dedicated to cloud security.
  • Security is the main obstacle to cloud migration, 37% of respondents said that data privacy issues prevented them from migrating to the cloud.
  • Security tools are slow to adapt to the cloud environment82% of respondents said that existing security tools either do not work at all or can only provide limited functionality in the cloud. In addition, 36% of respondents stated that they delayed their migration to the cloud due to a lack of integration with local security tools.
  • Major threats to public cloud security Misconfiguration of the cloud platform (68%), unauthorized access to the cloud environment (58%), insecure interfaces (52%), and account hacking (50%).

The arms race in cloud security: emerging cloud security technologies

The challenges of cloud security have begun to dominate corporate security operations and budgets. Therefore, new technologies that can help organizations protect themselves continue to emerge. Here are some important technologies that will shape the future of cloud security.

Extended detection and response (XDR)

XDR technology provides a unified incident response and security platform to collect and correlate data from multiple proprietary components. Importantly, these solutions provide platform-level integration out of the box. This means that they do not need to organize the purchase and integration of multiple tools.

Organizations that run workloads in public clouds face many security risks, such as misconfigurations, insecure APIs, insider threats, and unauthorized access. In response to these threats, XDR solves the following challenges:

  • Secure identity management— XDR tools monitor end users and service roles, and collect data from multiple cloud environments. The XDR solution can identify abnormal behaviors of privileged accounts and alert the security team through alerts.
  • Analyze cloud logs-Cloud workloads generate a lot of logs, which are difficult to analyze manually. XDR tools can process cloud logs and apply artificial intelligence (AI) algorithms to identify risks.
  • Analyze network traffic-Public cloud networks are complex and it is often difficult to monitor threats. XDR tools analyze the network traffic of the entire cloud ecosystem. XDR tools use intelligent analysis to identify network security incidents and even respond automatically, using network segmentation to isolate infected systems.

How will this change cloud security?

XDR will detect and respond to attacks, even if they span all layers of the computing environment. These include the cloud, on-premises networks, and unprotected endpoints.

Zero Trust Network Access (ZTNA)

Zero Trust Network Access Technology (ZTNA) Help organizations establish secure remote access to cloud services and applications. They do this by applying dynamic access control policies.

ZTNA technology allows remote access, but does not grant full access to the cloud network. On the contrary, the ZTNA solution denies access by default. This means that they only provide current users with explicitly granted access based on the time of day, the type of operation, the data viewed, and the actions taken.

The ZTNA solution prevents users from seeing services and applications they do not have access to. This enables ZTNA to prevent lateral movement attacks, in which compromised credentials or endpoints allow the attacker to roam to other services and systems.

How will this change cloud security?

ZTNA uses a zero trust model to control user access with high granularity, across complex and dynamic cloud services.

Secure Access Service Edge (SASE)

Secure Access Service Edge (SASE) technology can help organizations protect access to cloud services, private applications, and websites. They can also reduce the complexity of protecting endpoints. This makes SASE particularly useful in protecting virtual workforces, digital customer experiences, and digitally driven businesses.

Notable SASE features include endpoint access control, advanced threat protection, security monitoring, and data security. In addition, SASE provides centralized control for acceptable use, which is implemented through API-based integration.

SASE is usually provided as a cloud service, but some vendors provide local and agent-based components. According to Gartner, SASE solutions should also provide zero trust and least privileged access based on context and identity.

How will this change cloud security?

SASE recognizes that in a cloud environment, remote access is a first-class citizen. It surpasses outdated technologies such as VPN, and provides secure access to remote users through fine-grained permissions and advanced anomaly detection.

SSPM

Modern enterprises use dozens of software as a service (SaaS) applications. Each of these applications has its own access and security configuration, and has its own risks and vulnerabilities. SaaS Security Posture Management (SSPM) provides a set of security tools and automation functions for SaaS applications.

The SSPM solution first evaluates the existing security measures and configurations of the organization’s entire SaaS product portfolio. They can then provide information, including suggestions for improving existing SaaS configurations. Advanced solutions can also automatically apply security configurations to SaaS applications throughout the enterprise.

How will this change cloud security?

Until recently, SaaS applications were uncharted territory for security teams. SSPM makes SaaS visible and allows security teams to verify security controls and monitor security vulnerabilities.

Web application and API protection (WAAP)

Web applications and APIs are an integral part of the cloud environment and are designed to be exposed to the Internet. As a result, these technologies can access sensitive data and credentials, making them an important target for cybercriminals.

Web application and API protection (WAAP) technology acts like a traditional firewall. However, unlike firewalls that focus on protecting the network layer, WAAP focuses on application layer traffic. Therefore, the WAAP solution is deployed at the edge of your network, which is the public end of the web application.

The main functions provided by the WAAP solution include Next Generation Web Application Firewall (Next Generation WAF), malware protection, advanced rate limiting, microservice and API protection, and prevention of occupation (ATO). In addition, it can also help detect unauthorized access to customer accounts through the authentication API or customer-facing application authentication process.

How will this change cloud security?

Web applications and APIs are the main interfaces of cloud systems, but they are usually the least secure. WAAP uses existing technologies such as WAF to fix vulnerabilities, detect malicious traffic, and prevent it from reaching the cloud environment.

in conclusion

Cloud security is taking a central position, and attackers are becoming more sophisticated. Fortunately, the security industry is meeting the challenge with new security tools and platforms:

  • XDR— Provide unified threat detection and response across clouds, local networks and endpoints.
  • ESS-The remote user’s access is completely safe.
  • SSPM-Lock down the SaaS application.
  • ZTE— Centralized access control designed for dynamic cloud environments.
  • Wireless access point— Secure web application and API, user interface of cloud system.

In 2022 and beyond, organizations will adopt these new technologies to respond to the new wave of cloud threats and protect the core of our evolving digital economy.

Image source: Mateusz Dach; pixels; thank you!

Gilad Maya

Technical writer

I am a technical writer with 20 years of experience working with top technology brands such as SAP, Imperva, Check Point, and NetApp. Winner of three international technology communication awards. Today, I run Agile SEO, the leading content and marketing agency in the technology industry.



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here