As cloud infrastructure and platform services proliferate in enterprise environments, confidence in the security of the cloud continues to grow, and “cloud-first” strategies are now common even among risk-averse organizations. Still face a lack of necessary skills and tools to ensure secure cloud deployments.
Numerous innovations and technologies are evolving to help organizations enhance their security posture across hybrid and multicloud deployments. Early adopters of these innovations will be the best positioned to deliver controlled, compliant and economical cloud strategies that help keep their organizations competitive in a cloud-first world.
Gartner has identified three innovation that will have a significant impact on the cloud security market in the next two to five years:
Cloud access security brokers (CASB)
End-user organizations need to secure the use of business-critical, cloud-delivered applications and infrastructure. They also need to secure the general internet to prevent threats to users, regardless of their location, and improve access to existing services while taking advantage of zero trust concepts.
Cloud access security brokers support these use cases by consolidating multiple types of security policy enforcement into one place, ensuring consistent visibility, compliance, data security and threat protection across all cloud services. .
CASB products are critical for governing and addressing security gaps in all types of organizations’ use of cloud services. Gartner anticipates that CASB technologies will have a transformational impact on the cloud security market in less than two years.
Secure Access Service Edge (SASE)
Secure Access Service Edge is defined as the convergence of multiple network and security-as-a-service capabilities, such as software-defined wide-area networks, secure web gateways, CASB, next-generation firewalls and zero-trust network access. SASE is delivered as a service and enables zero-trust access based on the identity of the device or entity, combined with real-time context and security and compliance policies.
Interest in and adoption of SASE has been rising in recent years, driven by enterprise digital business transformation: It increases visibility, agility, resilience and security, while also dramatically simplifying the delivery and operation of critical network and network security services.
SASE will transform the delivery of security in the next two to five years, and network and security vendors that can’t deliver a compelling SASE offering will lose significant market opportunities.
Cloud Security Posture Management (CSPM)
Assessing the secure and compliant configuration of a modern, dynamic and containerized cloud infrastructure environment is an increasingly complex task. Even simple misconfiguration issues represent significant and often unidentified risk. Compounding the problem is the speed and scale of modern cloud deployments.
CSPM offerings continuously manage cloud security posture by applying common frameworks, regulatory requirements and enterprise policies to proactively detect and assess cloud infrastructure risk. If risks are identified, remediation options, automated or human-driven, are provided.
CSPM market is growing and evolving rapidly and increasingly must extend functions into development using infrastructure-as-code scanning. Multiple mature offerings are now available from established vendors, while some hyperscale cloud service providers offer built-in CSPM capabilities suitable for single-cloud deployments.
Security leaders who can reorient their roles to become digital business transformation leaders embracing these innovations will be best positioned to help their organizations make controlled, compliant and economical use of the public cloud.