With the rise of new usage and the arrival of IoT, security services need to evolve smartly, that is with the pace companie are taking to secure data in the cloud. While this may look a very complex challenge, software developers and security services providers have sensed the opportunity. As in all good gangster story, in the end, the customers win. There’s a whole transformation to go, first. But remember, “cloud” is “more”. In all kinds of sense.
Threats are growing with usage
It’s not just the cloud, it’s also people, behaviour, usage. Of course the intensive use of networks is leading to opening new doors for hackers to reach sensitive data. But they’re not the only risk as today everyone carries data with them (and we just made these data wearables). Just as innovation and technologies have become close friends of our daily lives, security tools and services want to do the same. Too intrusive? You draw the limit. Having multiple devices containing sensitive information goes with risks. This article from Explore B2B have been published more than a year ago, but even though technologies grew greatly since then, comments are still valid. They are even more valid now that the Internet Of Things starts to generate even more data-based usage, for end-users and enterprises. This is why Gartner calls for CISO to create an infrastructure flexible enough to support Internet-Connect objects. Forbes remind in following article that “The problem is compounded because mobile operating systems tend not to be updated in the same way as other computing platforms. It’s not as bad as industrial control systems, but almost.”This is a volume based question leading to flexibility. But it’s not the only one.
Threats are getting more complex
As well as technology again, cyber-attacks whether from the inside or the outside have developed new tools to threat us. Cloud has given technology a wide space to develop innovation, and this is also turning in hacker’s favor. If we don’t invest enough time and efforts to anticipate their attacks, we let them win the race. As IBM warns, “Approximately one in 500 PCs around the world is infected by banking malware. Using these networks of compromised PCs means that professional cyber criminals do not need to run “spear-phishing” campaigns in order to acquire login credentials for organisations that they are targeting.” The banking trojan malware has evolved over years and are now able to look for more user credentials. The rise of data also marks the rise of “dark data”, which is unlabelled data leaving companies at threat for security, reputation, opportunity costs, intelligence, legal and regulatory level. If data inventory isn’t properly done, together with ubiquitous encryption and retention policies, there is a risk internal data can convey more internal or external threats to security, as NetworkWorld explains. Learning to manage dark data can also lead to creating better information systems and security systems, and that’s the dynamic and learning attitude just needed to anticipate more threats.
A well identified opportunity
With the rise of network and applications that enable flexible use of data, providers have started to develop new flexible security tools, and these are clearly going mainstream. First because last year, Gartner already predicted that the Cyber Security Market would weigh $3.1 billion in 2015. Back at that time (cloud was only just taking off), (are is it still just taking off?), “A survey conducted by IDG Enterprise for Cloud Research 2013 shows that 49 percent of executive-level managers are still skeptical to move on to the cloud due to various reasons, the top 3 reasons being Security, Losing Control and Data Protection”, as explained in this article. So providers focused on top priorities for their customers. They developed flexible, scalable, dynamic cloud-enabled security services to enable top companies to move safely their data to the cloud (which they own as well, of course). The Security-As-A-Service era has begun, and providers are all very serious about it. First, because they have to. As ExploreB2B explains, security creates major concerns and myths which as a result prevents the cloud to properly develop, as some companies are still scared to lose control over security. Truth is, they might have even more control. Truth is, they might even have more security. They’re working with experts, aren’t they?
Transferring security expertise to the cloud
In the following video, Accenture explains how they answer flexibility, scalability and dynamism with intelligent cloud security platforms that adapt to all.
As they comment in this other article, “This kind of agility is more valuable than ever, given the rapid evolution of financial crime and the ever-increasing stringency of regulatory requirements.” Also, as Cisco points out, many companies still live with legacy-based infrastructure and security applications, certainly because migrating to new platforms and creating new security policies takes time and costs, as any transformation. So they in turn focus on “providing multi-layered protection with full visibility, contextual awareness, and dynamic controls to automatically assess threats, correlate intelligence, and optimize defenses to protect all networks against a comprehensive range of attacks”.
Creating More Solutions
And it’s not just Cisco and Accenture. Many providers are working to develop Next Generation Firewalls which have application awareness and deep packet inspection features that are needed to secure IoT type of new ecosystems. “By implementing clear, sound policies, using management platforms to manage employee devices and having a NGFW an organisation get the balance right between locking down systems and making employees miserable and unproductive, and allowing them to do their job using the latest tools without compromising the network.” The appeal of security needs also reached companies like CyberArk who is developing security applications for different layers of customers’ platforms so they can secure data more efficiently, as The Street reports.
Security has been a major concern for providers for years, and they are dedicating resources and knowledge to work on it, as Explore B2B mentions. In this other article, experts explains that basic safety procedures, such as checking terms and agreements with customers, reviewing security procedures of companies, talking directly with employees and encrypting files remain highly recommended in this new wave of opportunities brought by cloud security services. On top of this, dynamic and intelligent analytics over security data which is enabled by cloud will help security services to serve customers interest. Because usage will continue to evolve, data to raise, and security threats with them, as NFC and mobile payment spread shows.