Virtualization and Cloud executives share their predictions for 2017.  Read them in this 9th annual VMblog.com series exclusive.

Contributed by Murali Palanisamy, Chief Product Officer, AppViewX

Five Cloud Security Predictions to Fortify your Enterprise Next Year

Security has always been top-of-mind for the enterprise, perhaps more so in 2016 than ever before as the frequency and complexity of cyber attacks continue to increase. According to the Identity Theft Resource Center, there have been over 950 reported U.S. data breaches in 2016, compared to 781 in 2015 - and the year isn't even over yet. With this spike in number of attacks, it has become vital to understand security trends - especially for the cloud, which, while gaining adoption across data centers worldwide, has been deemed more susceptible to cyber-attack. Below are five cloud security predictions the team at AppViewX has prepared to help you fortify your enterprise against the bad guys next year:

• Ransomware will spread to the cloud:

When it first entered the IT landscape, the cloud was a technology breakthrough that gave enterprises increased productivity, the ability to scale strategies seamlessly, remain cost effective, and collaborate in more innovative ways. With all this promise, however, comes new vulnerabilities. Until the last several years, it wasn't widely known that ransomware can disrupt not only on physical servers, but also on the cloud. The cloud is not protected by more traditional security measures and as a result, cloud-based attacks are more likely to result in multi-million dollar damages. In 2017, be prepared for ransomware to increasingly wreak havoc on the cloud, making it more important than ever to take the necessary precautions towards preventing attack within virtual environments.

• Enterprises will increase expenditures for Network Security as a Service:

When enterprises make the shift from on-premise to cloud, they take for granted that the cloud provider will assume ownership of all things security. This is a misconception. The goal of cloud providers is to deliver agility and performance, and security isn't always top-of-mind. Before partnering with a cloud vendor, enterprises need to appraise their needs and define security measures that protect their assets in the cloud. This new consideration will lead to an increase in IT budget going towards Network Security as a Service (NSaaS) solutions.

• Automation tools for remediation will gain market share:

As the complexity of these attacks increase, so will their intensity, making it more and more difficult for enterprises to predict and protect against them. Moreover, as sensitive data moves from physical servers to the cloud, this risk becomes even more dangerous. But have no fear: this heightened vulnerability will lead to a spike in automation tools designed to combat these unforeseen attacks. 2017 will see a great wave of highly intelligent tools that can provide real-time alerting and response, minimizing risk from both inside and outside the data center.

• Virtual and hybrid enterprises will develop multi-vendor data security policies:

In the cloud, business users are able to easily sidestep traditional protocols to use services that would otherwise need collaboration from multiple departments to ensure compliance. This could result in confusion, where no one assumes responsibility for data breaches. As physical boundaries blur to virtual ones in 2017, enterprises will be left struggling to decide who should be tasked with the responsibility of safeguarding data. In such cases, it will be critical to create and enforce enterprise-wide data security policies that reduce risk by sharing responsibility.

• Applications and DevOps teams will shoulder more cloud security responsibilities:

As enterprises spin off applications to the cloud, they will need to pay more attention to how these new services affect overall data center security. In a traditional infrastructure, there are well-defined perimeters but that's not the case when it comes to the cloud. This lack of predefined boundaries makes the cloud more vulnerable than its physical peers to impending threats. This will necessitate that DevOps and application teams shoulder more cloud security responsibility, almost as much as IT security teams themselves.

• There will be an increased need for certificate and key management on the cloud:

Not surprisingly, 2017 will also see enterprises slowly but surely move their applications to the cloud. This will lead to an onslaught of new certificates being spun out, and it's highly likely that these newly cloud-centric enterprises will struggle to manage them. A robust certificate lifecycle and secure key management system will be needed by enterprises, large and small, to keep track of certificates and create some semblance of order both on on-prem and in the cloud.

##

About the Author

Murali Palanisamy, AppViewX, Chief Product Officer

As Chief Product Officer at AppViewX, Murali is responsible for the overall product vision, development and technical direction of the company. Before joining AppViewX in August 2014, he served as a Senior Vice President of Traffic Management Architecture and Engineering at Bank of America. Prior to that, Murali was Vice President of Architecture and Product Engineering at Merrill Lynch. Throughout the course of his career, Murali has designed and developed automation and integration solutions for servers, application delivery controllers, IP services and networking. He is an electronics and communication engineer from Bharathiyar University in India.