Industry executives and experts share their predictions for 2023. Read them in this 15th annual VMblog.com series exclusive.
What to Expect in Cloud Security in 2023
By Arick Goomanovsky, co-founder and Chief Business
Office of Ermetic
DevOps, excessive entitlements, legacy controls and
network protection are set to become key areas of emphasis next year. So,
without further ado, here are my top four predictions for cloud security next
year...
1. Continued cloud
adoption will shift more responsibility away from traditional IT into the
hands of the product and development teams. Due to this democratization of
cloud security, expect organizations to accelerate their adoption of
infrastructure as Code (IaC) security tools and implement "shift
left" concepts for cloud infrastructure such as scanning IaC for
misconfigurations and policy violations prior to deployment. Conversely,
cloud security platforms that are traditionally designed for security
stakeholders will include more capabilities that are specifically targeted
at developers, such as automatic remediation of issues directly in the
code, in languages like Terraform.
2. With more and more
infrastructure migrating to the cloud,organizations will need to focus on
cloud-native approaches to security controls, such as cloud infrastructure
entitlement management (CIEM). Cloud identity has replaced the network as
the primary perimeter. With
thousands of human and machine identities in every cloud deployment, they
are the largest attack surface and the number one cause of lateral
movement in case of a breach. CIEM solutions provide a way to manage these
risks, eliminate excessive and standing privileges, and to alert on
suspicious behaviors.
3. Expect companies to
implement new approaches that implement legacy security controls in the
cloud, and not to simply "copy-paste" their on-premise technologies for
network security, workload protection, and vulnerability scanning into the
cloud setting. Why? Because while
many basic security concepts are the same in the cloud and on-premise,
their implementation is very different.
In Platform as a Service environments like AWS, Azure and Google cloud,
developers can deploy infrastructure much more easily because many of the
operational details are handled by the cloud service providers. On the
other hand, operations and security teams have much less knowledge about
how the various services in the environment work and interact. This
becomes a serious obstacle when you "lift and shift" enterprise security
silos to the cloud.
New, cloud-native application protection platforms take a more holistic
approach, providing top-down visibility into all of the services in the
environment, and determining risk levels based on broader context.
4. Finally, although cloud
identity is emerging as "the new network", networking controls
will continue to play an important role in the cloud security stack.
Expect companies to continue to invest in network security, leveraging
more cloud-native capabilities in parallel with traditional firewall and
VPN vendors. That's because the network in the cloud is different from
on-premises, and is created by cloud platform providers using the virtual
services - like routers, switches, load balancers - offered by the
cloud service providers. To get visibility into network security risks, What worked
on-premises won't work in the cloud. Managing network security in the
cloud requires new tools and skills, especially visibility into network
exposures.
##
ABOUT THE AUTHOR
Arick Goomanovsky is co-founder and Chief Business Office
of Ermetic. He is a cybersecurity, national
security, and cyberwarfare expert. Previously, he was a co-founder of Sygnia
Consulting, a cyber consulting and incident response firm that was acquired by
Temasek Holdings. He also worked at McKinsey & Company in London, where he
focused on strategy and operations. Arick served for 15 years in the
Intelligence Unit of the Israel Defense Forces in senior leadership R&D
positions.