It’s that time of year—security experts are looking ahead to the coming months and discussing their predictions. I have seen a number of predictions that I believe deserve further discussion, so over the month of December, I’ll be looking at some of those issues more in depth. Today, I’m going to take a look at cloud security.
A recent IBM study found that 75 percent of security decision makers expect their cloud security budgets to increase in the next five years. At the same time, according to MSP Mentor, 86 percent of CISOs say their companies are adopting cloud computing. So it makes sense that there will also be a greater interest in funding cloud security efforts.
But it isn’t just a matter of securing the data in the cloud. The cloud is also going to have a much stronger influence on the way we approach overall security practices, says Paul Lipman, CEO of iSheriff. That’s because the cloud is changing the entire business computing structure, which will cause it to have a ripple effect into security concerns. In an email conversation, Lipman provided his five predictions for the future of cloud security. In a nutshell, they are:
- The Internet will essentially become the corporate network perimeter.
- Enterprises will favor integrated cloud services vs. on-premise point products.
- Endpoint and network security technologies will become inextricably intertwined.
- We will move from a world of alert-driven security to intelligence-driven security.
- Cloud security will enable a secure foundation for the Internet of Things (IoT).
I’d like to touch a little more on two of those issues: how the Internet will become the network perimeter and how endpoint and network security will become intertwined.
In both cases, it comes down to the tangled relationship among corporate networks, cloud computing and the use of personally owned mobile devices, aka, BYOD. As Lipman said to me:
Today, CISOs are concerned about users connecting from their personal mobile devices, accessing corporate data stored in public cloud applications, over public networks. The potential attack surface has expanded from being the corporate network perimeter, which in itself was challenging enough to protect, to encompassing a completely unbounded environment of personal devices, public network infrastructure and cloud applications and service providers. Billions of dollars that were originally invested in perimeter security now offer little to no value in this scenario.
Lipman went on to say that in this new scenario, we will turn more to the cloud to provide a comprehensive layer of protection for devices and the network so users can be assured that the network is protected no matter where they are located and no matter the types of applications that are used to connect to the Internet.
This, I believe, leads nicely into the second point I wanted to expand on. Again, from Lipman:
The security industry has traditionally approached endpoint security and network security as completely different product lines that are sold to different buying centers within the enterprise. But in today’s world of sophisticated and rapidly evolving threats, we need to see these two critical parts of the security landscape develop deeper levels of awareness, connectivity and adaptability. The network layer will need to become aware of, and responsive to, what is happening on endpoint devices both on-network and off-network.
He goes on to say that in the not-so-distant future, the best security systems will involve solutions that are able to monitor across both endpoint and the network systems.
What do you think? Is the cloud going to change the way we approach security practices in the coming months and years? If so, how?
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba