Cloud computing can help companies improve business agility and reduce costs, but it also increases the attack surface. According to a recent IDC report, 98% of organizations have suffered at least one cloud security exploits in the past 18 months. About 79% of companies have experienced at least one cloud data breach. Another study by the Ponemon Institute and IBM found that cloud data breaches cost businesses an average of $3.61 million.
In 2022, in addition to serverless and automation, there are more trends that will accelerate the rapid development of cloud security. Here are the top 10 cloud security technology and application trend predictions for 2022:
- Serverless Growth
We are seeing more and more organizations adopting serverless architectures in their platforms. This means not only leveraging cloud service providers’ FaaS (Function-as-a-Service) services but also tapping into the various serverless offerings available. New serverless products are introduced every quarter in the industry, and it is important for enterprise users to understand the potential risks that may arise.
We’re also seeing things like “issue-free” architectures being used to gain more control over FaaS architectures across multiple CSPs. As control over these types of architectural decisions increases, new security approaches and models emerge.
- DevSecOps
More and more organizations are fully adopting Infrastructure as Code (IaC) to create fully autonomous cloud environments. From a security perspective, ensuring that the supply chain from code to production is protected and monitored is becoming a growing cloud security concern for enterprises. We are seeing the tools in this space begin to mature and new strategies are being implemented. For example, you can perform actions such as pre-validation of configuration and schema to ensure that your schema and code are compliant and secure before going into production. In 2022, we can expect to see more third-party tools and cloud-native services introduced to better support the entire supply chain.
- “Multi-cloud” surrounds edge computing
Multi-cloud strategies are here to stay—many enterprises are choosing the technology that best fits their platform, while also creating elastic architectures that leverage multiple cloud service providers. We will soon see the multi-cloud model mature along with multi-cloud security practices and tools. Additionally, we see “multi-cloud” encompassing edge computing, which will continue to expand to the factory floor, as well as branch offices and private data centers.
- Application and Architecture Integration
The lines between application developers and infrastructure engineers have become very blurred. Developers are creating cloud architectures based on the services they are trying to use, or creating new infrastructures from their codebases. Cross-functional teams started working together to think about how security could play a role in this new way of thinking.
- SaaS security heating up
Over the past year, we have seen a surge in cyberattacks leveraging SaaS platforms. Along with this growth, we have also seen the growth of SaaS security products and tools in response, such as SaaS Security Posture Management (SSPM) tools.
SSPM is helping organizations gain insight into their overall SaaS portfolio to ensure they maintain security visibility while maintaining compliance. In 2021, we will see more than a dozen SaaS platforms adopt SSPM tools, and in 2022, we will see more SaaS platforms adopt SSPM. Organizations are starting to create a stronger SaaS security program that can cover their entire portfolio, from cloud-based vendor onboarding and validation to monitoring and alerting for SaaS vendors in their ecosystem.
- Attribute-based access control –Dynamic Access Policy (ABAC)
ABAC utilizes tags to dynamically determine access rights. For example, if I have a label “project”, I can set a policy that grants permission if the value of the label “project” on the principal matches the value of the same label “project” on the target resource or environment. This is a strategy that supports scalability and reusability, simplifies administration, and improves privilege isolation. While many cloud service providers have yet to implement this new approach across all services (minimizing its utility), we can expect to see this new approach grow in adoption and support in the coming year.
As more and more organizations adopt work-from-home and hybrid environments and move workloads and data to the cloud, a security strategy for cloud infrastructure must be built in from the start. The cloud is an enabler of enterprise productivity, but it must follow security-first principles to minimize risk while increasing productivity.
- Cybersecurity awareness training automation
The overhead associated with administering security awareness training programs can be prohibitive for busy IT departments. And the costs associated with planning, developing, and managing a security awareness training program may mean that many businesses will choose to “lay flat” — not conducting security awareness training at all.
A cybersecurity awareness automation program provides an efficient and cost-effective way to start and run a security training program in terms of managing and defining security training tasks, and keep it running for the long term. Cloud computing is driving the automation of security awareness training, and this automation trend will also greatly reduce the “human vulnerability” in cloud security.
Automation scenarios for security training programs typically cover areas such as security posture intelligence, security awareness campaign planning, automated feedback and metrics, integrated automated phishing simulations, and more.
- Dark Web Monitoring
Private information leaked on the dark web attracts criminals who want to buy credit card numbers, stolen digital credentials and other personal and business information. The “goods” sold on the dark web also include: hacking as a service, ransomware kits and illegal goods such as counterfeit) ID cards, counterfeit money and drugs.
Dark web monitoring is the process of searching and tracking the dark web for whether or how business information has been leaked. The tools used to monitor the dark web are similar to search engines like Google, and these tools enable users to retrieve stolen or leaked sensitive information, leaked accounts and passwords, intellectual property, and other things that are shared and sold among criminals on the dark web sensitive data.
By monitoring the dark web, businesses can pinpoint whether they have been compromised or find any indicators of potential compromise, as well as understand who is launching an attack and what attack methods they are using. Armed with this information, businesses can develop measures to effectively respond to and mitigate threats.
Nine, DNS filtering
The telecommuting revolution catalyzed by the COVID-19 pandemic has created enormous security risks for businesses. DNS filtering is a critical system used to protect employees exposed outside corporate firewalls, helping them avoid dangerous websites and reduce the risk of attack.
DNS filtering directs all DNS queries to DNS resolvers, which can prevent users from accessing these websites by denying resolution to specific domains that are on a block list (blacklist).
Suppose an employee of a company receives a phishing email and is tricked into clicking a link to a malicious website. DNS filtering will send the URL to the company’s DNS resolution service before the employee’s computer loads the website. If the malicious site is blocked by the company In the list, DNS resolvers will block requests, preventing malicious websites from loading, thus preventing phishing attacks.
- Multi-factor authentication is a culture
Multi-factor authentication is another key defense used to protect company systems from hackers. With the widespread adoption of multiple cloud environments, some enterprise assets now exist outside traditional security perimeters. As business boundaries become increasingly blurred, trust has become a vulnerability.
Strong and effective multi-factor authentication enables a granular, responsive approach to security that is not easily compromised. Multi-factor authentication and zero-trust security are not only a set of technologies, but also a security culture that enterprises need to implement. Only by rising to the height and depth of culture, can the value of technology be truly exerted and enterprises can be kept away from cyber security threats.
