As organizations large and small engage in migrating critical business operations and sensitive data out of the traditional on-premises data center, 2016 is shaping up to be a landmark year not only for cloud services providers but also for users seeking to maintain visibility and security in the process. As many organizations are finding in their migration efforts, traditional security paradigms don’t successfully translate to the cloud.
Security efforts must accelerate in the coming year because the attacks on cloud environments are becoming more automated and sophisticated every day, and the depth and breadth of these attacks will continue to increase as the value of data being stored in the cloud grows. I predict we’ll see innovation in cloud security software come to play in 2016 in four primary aspects.
1. Serverless frameworks
The emergence of serverless frameworks – things like Amazon Web Services (AWS) Lambda – mark the arrival of a code-PaaS (code-based Platform-as-a-Service), where organizations will no longer be required to manage an operating system, virtual machine or container (LXC, Docker, etc.).
This drastically changes the way security has to be approached because APIs will become an additional attack vector that most IT teams are not accustomed to configuring and defending.
2. Control plane
If organizations don’t get near-real-time alerting and incident response capabilities in place now, they will be repeatedly victimized by automated attacks through the control plane.
I believe one of the most advantageous cloud security innovations we’ll see in the coming year is that host and network-based security measures will migrate into the cloud’s control plane where the delivery of network events, host events and serverless-process events will come by way of APIs. These real-time “fire-hose” streams will be the future as opposed to the presence-based discovery methods most teams are used to from traditional in-line network and data center security solutions.
3. Continuous deployment (CI/CD) pipeline
One of the biggest security advancements next year is that security will become native to the continuous integration and continuous deployment (CI/CD) pipeline, enabling more organizations to adopt an agile, DevOps-friendly security operations practice.
Through these integrations, popular and widely used tools like Jenkins and others will be able to offer automated security validation and verification of new code as part of the quality-assurance step in the continuous deployment process.
4. Security vendor wars
The big security players have to get out of their seat and start delivering the next generation of security solutions for their customers that truly embrace cloud-based principles and realities, or else risk being disrupted by the more agile emerging competitors. In the cloud-security battlefield, we’ll see two major plays.
First, cloud-aware security solutions will start being delivered more readily by the established security solutions incumbents through acquisitions of smaller vendors or by innovation in current product offerings. Second, Microsoft’s Azure and AWS will be fiercely competing in the rush to attract and retain business by offering new and improved security features. They will focus their efforts on security capabilities that are geared to enhance aspects of the shared security model, enabling the customer to have greater control and visibility into their cloud.
Furthermore, feature parity will be achieved in the IaaS (Infrastructure-as-a-Service) space, and these two cloud services giants will be fighting over enterprises by offering them rich security capabilities through additional platform features and third-party offerings.
Tim Prendergast is founder and CEO of Evident.io. With well over two decades of pushing the limits of technology, Tim created Evident.io as the first security company focused solely on programmatic infrastructures (cloud). His prior experience includes leading technology teams at Adobe, Ingenuity, Ticketmaster and McAfee. He holds over 15 years’ security experience, including eight in AWS security experience and three years in the Adobe AWS infrastructure from inception to production. Follow Tim on LinkedIn and Twitter.