Virtualization Technology News and Information
Cloud Security 2016: Expert Partners, Active Defense and a Business-Centric Approach
Security is a topic that has finally come of age. We no longer need to spend time discussing the sophistication and persistence of the threat, the risk associated with the Internet of Things and mobile devices, the devolution of the perimeter, the need for deterrence over prevention or the value of security versus compliance.

At this point, we must now shape our discussion around how to leverage security to build trust and confidence that becomes a powerful business enabler.

As Rackspace's Managed Security and Compliance Assistance offerings reach a new milestone, becoming globally available today, I've written on the Rackspace blog about the moves security organizations must make to build trust in the cloud.

Simplification of Security

Complexity is the enemy of security. Simplifying will be less about reducing the number of controls and more about baking controls directly into products and services from the start, making them as transparent as possible to end users. We will also see activation of security as a default setting. Products and solutions will no longer require users to "turn on" security; it will be a part of consumers' inherent bill of rights for using a product or solution. Simplification will drive down the cost of compliance and auditing. Enabling a connective tissue between business-enabling policies and technology will help provide customers and partners with "on demand" audit readiness.

A Move from Data to Decisions

There will be a greater focus on providing security visibility and control. Data analytics will become increasingly significant. Companies sit on a virtual goldmine of information they could use to make decisions and operate more efficiently, but they need the expertise and tools to transform that data into useful information. Technology and capability is catching up, and we will see a trend of using this information to regain control and provide better visibility into our most critical systems. Analytics-as-a-Service will become a focus as businesses look to use data to handle timely business decisions and real time rewards for their customers.

Security Will Move "Up-the-Stack"

Security teams are moving to a more business-centric approach, mapping users and controls to applications and business functions. Enhanced controls will include a move to zero trust environments and no standing permissions. As hackers are getting smarter, we must know the applications and business drivers better to better protect the environment.

New Technology Will Require New Methods of Protection

We will begin to see the deprecation of traditional security concepts. As disruptive technology becomes commonplace, we must constantly ask ourselves how we secure it. At the risk of being repetitive, new methods of protection must be embedded into the DNA of the solutions and products we bring to market.

A Move Toward Partners

With the shortage of security resources, organizations will become dependent on third party resources for the execution of their security programs. Relationships will transition from traditional vendor to partner and there will be greater collaboration around business risk.

Greater Focus on Cloud

"Friends don't let friends build data centers": cloud will be the new norm and more companies will migrate from 'cloud on the periphery' to 'cloud powering mission critical applications and systems.' Companies will grow weary of sustaining heavy infrastructure budgets that are hard to manage and change. Data centers will evolve into virtual ecosystems of cloud service providers.

The Rise of Active Defense

We will no longer blindly accept nor tolerate adversaries' actions. Instead, we will see much more aggressive enforcement. Commercial organizations will begin to fight back. Timely and practical information sharing will help to drive up adversaries' costs.

Building Tomorrow's Security Leaders

As cybersecurity continues to be one of the few professions in the industry with a negative unemployment rate, relationships with educational and vocational training institutions, along with internal career development programs, will become increasing more crucial.

At Rackspace, our team of security professionals understand, and are already implementing, the above imperatives. Our Managed Security and Compliance Assistance services are defining the direction of modern cloud security. To learn more about how Rackspace provides security services that give customers the confidence to focus on their core business imperatives, visit

Published Monday, February 01, 2016 1:43 PM by David Marshall
Filed under: ,
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<February 2016>