3 cloud security trends to pay attention to in 2023
The changes to the cybersecurity market over the past 20 years is stunning, and 2023 is going to be no different as the industry continues to evolve and change.The attack surface has shifted dramatically in the last 20 years. In the early 2000s, intrusion detection was the newest technology, which drove a focus on securing the perimeter. Eventually, companies began moving their applications to the internet, so application security became a focus. Now, in the age of cloud computing, companies are moving data and workloads to the cloud at a record pace. So where does this leave us going into 2023?
Security leaders will want a one-stop-shop
Given the growth in the cloud market, CNAPP (Cloud Native Application Protection Platform) will continue to evolve, and more security leaders will look for solutions that provide a “one-stop shop” for their cloud security (i.e., tool consolidation). For those who haven’t heard of the CNAPP, it is an industry term that gained traction in 2022. CNAPP describes a platform approach to cloud security where multiple point tools are combined into a single platform. One of the more difficult parts of being a CISO is defining your security strategy and aligning the tools to help you achieve that strategy. When you look at the security vendor landscape, it’s enough to make any CISO’s head spin. That’s why vendor consolidation was a major priority for security leaders last year and will continue to be this year. More companies will adopt the CNAPP vision as a driving force for their security strategy. And on the vendor side, we will see them focus on how they align with some or all of the sub-categories.
Understanding your cloud will be more important than ever
As companies continue to move more data to the cloud, the focus will shift from just securing the cloud to understanding what data is stored in the cloud. The momentum over the last several years had been focused on cloud transformation—i.e., moving everything to the cloud as quickly as possible. The speed and lack of appropriate planning often left security teams scratching their heads as they tried to understand what was deployed and identify which deployments were configured in such a way that put the organization at risk.
Now, companies are starting to understand how to set up the guardrails, but are struggling with alerts and how to prioritize them in a time of resource shortages. One important prioritization method is by the impact of breach. For example, if you have a high alert affecting a database with PII, that would be higher than a database with only metadata. This year, to combat this problem, we will see a lot more growth in the Data Security Posture Management (DSPM) space. Understanding what data you have, where it is, and the external exposure of that data helps prioritize alerts. In the longer term, the DSPM space will likely mature into Data Detection and Response (DDR), which combines static scans of data security posture with actions based on the runtime monitoring of that data.
SaaS tools will merge
My final prediction is around the security of SaaS applications. Over the years, security practitioners have struggled to secure SaaS applications. Data Loss Prevention (DLP) and Cloud Application Security Broker (CASB) were introduced, but never really took off because there wasn’t an industry standard to define what that meant. Various vendors saw the market differently, so no standards materialized. But the problem still exists. It’s difficult to understand what data is in a SaaS tool, when it leaves the SaaS tool, and if the tool is ever properly configured in the first place—and it only gets harder as you add more tools. In 2023, these areas will begin to merge into a more mature vertical called SaaS Security Posture Management (SSPM). There are some existing SSPM solutions on the market, but the space will grow to support the ongoing need of tool consolidation and SaaS security.
Some additional trends to look out for: More companies will adopt SOC as a service offerings to offset SIEM and resource costs. AppSec is an area of the security industry that needs a reboot and we may see the beginning of that in 2023 as well.
The security industry is always changing, so it’s hard to know exactly where it will end up, but that’s what makes it interesting.