Virtualization Technology News and Information
Article
RSS
DoControl 2024 Predictions: The Evolution of CASB Solutions, SaaS Applications as the Next Big Attack Surface, and the Battle Between AI and SaaS

vmblog-predictions-2024 

Industry executives and experts share their predictions for 2024.  Read them in this 16th annual VMblog.com series exclusive.

The Evolution of CASB Solutions, SaaS Applications as the Next Big Attack Surface, and the Battle Between AI and SaaS

By Adam Gavish, CEO and Co-Founder - DoControl

As we prepare to close out the year and look ahead at what to expect in 2024, we can expect to see CASB solutions provided by SASE to lose their flavor. Today, SASE solutions secure remote connections so that employees can browse to corporate applications from any network and any device, making the old proxy mode CASB enforcement irrelevant. As more organizations continue to transition to SaaS-only operations than ever before, it is increasingly harder to secure complex networks.

In addition to the evolution of CASB solutions, we can also expect to see the regulatory landscape evolve and become more stringent in regards to data privacy and cybersecurity. We will also see SaaS applications presenting the next biggest attack surface. This comes as a result of businesses shift to remote or hybrid work post-pandemic and the tremendous spike in SaaS applications downloaded for work use. 

Whatsmore, in 2024, more than ever before, we can expect to see a spike in organizations that are SaaS first/SaaS only. The emergence of Artificial Intelligence (AI) will mean even more SaaS platforms will be created and used in 2024, all with an eye towards solving a productivity or business problem rather than keeping that data within these apps secure, leaving the door and the keys to the kingdom wide open for malicious actors to take advantage of. This piece will explore some of these topics further and what we expect to see in the cyber industry in 2024. 

New Year, New Flavor: The Evolution of CASB Solutions in the SASE Era

In 2024, we will see security teams advancing to API mode CASBs that understand how SaaS applications work and how SaaS data is modeled, allowing them to enforce and remediate through robust API integrations. Modern-day API mode CASBs will be able to perform the following capabilities:

  • Leverage SaaS Webhook events to detect and respond to SaaS threats in near real-time - without any agents installed
  • Combine critical business context from HRIS/IDP integrations to enrich native SaaS activity events and data inventory with legitimate business context
  • Discover all SaaS data, OAuth apps, users, groups, and inventory to visualize the entire attack surface.

This will provide more contextual information to narrow down the scope to deterministic insider threats, enable faster detection and response, and help security teams better visualize their entire attack surface to prioritize top threat models across business units.

The Future of Protection

With the SEC's adoption of new rules on cybersecurity disclosure for public companies similar to CISA SCUBA, the regulatory landscape is likely to evolve and become more stringent in regards to data privacy and cybersecurity. Organizations will be expected to provide more detailed and accurate information regarding their cybersecurity practices and incidents which will prove to be difficult if they continue to depend on legacy CASB/SaaS Security tools. These aging tools don't provide the necessary levels of granular controls, business context, or automation. It will be critical for organizations to invest in their cybersecurity practices and come to recognize the importance of safeguarding sensitive information while staying in line with the regulatory expectations placed on them and their peers. All of this to say, organizations that proactively invest in robust cybersecurity practices and adapt to the evolving regulatory landscape are likely to be better positioned to protect their data and maintain trust with stakeholders.

SaaS Applications, 2024's Next Big Attack Surface

As many businesses shift to remote or hybrid work post-pandemic, a significant amount of SaaS applications have been downloaded for work use. In 2024, SaaS applications will present the next biggest attack surface that organizations have not yet addressed. Businesses are increasingly relying on cloud-based solutions for critical operations, which is expanding the attack surface and broadening the canvas for cybercriminals to exploit vulnerabilities. Moreover, the rise in popularity of Generative AI will make social engineering attacks become easier for SaaS identity account takeovers. Security teams will need to assess all the applications that have been installed by employees, determine which are necessary for business operations, and understand the attack surface each presents. In the new year, organizations will need to "clean up" their SaaS security posture and remove all unnecessary applications with extensive permissions. Security teams will need to develop a comprehensive SaaS security program to monitor application installations and manage security controls so they can avoid a major SaaS data breach in the new year to come.

The Real Battle: AI Social Engineering vs. SaaS 

As we've watched the AI boom unfold, we've witnessed the peaks and valleys of its evolution. AI's effectiveness seems to be endless for organizations worldwide. However, the combination of AI's adaptive algorithms and expansive data processing capabilities has ushered in malicious intent by attackers. The number of AI powered social engineering attacks will likely see an exponential growth in 2024. The main victim being SaaS applications and SaaS identity accounts. Organizations will need to play by establishing strong SaaS data exposure hygiene that can create a crucial line of defense. 

Key aspects of SaaS data exposure hygiene include:

  • Access control management 
  • Encryption protocols
  • Regular auditing and automated monitoring
  • Data Loss Prevention (DLP)
  • Creating a well-defined incident response plan

Even if attackers manage to breach one layer of security, they will encounter additional obstacles when trying to access valuable data. Organizations will have the time and resources to defend themselves before it's too late. This added layer of protection is vital for safeguarding sensitive information against constantly evolving and sophisticated threats.

The SaaS Supply Chain Revolution

In the coming year, supply chain security is poised to advance significantly. Security teams will be mandating the implementation of robust SaaS Security programs, specifically focusing on the governance of SaaS OAuth Supply Chain through standardized procedures. This entails the establishment of a structured process where OAuth App Reviews are seamlessly integrated with end-user operations. To properly enforce supply chain security, organizations must implement robust SaaS Security Programs, encompassing access controls, encryption, and regular audits. Additionally, the standardization of OAuth App Reviews will be crucial and will involve meticulous scrutiny of application permissions, authentication mechanisms, and security parameters to meet predefined standards. Automation tools can streamline these reviews, ensuring efficiency and consistency while reducing the risk of human error. By integrating these technical measures, organizations can proactively enhance the security of their supply chains, safeguarding critical processes and data against cyberattacks. This approach fosters a more resilient and secure operational environment in the face of evolving cyber threats.

##

ABOUT THE AUTHOR

Adam Gavish 

Adam Gavish is the Co-Founder and Chief Executive Officer of DoControl. Adam brings 15 years of experience in product management, software engineering, and network security. Prior to founding DoControl, Adam was a Product Manager at Google Cloud, where he led ideation, execution, and strategy for Security & Privacy products serving Fortune 500 customers. Before Google, Adam was a Senior Technical Product Manager at Amazon, where he launched customer-obsessed products to improve the payment experience for 300M customers globally. Adam has also been a Software Engineer in two successfully acquired startups, eXelate for $200M and Skyfence for $60M. Adam is a lifetime information geek, breaking down business and technical problems into components to generate long-term learning. He loves running outdoors, playing with LEGOs with his son, and watching a good movie with his wife. Adam holds a B.S. in Computer Science from the Academic College of Tel-Aviv Yafo and an MBA from the Johnson Graduate School of Management at Cornell University.

Published Tuesday, November 28, 2023 7:41 AM by David Marshall
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<November 2023>
SuMoTuWeThFrSa
2930311234
567891011
12131415161718
19202122232425
262728293012
3456789