Businesses are now looking to focus more on optimising what they already have on the cloud rather than adding more
This is an exclusive interview conducted by the Editor Team of CIO News with Satyavathi Divadari, Head of Enterprise Security Architecture at OpenText
What are the trends in cloud computing in the post-pandemic area?
Trend 1: The cloud continues to be a major portion of the IT budget.
Organizations survived the pandemic for two long years and are now going through a surge of economic uncertainty and inflation pressures. While businesses may have spending constraints, the majority of investments are expected to be in cloud computing. As per Gartner, infrastructure-as-a-service (IaaS) has been forecasted to grow by 29.8% in 2023.
Trend 2: Cloud optimization overrides cloud adoption
Cloud adoption increased at a faster rate than expected during the pandemic, thus leading to cost inefficiencies and security lapses at multiple stages of cloud deployment. On the other hand, cyberattacks on the cloud are increasing rapidly while security budgets are going lower. To address these issues, businesses are now looking to focus more on optimising what they already have on the cloud rather than adding more. This results in organizations’ pushing towards cloud optimization and optimal use of security tools and resources.
What are the top cloud security threats to focus on in 2023?
The Cloud Security Alliance’s list of “Top Threats to Cloud Computing Pandemic Eleven” is as follows:
- Insufficient identity, credentials, access, and key management
- Insecure interfaces and APIs
- Misconfiguration and Inadequate Change Control
- Lack of cloud security architecture and strategy
- Insecure Software Development
- Unsecured Third-Party Resources
- System Vulnerabilities
- Accidental cloud data disclosure
- Misconfiguration and Exploitation of Serverless and Container Workloads
- Organized Crime/Hackers/APT
- Exfiltration of Data from Cloud Storage
For quick reference, here is a summary of the top three cloud security threats.
- Insufficient identity, credentials, access, and key management
Impersonation or identity with the increased threat landscape that includes the cloud and the hybrid workforce, thefts, replay attacks, and privilege escalation are on the rise. This directly connects to the other trend of zero-trust architecture.
- Insecure interfaces and APIs
Hyperscale digital transformation calls for faster integrations, which are directly related to APIs and microservices. There are very limited methods for securing them and complications with implementing them, thus leading to the weakest links in the application chain that could offer the workloads on a platter, once exploited.
- Misconfiguration and Inadequate Change Control
Configuration management, in general, has been at the top of the list of concerns for organisations for a long time. With the persistent network access and infinite availability of compute and storage resources, any misconfiguration could lead to a huge impact on the pocketbook as well as the organization.
What are the cyber security trends you forecast for 2023?
Trend 1: Increased security automation and use of AI and ML
Pandemic or otherwise, the cyber security team has been understaffed due to common challenges like talent shortages and skill gaps. Human capital has been further depleted as a result of budget cuts or cost optimization.
In contrast, cyber attackers are increasing in number, getting wiser every day, and inventing sharper tools with the highly scalable cloud, AI/ML technologies, and widely spread threat landscape.
To address this widespread gap between attackers and defenders, organisations are increasingly taking advantage of artificial intelligence to distil billions of threats into a handful of actionable security events. In addition, security automation for routine and repeatable operations is being developed in order to quickly analyse and respond to incidents with full or partial automatic response plans.
Trend 2: Zero-Trust Deployments to Address Hybrid Work and Digital Business
The rapid expansion of digital business operations and hybrid working models necessitates a minimum requirement for access to business resources at any time, from any location, by anyone. Traditional network-based trust enforcement will not suffice for borderless access. While different organisations are at different maturity levels, most are investing in the deployment of the Zero Trust Architecture model to enforce the concept of “trust no one, verify everyone.”
Also read: Technology leaders must keep themselves abreast of changes and trends
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
About us:
CIO News, a proprietary of Mercadeo, produces award-winning content and resources for IT leaders across any industry through print articles and recorded video interviews on topics in the technology sector such as Digital Transformation, Artificial Intelligence (AI), Machine Learning (ML), Cloud, Robotics, Cyber-security, Data, Analytics, SOC, SASE, among other technology topics
