In 2020 it was a global pandemic, and as we roll into 2023, fears about a potential recession are creating urgency to increase cloud adoption, including cloud infrastructures, platforms, and applications. The option to quickly expand to support rapid growth or scale back in reaction to a shrinking economy makes cloud services attractive for today's organizations. While operationally, the cloud offers a host of benefits, cloud security practices it turns out, are not so scalable.
The tactics and tools that serve on-premises security often don't easily transfer to the cloud, where the ephemeral nature of many workloads makes monitoring and forensics near impossible. In addition, the complexity of cloud resources can encompass IaaS, PaaS, and SaaS, and create coverage gaps on the customer side of shared responsibility. Among those gaps are insufficient identity and credential access management, insecure APIs, and misconfigurations, followed by a lack of security strategy, according to a 2022 Cloud Security Alliance (CSA) report, Top Threats to Cloud Computing.
Tsuyoshi Yamanishi, Japan Area Vice President, ExtraHop, explains how cloud adoption has affected security teams in 2022, and what their focus should be in 2023:
While the COVID-19 era made cloud transformation the most logical approach, it also increased the attack surface and has resulted in an uptick in criminal activity targeting this environment. Companies will need to focus beyond cloud configuration to cloud visibility and security. Cloud providers have some baseline security solutions, but in most cases, it's not enough. Strong cloud security measures are needed.
Think Differently About Cloud Security Strategy in 2023
Strong security measures for cloud infrastructures require a shift in thinking. Dynamic cloud workloads mean that the volume and scope of data often exceed the amount that commonly used security solutions such as EDR and SIEM are designed to collect. ExtraHop Senior Technical Marketing Manager Jamie Moles explains more about how these cloud security weaknesses originated, and why security teams should factor security early on in the cloud adoption process:
Companies will continue to shift from the use of on-premise storage to the cloud. However, many of these organizations do not have a clear understanding of how cloud security differs from on-premises. Security in the cloud has to be integrated differently from the start or else bad actors will have the opportunity to infiltrate the infrastructure and attack vulnerabilities.
In their 2022 report, CSA warns of the associated risks that stem from a lack of strategy, saying that "without [a cloud security strategy] security/compliance goals will fail to be met, resulting in fines and breaches, or doing so will be costly due to implementing workarounds, refactoring and migrating."
ExtraHop VP of Security Response Services Mark Bowling stresses that, while organizations will continue to expand their use of cloud computing, emerging tools have the potential to take over for the traditional on-premises tools that security teams are more accustomed to relying on today:
Organizations will continue to move to the cloud, but not just with the hosting of SaaS applications. Organizations will continue offloading infrastructure, storage, compute, and resilience to the cloud in earnest in 2023. This will fuel growth for infrastructure-as-a-service (Iaas), platform-as-a-service (Paas), and serverless function-as-a-service (FaaS) tech offerings and continue to drive the critical need for security tools that can work within these service models. Cloud security posture management (CSPM) and SaaS security posture management (SSPM) tools will become as ubiquitous as firewalls and anti-malware tools are today.
More Tool Consolidation and Team Collaboration
Unfortunately, the current economic climate is pointing toward a trend of tighter budgets and perpetual skills gaps in 2023. These challenges don't bode well for new security strategies or tool adoption, no matter how necessary. To combat this challenge, Senior Principal Data Scientist Edward Wu suggests consolidating tools and workflows for a more collaborative approach to IT:
As the macroeconomic trend shifts, companies will demand every organization to boost efficiency and reduce waste, aka do more with less. Traditional silos in IT and network and security and cloud will likely experience consolidation and convergence around tools, processes, and expertise, given the significant common denominations across these functions. ExtraHop has observed firsthand how close collaboration and joint tooling of these previously siloed teams has led to more productivity and better business outcomes.