Virtualization Technology News and Information
RSS 2018 Predictions: Customers Will Demand Cloud Security and Compliance

VMblog Predictions 2018

Industry executives and experts share their predictions for 2018.  Read them in this 10th annual series exclusive.

Contributed by Tim Prendergast, CEO of

Customers Will Demand Cloud Security and Compliance in 2018


Organizations that use public clouds are adopting an increasingly sophisticated approach to security. While they have become comfortable with their sensitive workloads operating in the cloud over the past few years, they also have gained a better understanding of what's required to apply security best practices across the entirety of their cloud framework. There is also more general awareness of compliance demands and the corresponding need to employ smarter strategies to continuous compliance.

Preparing to meet these demands will require organizations to make cloud security and compliance a priority, but we are already seeing smart enterprises take note of certain trends. To that end, enterprises will make the following significant advances in 2018, and those who take advantage of them will prosper:

Demand from customers for more compliance reporting: In 2017 we saw many examples of breaches that were a result of 3rd party vendors not properly securing data in the cloud. We predict that in 2018, we'll see more enterprises demand assurances about the steps vendors are taking to secure data in their cloud environment. And, perhaps we'll start to see more enterprises demand security, compliance service-level agreements, and a regular reporting cadence over and above an annual audit.

Massive shift from single cloud to multicloud: The adoption of multiple clouds is becoming and will continue to be more prevalent, creating an even more complex situation for security and compliance teams who struggle to keep up with development. Despite the additional complexity, organizations will make the move to multicloud in order to satisfy availability and disaster recovery requirements, the technology preferences of development teams, or as a tactic to manage growing cloud expenses. Additionally, companies are also looking at cloud agnostic microservices and secondary cloud services for their future uses.

Enterprises will make a meaningful move to predictive security rather than reactive: The market is becoming more sophisticated when it comes to cloud security and they are pushing the envelope around integration and incident life cycle management. We predict that companies will really start to be much more proactive at managing security within the DevOps lifecycle. There is a huge need to integrate security into the development process rather than reacting to issues once a project has been deployed to production. If companies can implement the DevSecOps mindset into both their culture and products in 2018 then security will be all around better for it. This mindset will need to affect both hiring practices and processes for companies and it will potentially fundamentally change what a security engineer looks like.

Container and serverless computing ramps up creating security headaches: In 2018 companies will move to adopt the cloud-native approach and the traditional host-based operation system will either become irrelevant or it will need to reinvent itself or die. From a security standpoint, no one is really prepared to secure all these containers and functional compute opportunities, but people are adopting it nonetheless.

Cloud adoption will continue to rapidly increase, but so will attempts to attack its vulnerabilities. Organizations that take the necessary steps to effectively manage risk will be best prepared to protect their data, people, and assets.


About the Author

Tim Prendergast 

Tim co-founded to help others avoid the pain he endured when helping Adobe adopt the cloud at a massive level. After years of building, operating, and securing services in AWS, he set out to make security approachable and repeatable for companies of all sizes. Tim led technology teams at Adobe, Ingenuity, Ticketmaster, and McAfee.  

Published Monday, November 20, 2017 5:00 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<November 2017>