Virtualization Technology News and Information
Article
RSS
Synopsys 2020 Predictions: Cloud Security

VMblog Predictions 2020 

Industry executives and experts share their predictions for 2020.  Read them in this 12th annual VMblog.com series exclusive.

By Steve Cohen, Security Services Manager at Synopsys

Cloud Security

At the end of 2019, most organizations are partially or fully servicing their application workloads in the cloud. In addition, they are continuing to optimize their risk mitigation approach by furthering security practices and policies while learning how to make the most of their hybrid environments. 

New Approaches to collecting Security-Related Data will be Necessary

In 2020, I believe we'll see the accelerated adoption of finer granular objects to drive efficiencies. As developers adopt these finer granular objects within their cloud applications, such as containers, microservices, micro-segmentation, and the like, security testing tools will need to be object aware in order to identify unique risks and vulnerabilities introduced by utilizing these objects.

I anticipate that new approaches to collecting security related data may become necessary in the cloud. In addition to application logs, cloud API access will be seen as necessary. There will also be a growing focus on centralized logging in the upcoming year.

Reduced Transparency will be a Growing Trend

In addition to application security, the cloud management plane will become an additional security layer that needs addressing in 2020. Developers, for example, will require access to the management plane to deploy applications. Incorrect settings here could expose the application to security risks as sensitive information flows through it. Reduced transparency around what's going on within a given application will likely be a growing trend. A cloud provider doesn't necessarily tell you what security controls exist for the PaaS services they expose to you. Businesses will therefore need to make some assumptions about their security considerations and stance.

In terms of data security and integrity in the cloud, there will be more of a need to have proper policies in place so prevent improper disclosure, alteration or destruction of user data. Policies must factor in the confidentiality, integrity and availability across multiple system interfaces of user data. In 2020, the adoption of PaaS and serverless architecture will provide even more of an opportunity to dramatically reduce the attack surface within the cloud.

##

About the Author

steve cohen 

Steve Cohen is a Security Services Manager at Synopsys where he focuses on Cloud and CI/CD services. Other areas of specialization include product management, software security, and storage management.

Published Thursday, December 05, 2019 7:17 AM by David Marshall
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
top25
Calendar
<December 2019>
SuMoTuWeThFrSa
24252627282930
1234567
891011121314
15161718192021
22232425262728
2930311234