
Virtualization and Cloud executives share their predictions for 2017. Read them in this 9th annual VMblog.com series exclusive.
Contributed by Murali Palanisamy, Chief Product Officer, AppViewX
Five Cloud Security Predictions to Fortify your Enterprise Next Year
Security has always been
top-of-mind for the enterprise, perhaps more so in 2016 than ever before as the
frequency and complexity of cyber attacks continue to increase. According to
the Identity
Theft Resource Center, there have been over 950 reported U.S. data breaches
in 2016, compared to 781 in 2015 - and the year isn't even over yet. With this
spike in number of attacks, it has become vital to understand security trends -
especially for the cloud, which, while gaining adoption across data centers
worldwide, has been deemed more susceptible to cyber-attack. Below are five cloud
security predictions the team at AppViewX has prepared to help you fortify your
enterprise against the bad guys next year:
-
Ransomware will spread to the cloud:
When it first entered the IT landscape, the
cloud was a technology breakthrough that gave enterprises increased
productivity, the ability to scale strategies seamlessly, remain cost effective,
and collaborate in more innovative ways. With all this promise, however, comes
new vulnerabilities. Until the last several years, it wasn't widely known that ransomware
can disrupt not only on physical servers, but also on the cloud. The cloud is
not protected by more traditional security measures and
as a result, cloud-based attacks are more likely to result in multi-million
dollar damages. In 2017, be prepared for ransomware to increasingly wreak havoc
on the cloud, making it more important than ever to take the necessary
precautions towards preventing attack within virtual environments.
-
Enterprises will increase expenditures for
Network Security as a Service:
When enterprises make the shift from on-premise
to cloud, they take for granted that the cloud provider will assume ownership
of all things security. This is a misconception. The goal of cloud providers is
to deliver agility and performance, and security isn't always top-of-mind. Before
partnering with a cloud vendor, enterprises need to appraise their needs and
define security measures that protect their assets in the cloud. This new
consideration will lead to an increase in IT budget going towards Network
Security as a Service (NSaaS) solutions.
-
Automation tools for remediation will gain
market share:
As the complexity of these attacks increase, so
will their intensity, making it more and more difficult for enterprises to
predict and protect against them. Moreover, as sensitive data moves from
physical servers to the cloud, this risk becomes even more dangerous. But have
no fear: this heightened vulnerability will lead to a spike in automation tools
designed to combat these unforeseen attacks. 2017 will see a great wave of
highly intelligent tools that can provide real-time alerting and response,
minimizing risk from both inside and outside the data center.
-
Virtual and hybrid enterprises will develop
multi-vendor data security policies:
In the cloud, business users are able to easily
sidestep traditional protocols to use services that would otherwise need collaboration
from multiple departments to ensure compliance. This could result in confusion,
where no one assumes responsibility for data breaches. As physical boundaries blur
to virtual ones in 2017, enterprises will be left struggling to decide who should
be tasked with the responsibility of safeguarding data. In such cases, it will
be critical to create and enforce enterprise-wide data security policies that reduce
risk by sharing responsibility.
-
Applications and DevOps teams will shoulder more
cloud security responsibilities:
As enterprises spin off applications to the
cloud, they will need to pay more attention to how these new services affect
overall data center security. In a traditional infrastructure, there are
well-defined perimeters but that's not the case when it comes to the cloud. This
lack of predefined boundaries makes the cloud more vulnerable than its physical
peers to impending threats. This will necessitate that DevOps and application
teams shoulder more cloud security responsibility, almost as much as IT
security teams themselves.
-
There will be an increased need for certificate
and key management on the cloud:
Not surprisingly, 2017 will also see
enterprises slowly but surely move their applications to the cloud. This will
lead to an onslaught of new certificates being spun out, and it's highly likely
that these newly cloud-centric enterprises will struggle to manage them. A
robust certificate lifecycle and secure key management system will be needed by
enterprises, large and small, to keep track of certificates and create some
semblance of order both on on-prem and in the cloud.
##
About the Author
Murali Palanisamy, AppViewX, Chief Product Officer
As
Chief Product Officer at AppViewX, Murali is responsible for the overall
product vision, development and technical direction of the company. Before
joining AppViewX in August 2014, he served as a Senior Vice President of
Traffic Management Architecture and Engineering at Bank of America. Prior to
that, Murali was Vice President of Architecture and Product Engineering at
Merrill Lynch. Throughout the course of his career, Murali has designed and
developed automation and integration solutions for servers, application
delivery controllers, IP services and networking. He is an electronics and
communication engineer from Bharathiyar University in India.