2022 saw an explosion of changes in the cloud security market. Every aspect of the ecosystem has undergone a fundamental shift, including vendors, products, and infrastructure. New categories such as Data Security Posture Management (DSPM) emerged, established vendors jumped on cloud data lake announcements such as Amazon Security Lake, and disrupted vendors, like KnowBe4, which was acquired by Vista Equity for $4.3 billion. fell into
As we approach 2023, cybersecurity for public cloud workloads (virtual machines, containers, and services) will continue to evolve as customers seek to balance aggressive cloud adoption and compliance with their security needs. CIOs and CISOs challenge teams to build the foundation of a security platform that can integrate point products, support multiple clouds (AWS, Azure, and GCP), and leverage automation to scale security operations. Zero trust architectures pave the way for workload protection, real-time data protection, and centralized policy enforcement in the cloud. Learn more about how these five dynamics will become more prominent in public cloud workloads in 2023.
Generative attacks are targeted and personalized
Automation and machine learning enable cybercriminals to launch sophisticated and targeted attacks. Scripted botnets can perform network reconnaissance on cloud infrastructure, gathering valuable data that can be used to launch further attacks. Malware packages are becoming a commodity, with automation tools readily available whose level of abstraction makes them deadly to even the unimaginative. For example, ChatGPT, which took the tech world by storm, can use machine learning to auto-script malware.
Cyber Threat Researcher @lordx64 shared an example of malware auto-generated by ChatGPT. The malware used PowerShell to download ransomware with an obfuscated script, encrypt all files, and exfiltrate the key to google.com.
A Centralized Security Posture Will Be the Standard for Addressing Workload Sprawl
Misconfigurations due to human error remain the number one root cause of cyberattacks. Many attacks exploit weak configurations using techniques such as code injection and buffer overflows. In a cloud where workloads can be spun up and down frequently, configuring security policies on individual firewalls for every virtual private he cloud (or trust zone) opens the door to human error.
Organizations are increasingly looking for architectures that can centralize the definition, enforcement, and remediation of cloud security policies. Only when cyber defenses are delivered from a central platform can they be applied to all workloads instead of just a select few.
Zero Trust for Workload Protection Gains Momentum
Zero Trust will be widely adopted to protect assets by enforcing an explicit trust framework for all assets in the public cloud. Implementing Zero Trust in the public cloud is different because customers are dealing with ephemeral and dynamic resources. Reduce cost overruns and complexity with a zero trust platform designed for the cloud. Before workloads in the public cloud can request resources, they must pass extensive trust checks (a combination of identity, device risk, location, threat intelligence, behavioral analytics, and context). Once explicit trust is successfully established, the resource is subject to corporate security policy for access control.
CIOs demand more effective multi-cloud security tools
When it comes to vendor best practices, CIOs are increasingly turning to a diverse portfolio of public cloud infrastructures for three main reasons. They want to be less dependent on a single vendor. Many companies are also looking to consolidate infrastructure inherited from mergers and acquisitions. CIOs should also leverage best-of-breed services from a variety of vendors, including Google Cloud BigQuery for data analytics, AWS for mobile apps, and Oracle Cloud for ERP.
All cloud vendors preach the concept of “shared security responsibility”, putting the onus on customers to implement a security infrastructure for their cloud resources. A savvy IT shop will definitely choose a cybersecurity platform that supports multiple public cloud environments.
Real-time data protection becomes a key standard for cloud data governance, security
Securing sensitive data, such as protected medical information, personally identifiable information, financial information, patents, sensitive corporate data, and other intellectual property, is difficult to protect when it moves to the cloud. Traditional data loss prevention (DLP) architectures that rely on regular expressions, scans, and static rules are inadequate and ineffective for DLP in the cloud.
The rise of the data security posture management category has provided critical visibility into the need for observability and real-time analytics. A proxy-based architecture that can decrypt and inspect all SSL traffic is the cornerstone of any enterprise that takes protecting sensitive data seriously.
Moving to the cloud is not a new trend in the enterprise world, but the impact of cybersecurity on cloud workloads is still evolving. No definitive answer yet, but these are some of the leading indicators his customers will use to navigate in 2023.
read more partner’s perspective From Zscaler.
