The big three innovations transforming cloud security

As cloud infrastructure and platform services proliferate in enterprise environments, confidence in the security of the cloud continues to grow, and “cloud-first” strategies are now common even among risk-averse organizations.

Yet in many cases, organizations still face a lack of necessary skills and tools to ensure secure cloud deployments. In a recent Gartner survey, the most-cited challenge to cloud adoption was gaining security team approval and support for cloud migration strategies.

And this hesitation is often for good reason: Gartner predicts that through 2025, more than 99% of cloud breaches will have a root cause of preventable misconfigurations or mistakes by end-users.

Numerous innovations and technologies are evolving to help organizations enhance their security posture across hybrid and multicloud deployments. Security and risk leaders who become early adopters of these innovations will be the best positioned to deliver controlled, compliant and economical cloud strategies that help keep their organizations competitive in a cloud-first world.

Here are three key innovations that Gartner has identified that will have a significant impact on the cloud security market in the next two to five years:

Cloud access security brokers

End-user organizations need to secure the use of business-critical, cloud-delivered applications and infrastructure. They also need to secure the general internet to prevent threats to users, regardless of their location, and improve access to existing services while taking advantage of zero trust concepts. These needs have become even more prevalent during the COVID-19 pandemic with the rise of remote work and increased reliance on cloud services.

Cloud access security brokers support these use cases by consolidating multiple types of security policy enforcement into one place, ensuring consistent visibility, compliance, data security and threat protection across all cloud services. For example, CASBs can standardize tasks such as authorization, device profiling and malware removal across software-as-a-service, infrastructure-as-a-service and platform-as-a-service deployments.

By delivering differentiated, cloud-specific capabilities that aren’t generally available as features in traditional security products, CASB products are critical for governing and addressing security gaps in all types of organizations’ use of cloud services. Gartner anticipates that CASB technologies will have a transformational impact on the cloud security market in less than two years.

Secure Access Service Edge

Secure Access Service Edge is a term coined by Gartner in 2019, defined as the convergence of multiple network and security-as-a-service capabilities, such as software-defined wide-area networks, secure web gateways, CASB, next-generation firewalls and zero-trust network access. SASE is delivered as a service and enables zero-trust access based on the identity of the device or entity, combined with real-time context and security and compliance policies.

Interest in and adoption of SASE has been rising in recent years, driven by enterprise digital business transformation: It increases visibility, agility, resilience and security, while also dramatically simplifying the delivery and operation of critical network and network security services. Gartner forecasts that the market for SASE will reach almost $15 billion by 2025.

In the nearer term, Gartner expects that at least 10 vendors will offer a sufficiently complete single-vendor SASE offering by next year. SASE will transform the delivery of security in the next two to five years, and network and security vendors that can’t deliver a compelling SASE offering will lose significant market opportunities.

Cloud Security Posture Management

Assessing the secure and compliant configuration of a modern, dynamic and containerized cloud infrastructure environment is an increasingly complex task. Even simple misconfiguration issues represent significant and often unidentified risk. Compounding the problem is the speed and scale of modern cloud deployments.

CSPM offerings continuously manage cloud security posture by applying common frameworks, regulatory requirements and enterprise policies to proactively detect and assess cloud infrastructure risk. If risks are identified, remediation options, automated or human-driven, are provided.

The CSPM market is growing and evolving rapidly and increasingly must extend functions into development using infrastructure-as-code scanning. Multiple mature offerings are now available from established vendors, while some hyperscale cloud service providers offer built-in CSPM capabilities suitable for single-cloud deployments. Gartner expects that CSPM will have a high impact on the market within two to five years.

As these innovations progress and evolve, security and risk management leaders must keep a pulse on the emerging trends and technologies that are driving the cloud security market. Security leaders who can reorient their roles to become digital business transformation leaders embracing these innovations will be best positioned to help their organizations make controlled, compliant and economical use of the public cloud.

Tom Croll is a senior research director at Gartner Inc. and a Certified Cloud Security Professional who researches various aspects of public cloud security. He wrote this article for SiliconANGLE. Gartner analysts will provide the latest research and advice for security and risk management leaders at the Gartner Security & Risk Management Summit 2021, taking place virtually in the Americas Nov. 16-18.

Image: Willfried Wende/Pixabay