The future of cloud computing and the corresponding information security is and should be the prime concern for every business, provided a majority of them are migrating or aiming to shift to the cloud to further develop their business operations. The global pandemic could be said to have served as a stimulus for business and security heads to opt for cloud services. But with this spontaneous growth in demand for cloud-based solutions raises the question as to how safe the service is when subjected to the current threat landscape, and this will be able to keep up with the change in technology landscape and trends.
By Mohamed Mostafa, Global CISO for Egyptian Arab Land (EAL)
The pandemic served as a multiplier for CIOs’ interest in the cloud.
More subscribers, bigger scalability
Whilst the impact of the global pandemic was at its peak, shutting down many non-IT businesses, it would not be an exaggeration to say that it was the cloud computing technology that supported a large portion of the global supply chain and economy from falling apart. Without the cloud, it would have been a challenge for a business to function as it did, and more and more businesses are now migrating to cloud storage and services, with Gartner predicting public cloud service to grow by 23%.
Worldwide end-user spending on public cloud services is forecast to grow 23.1% in 2021 to total $332.3 billion, up from $270 billion in 2020.
Cloud technology is growing continuously in terms of both size and capabilities, with an aim to improve organizational agility and correspond to the new workload. Different service models and platforms are available for organizations to incorporate their supply chain, partially or completely. With such great dependence on the cloud, it is imperative for businesses to think about its growth and security capabilities to manage the workload in the coming future.
Emerging trends and new opportunities
Cloud computing has always been subjected to dramatic changes in its short tenure. It boldly transitioned supportive software tactical resources to speed up processing and global access to an important strategic framework for greater supply chain output and secured operation. Marching in the new decade, now the cloud is transforming again by opening up new and wide-reaching avenues of opportunity that aim at connecting organizations and communities at a level never seen before. These emerging trends are accelerators for innovative technologies for the cloud and virtual ecosystem. The integration of technologies such as blockchain, Internet of Things (IoT), Artificial Intelligence, and Machine Learning (AI and ML) is projected to impact every industry and business sector.
Emerging technologies such as containerization, virtualization, and edge computing are becoming more mainstream and driving additional cloud spending.
Organizations aiming at incorporating cloud-native solutions in their supply chain need to understand the upcoming changes in cloud computing and security as they may greatly impact their optimization of operations architecture. It implies that, as more and more organizations make a shift to the cloud, we will be able to see new technology and security trends. To ensure that organizations are prepared for the rapidly approaching cloud-native change, here are some of the cloud technology and security trends that IT and cybersecurity leaders should look out for.
Depending on a single cloud may not be sufficient
Hybrid cloud topology implies utilizing all the computing, storage, and service environment available, i.e., hybrid cloud implementation and on-premise infrastructure, with orchestration across various resources and platforms. Though public and private clouds have their own benefits such as scalability, low costs, security, and flexibility, the main value of implementing cloud lies in providing support to increase the pace of business transformation. Hence, some of the drawbacks of implementing public and private cloud individually, such as higher security responsibility, lower data control, higher OPEX expenditure, may hinder the cause. Hence, the hybrid approach allows applications and assets to operate across cloud instances and architectures within an agile environment.
Organizations need to determine whether or not to choose a hybrid cloud in response to their evolving need (and compliance requirements). These dynamics of hybrid cloud implementation depend upon factors such as scale and sensitivity of the workload, big data, flexibility and processing capacity needs, available resources, and compliance requirements.
On the verge of hyper-scale cloud
Though the aim of edge computing is to bring the computing and data storage close to the device or data source, edge cloud is a virtualized infrastructure that has the benefit of both cloud and on-prem operations. Edge cloud has the ability to handle a sudden spike in the workload due to an increase in user activity and helps scale applications and processes for both testing and deployment. Its high efficiency and scalability features are its prime benefits and are also cost-effective. Edge cloud computing could seamlessly integrate with manufacturing, enterprise, healthcare, gaming, media, and telecommunication sectors. The Telco edge overlaps with use cases of AR (Augmented Reality) and VR (Virtual Reality), automobile, and many other industries that have a telco-based mobile platform or supply chain.
Securing the serverless
Cloud-native security (CNS) aims at securing the cloud-native computing of scalable applications and processes in dynamic environments such as public, private, and hybrid clouds. Cloud-native technologies such as containers, service meshes, microservices, etc., are serverless entities that tend to balance and manage the orchestration and monitoring of infrastructure operations.
Elevating the need for focus on infrastructure, cloud-native computing helps developers focus their time and energy on optimizing business operations. Cloud-native security requires high fidelity, and lack of centralized visibility increases the likelihood of vulnerabilities going undetected. Cloud-native integrated security also involves the incorporation of artificial intelligence and continuous assessment and monitoring towards data analysis capabilities.
In practice, ML “solutions” have yet to offer practical applications for security, but this will change over the next 18 months, as we start to see examples of ML deployed within some very specific use cases.
– Paloalto network.
AI and ML
Artificial intelligence can significantly increase security in the cloud through vulnerability detection and threat modeling. AI provides the cloud with automated functions such as event production, automated threat detection, data control through endpoint protection and authentication, vulnerability assessment, and real-time monitoring. Learning through various algorithms and data captured across the network, AI will learn to detect incidents, suspicious behavior, unauthorized access and combine this with automated operations to further improve cloud security.
Similarly, machine learning has the capability to provide the cloud service and corresponding security with boost for specific use cases such as data classification, malware detection, and automation functions. It will implement automated reasoning to evaluate security configurations, policy effectiveness, permissions, etc., from different points of view.
Through 2025, 90% of the organizations that fail to control public cloud use will inappropriately share sensitive data.
The ceaseless vigil
Continuous monitoring has been at the center of cloud security debates for a while now, and projects such as CCM (Cloud Controls Matrix), which are used to evaluate cloud service providers (CSP), also take this feature into account. Security monitoring is a critical component of cloud-native security that involves automated solutions for vulnerability detection to oversee both physical and virtual storage assets to assess data, behavior, applications, and infrastructure for potential security risks. Continuous monitoring will prevent data loss in the cloud, thus putting the business and security leaders at ease and more inclined towards migrating data and supply chain operations to the cloud.
Through 2025, 99% of cloud security failures will be the customer’s fault.
Managing the security posture of cloud
Cloud Security Posture Management (CSPM) aims at identifying issues and risks related to misconfiguration and compliance in the cloud. It involves tools designed to detect and fix cloud misconfiguration issues and can use the defined best practice according to the cloud environment it is deployed in. Some tools combine real-time monitoring and automation for mitigating issues arising from misconfiguration. It involves capabilities such as maintaining best practice inventory, mapping configuration status to security control framework, working in all modes of containerized, hybrid cloud, and multi-cloud environments, monitor storage buckets, encryption, permissions, etc., for compliance risks.
The role of Public Key Infrastructure (PKI) is to manage secured digital assets (that involves systems, user, service, or a router) while sharing information over untrusted networks. It has become an essential asset to organizations for a security control framework. PKI helps secure data along with end-to-end lifecycle automation while operating in accordance with the industry best practices. PKI combines different technologies for authenticating users, devices in the cloud environment. It allows confidentiality and authentication of identities while maintaining the conversation private. Its core functionalities involve confidentiality of identities, managing the availability of CIA triad components, authorizing accesses, and maintaining data integrity.
Cloud security implementation is a joint responsibility between the cloud service provider (CSP) and business operations/owners (with the responsibility of business owners to assure the right implementation from both parties). The future of cloud security is dependent upon how the above-mentioned trends transform themselves into active profiles of aggressive threat prediction measures. With ransomware attacks on the rise, along with the increase in its sophistication that renders traditional and legacy security useless, it could be said that cloud security will be the new face of cybersecurity. In order to defeat attacks that use innovative and disruptive technologies, threat prediction has become essential for real-time threat mitigation. As cybersecurity moves to the cloud, it can use big data and instant analytics over the end users to quickly address known vulnerabilities and predict threats that may ted to bypass the existing security.
The native cloud security will create a harmonious approach that analyses the stream of threat events across all user databases to create a global threat monitoring platform. This collaborative approach involves leveraging big data and analytics applied across multiple users involved with the same cloud environment to build an ecosystem that instantly predicts threats through a global threat monitoring and mitigating system. Predictive security could be said to be the way forward, as it is said to be the ideal threat mitigation system that could keep malicious actors at bay in the coming years. Analysis of endpoint data to detect and disseminate potential threat information across the cloud entities under a single umbrella is an effective predictions system that is capable of protecting against future and as-yet-unknown attacks.
About the Author
With nearly 30 years of experience in networking and information security, Mohamed Mostafa is an expert at overseeing the development and execution of information security and risk management programs for highly regulated, multinational companies. He is currently the global CISO for Egyptian Arab Land (EAL) bank, while simultaneously serving as an executive member of the CyberEdBoard Community. He holds multiple certifications and has an astounding knowledge of conducting in-depth assessments for swiftly identifying gaps in processes, practices, and controls, towards protecting critical assets from a broad range of threats whilst ensuring compliance with all regulatory requirements. He is an accomplished leader ability to train and lead high-performing teams for IT infrastructure and information security operations, disaster recovery, and incident response. His accomplishments involve numerous large-scale projects managements with complex requirements, across the financial and banking sectors.
Views expressed in this article are personal. The facts, opinions, and language in the article do not reflect the views of CISO MAG and CISO MAG does not assume any responsibility or liability for the same.