During the pandemic, companies embraced a radical shift of moving to public and private cloud environments. In fact, most enterprise application deployments now reside in the cloud and, in many cases, multi-cloud environments. Following are five key predictions on what lies ahead for cloud cybersecurity in 2023.
Organizations are no longer moving to the cloud. They are already there. And as the sun sets on 2022 and dawns on 2023, this strategic market shift will have considerable implications for cloud security and cybersecurity at large.
Here are five predictions to watch:
1. Cloud Security Will Become Synonymous With Cyber Security
In the past few years, there has been ample discussion about ‘cloud movement,’ cloud migration process, and ‘cloud’ security as a dedicated discipline within cybersecurity. This transition is largely over, or at least at very advanced stages.
According to Radware’s 2022 Application Security in a Multi-Cloud World report, 99% of organizations now deploy applications in public cloud environments. Usage of the public cloud has become ubiquitous, with only a few companies opting out of cloud deployments. In addition, approximately 40% of production applications are deployed in the public cloud, and another 30% are deployed in private cloud environments. This means that 70% of production applications are deployed in a cloud setting.
In short, cloud environments now comprise the majority of enterprise application deployments. Given that most applications are now deployed in the cloud, protecting those applications and workloads will no longer be a dedicated or separate discipline within cybersecurity at large; rather, it will just be cyber security. Moving forward, the line between ‘cloud’ security and general ‘cyber’ security will continue to blur.
2. Multi-cloud Will Go Mainstream, Offering More Failover Options
Not only are companies opting for the cloud, but the number of organizations running multiple cloud environments concurrently is expected to grow steadily. While multiple clouds can create more complexity when managing configuration and governance, they can also ensure business continuity if a primary cloud provider is under cyberattack.
According to the multi-cloud report, 58% of organizations now deploy applications on more than one public cloud environment. This figure is up from 53% last year and is expected to grow to 60% within 12 months.
The greatest increase is expected in organizations deploying applications across three and four cloud environments. About 17% of organizations are currently deploying applications across three cloud environments, and this figure is expected to rise to 19% within 12 months.
3. Hybrid Environments Will Continue to Influence Security Strategies
While usage of on-premise hardware data centers is gradually declining, over 80% of organizations still deploy applications in their legacy hardware data centers.
Combined with the growing number of cloud deployments, Radware’s report results show the extent to which organizations deploy assets in parallel across hybrid environments, both cloud and non-cloud. In fact, 45% of respondents deployed applications in a hardware data center, on a private cloud, and at least two public clouds.
Moving forward, multi- and hybrid-cloud will become mainstream approaches to deploying applications and workloads and must be factored in when considering a security strategy.
4. Multiple Security Controls Will Compound the Challenges in Maintaining Quality Protection
A frequent consequence of operating multiple cloud environments is having to manage multiple dashboards. This is also true when it comes to overseeing application security across several clouds.
According to the multi-cloud report, half of the organizations are expected to deploy more than one web application firewall solution to protect their applications within 12 months.
Managing multiple security controls in parallel leads to a myriad of problems, including:
- Inconsistent security policies between applications running in different environments
- Varying security coverage in terms of features and protections
- Fragmented logging and reporting with no centralized picture
- Disparate management interfaces and dashboards
Indeed, 51% of respondents thought that maintaining the quality of protection across cloud environments was a ‘problem’ or a ‘significant problem;’ 41% believed the same of unified visibility for logging and reporting across environments, and 38% thought that protection coverage between platforms was a major problem.
Reinforcing the seriousness of the security problems, the report found that 69% of organizations experienced a breach or data exposure due to inconsistencies in application security across different platforms.
These findings demonstrate the ongoing challenges of managing multiple application security tools concurrently — challenges that will only increase as multi-cloud deployments become even more widespread.
5. The Shortage of Qualified Security Talent Will Increase Reliance on Automated Security Tools
I do not know of a CISO who believes they have enough qualified security staff on their team — a problem that has been exacerbated in the post-COVID world.
According to the (ISC)2 2022 Cybersecurity Workforce Study, there is a shortage of 3.4 million cybersecurity workers worldwide. The study paints a bleak picture. The demand for cybersecurity experts increased by 25% in the past 12 months; 70% of businesses are facing staff shortages, and 43% of organizations cannot find enough qualified talent.
Not only are organizations challenged in recruiting qualified internal talent, but most also do not trust their cloud security providers. According to Radware’s multi-cloud report, trust in the quality of the security provided by public cloud vendors decreased by 25% year-over-year, from 48% to 36%. That means that 64% of respondents do not fully trust the level of security provided by their public cloud vendors.
As a result of this gap, there will be greater reliance on automation and managed security services in the coming year.
Conclusion
While cloud adoption is certainly not new, the implications for cloud security continue to evolve as multi- and hybrid deployments become more common and complicated. 2023 may just be the year cloud security becomes synonymous with cybersecurity. However, that does not mean it should lose its place of influence in a security strategy.
BRAMS Partnership with the leader
With its expertise, BRAMS offers you market-leading cloud solutions billed per use. With BRAMS, now you can unleash your full potential and focus on what matters most: Your activities with maximum security for your system. Thanks to its partnerships and collaboration with the biggest global cloud pioneers: Microsoft, Amazon Web Services, IBM Cloud and Google Cloud, Brams has become a multi-industry focus, to support companies of different sectors and sizes to move to the Cloud for more than two decades of expertise.
Get in touch with an Expert ..
Source: https://www.spiceworks.com/it-security/cloud-security/guest-article/cloud-security-predictions-for-2023/