What cloud security events will 2020 hold, and what can be done about them?
In the new year, we will see the emergence of refined threat actor tactics, techniques and procedures for exfiltrating customer, company and partner data. However, these challenges will not slow down the rate at which organizations suffer data leaks due to misconfigured cloud servers.
Misconfigurations have been the culprit behind several breaches this year, including CenturyLink and JCrush. The public cloud market is only increasing and is expected to total $266.4 billion in 2020. Organizations often feel as though they have to choose between “security or efficiency,” or “security or innovation.”
Unfortunately, this is a false choice, yet companies still believe it to be true and end up choosing innovation over security more often than not. As a result, they will suffer damaged brand reputation, fines from data privacy laws, class action lawsuits and more.
Furthermore, we can expect the emergence of a new battlefield in cloud security - identity. Below, I dive more into these key predictions for the coming year and explain how companies can continue to embrace cloud and container infrastructure without losing control.
Cloud misconfigurations will continue to cause massive data breaches.
As enterprises continue to adopt cloud services across multiple cloud service providers in 2020, we will see a slew of data breaches caused by misconfigurations. Due to the pressure to go big and go fast, developers often bypass security in the name of innovation.
All too often this leads to data exposure on a massive scale such as the First American Financial Corporation’s breach of over 885 million mortgage records in May. Companies believe they are faced with a lose-lose choice: either innovate in the cloud and accept the risk of suffering a data breach, or play it safe with existing on-premise infrastructure and lose out to more agile and modern competitors.
In reality, companies can accelerate innovation without loss of control in the cloud. They can do this by leveraging automated security tools that give organizations the ability to detect misconfigurations and alert the appropriate personnel to correct the issue, or even trigger automated remediation in real-time.
Automation also grants enterprises the ability to enforce policy, provide governance, impose compliance, and provide a framework for the processes everyone in the organization should follow—all on a continuous, consistent basis. Companies can innovate while maintaining security, they simply must adopt the proper cloud strategies and solutions.
New Year, New Threats.
As companies continue to invest in new technology, we will see the introduction of new and advanced tactics, techniques, and procedures from malicious third-parties that seek to either exfiltrate critical customer, company, and partner data or even interrupt or disable business operations.
Companies often make the costly assumption that they will be safe from threats just by investing in additional security tools for every new technology or service that they adopt. This piecemeal approach to security is both extremely expensive and inefficient. In fact, since we don’t know what the most pertinent threats will be in a year from now, the best approach is for companies to invest in holistic security solutions that can evolve and scale with a company over time.
IAM is the new perimeter, and it is harder than you think.
Everything in the cloud has an identity, and the relationships are complex, so scoping to least privilege or adopting zero trust sounds great, but is really difficult to do. In 2020, security professionals are going to realize that identity and access management (IAM) is an area where they can lose control rapidly, and it is very hard to take back.
Approaches and strategies from the datacenter world don’t transfer, and companies need to rapidly invest in the process and in supporting tools (including automation) to stay ahead in this complex landscape. The repercussions of poor IAM governance are substantial and sometimes unpredictable. For example, a former AWS employee was able to access over 100 million Capital One customers' records by bypassing a misconfigured web application firewall, performing privilege escalation and as a result, obtained access to a swathe of customer information.
What can be done?
Organizations should not view these predictions as threats, but rather as challenges to start 2020 off on the right foot by placing a greater emphasis on security. The future depends on what is done today, and automated security controls can help organizations improve security, take control and minimize risk as they embrace the dynamic, self-service nature of public cloud and container infrastructure.