Public IaaS, in particular, is growing quickly even among small businesses. According to RightScale’s 2016 State of the Cloud report, 71% of small-to-midsize businesses are running at least one application in AWS or Azure. Unfortunately, as more businesses adopt these platforms, they also become a bigger target for criminal hackers, Nachreiner said.
“In the past, we’ve seen threat actors both infect servers running in public cloud services and, more recently, leverage these robust virtualisation platforms to build their attack infrastructure. In 2017, I expect to see attackers increasingly leverage public IaaS both as a potential attack surface and as a powerful platform to build their malware and attack networks. There’ll be at least one headline-generating cyberattack either targeting or launched from a public IaaS service next year,” Nachreiner said.
Provider measures
BigPanda’s security employees do not quite go along with that thinking, putting out this statement: customers need to not worry about the security behind cloud providers such as AWS, Azure and Google as these public cloud providers have better security practices than most companies’ internal applications.
Stan Black, CSO at Citrix, wonders if dependency on cloud providers will come back to haunt us. “The recent attack on Dyn is only a small example of what is on the horizon. I expect that major sources of cloud data and access management will be increasingly under attack,” he said.
Businesses will need to carefully review cloud provider contracts to ensure there is a process in place for data and access management throughout the data life cycle. For example, when business with your provider or another contractor is complete, what happens to that data or the contractor’s access to the data? Ask questions like, “How do you manage access? How do you deliver my data and how is it stored?” he added.
Diverse combinations
Milind Wagle, CIO at Equinix, said multi-cloud needs will keep infosec folks up at night. “2017 will be the year for existing corporate data centres to mature to a diverse combination of on-premises, collocated and cloud-based environments. This is further complicated by the heightened need to have a geographically distributed infrastructure to support a global customer and employee base. Responding to this trend, CIOs and CSOs will be challenged to not only construct the right multi-cloud architecture, but also to distribute, shape, service and secure it on an ongoing basis. The right interconnection strategy to connect to multiple cloud services is the only way to work towards the best cloud and customer experience,” Wagle said.
Glenn Weinstein, co-founder, senior vice president of global services and CISO at Appirio, said 2017 will increasingly see cloud migration as a risk mitigation strategy. Delegating industrial-strength security to major cloud providers such as Amazon and Google will be seen as safer, and more scalable, than continuing to invest in corporate network perimeter defence.
Roy Katmor, co-founder, CEO at enSilo, predicts that enterprise network security will shift to the cloud. Enterprises will be relieved to consolidate the distributed network security burden by redirecting corporate traffic and allowing cloud-based network security services to apply and manage the security policies. Just like other services that moved to the cloud decreased costs for customers, network security as a service will reduce the overhead cost of purchasing and maintaining multiple physical firewalls.
Back-up solutions
Appirio’s Weinstein continued by saying CISOs will implement measures to minimise security risks posed by desktop and laptop computers by lessening users’ dependence on them as storage devices. Workflows will be designed so that users find it easier to save data in the cloud versus their hard drives. More laptop vendors will follow the Chromebook example of treating the user-writeable portion of the hard drive entirely as short-term storage, to be erased between user sessions.
Paul Zeiter, president of Zerto, predicts that backup and disaster recovery (DR) will consolidate. “Customers will be able to get long-term archiving out of their DR solutions, which may render some backup solutions redundant. Many DR solutions, for example, have back-up-like features, including point in time recovery, which can even be more granular than traditional backup options, recovering from seconds — not hours — ago. If you can recover data from seconds before an attack, for up to 30 days, why would you defer to a 12-hour old back-up? Or in worse cases an even older one?
“Threats are on the increase, whether malicious, accidental or courtesy of Mother Nature, and data protection is an absolute must for business continuity. In 2017, with SLAs increasing, we predict that DR solutions will keep expanding their capabilities further and further into the backup space,” he said.
IDG News Service
Subscribers 0
Fans 0
Followers 0
Followers