Technology

The All-Consuming Cloud

Publisher
Published
Wireless technology abstract image
Credit: Blue Planet Studio / stock.adobe.com

By Andrew Plato

Cloud computing was the runaway winner for 2021. The COVID-19 pandemic accelerated digital transformation projects, resulting in whopping growth for the cloud service providers, like AWS, Azure, and Google. 

Cloud platforms are not only gobbling up new customers, but they are also consuming new markets. For example, AWS added over 200 new services in 2021, nearly doubling their catalog. Azure and Google had similar expansions as well. 

What is notable is that many of these new services are cybersecurity related. For example, Azure now offers Sentinel, a robust security incident and event management (SIEM) platform. This service competes directly with stand-alone SIEM products, such as Splunk or Sumo Logic. Google recently acquired Siemplify which offers similar capabilities.

Consuming markets is not a new thing for cloud providers. Ten years ago, setting up and maintaining an email server was a full-time job. Today, with Office 365 or Google, you can have enterprise-class email with strong security up and running in under an hour. 

Security is merely the latest market for the cloud to consume. While there are many reasons for the cloud to take on more security capabilities, perhaps the most compelling is the sheer complexity of cybersecurity today.

If you survey the current cybersecurity market, it is a vast, disparate universe of stand-alone tools, consultants, and services. Individually, these all have value. However, getting this menagerie to protect an enterprise from the perpetual onslaught of attacks is not merely difficult, it is profoundly difficult. Nearly every breach tells a similar story of security tools and teams that failed to protect data due to misconfiguration or mismanagement. 

Cloud providers are in a unique position to unify this universe of tools into native services. Cloud security services can not only reduce the complexity of security, but they can also accelerate deployment though automation, consistency, and standardization. Moreover, these tools are already included with your cloud subscription, eliminating the need to assess, select, and procure stand-alone products. 

This change is already in motion, and it will have significant impact on the cybersecurity market: 

  • The market for stand-alone security products will not disappear, but rather migrate toward smaller businesses and laggard industries that are slow to adopt the cloud. 
  • The demand for in-house security expertise will shift from engineers who can configure tools, to analysts who can make sense out of the data coming from cloud services.
  • There will be increased demand for solution providers who can repackage cloud automations into simplified, pre-built environments. 
  • To remain relevant, managed security providers (MSSP) must also adopt these cloud tools and a cloud-centric model. 
  • Hardware security products must refocus on zero-trust architectures and tight integration with cloud services.
  • Compliance will be devalued. With increased automation and standardization, building, certifying, and maintaining compliance will become easier thus decreasing the influence of consultants and auditors. 
  • Multi-cloud will become more difficult as cloud providers create more avenues for lock-in. This will consequently augment the demand for third-party integrators and software that can overcome lock-in.
  • Attacks and ransomware will remain steady but shift focus to “softer” targets such as laptops and IoT devices.
  • Cloud providers will make increased use of AI technologies to make security monitoring more effective. 
  • Automation will impact remediation efforts as well. Cleaning up an intrusion will no longer require expensive engagements with outside consultants. Rather, automation tools will gather evidence, wipe out affected systems, and rebuild from known-good repositories.

Conclusion

As technologies and markets mature, there is a natural progression toward standardization. Standardization enables scale through increased interoperability. The cybersecurity market is not immune from these forces. The cloud has been consuming compute functionality for a decade. Security is merely the next frontier for them to consume. This change will ultimately improve computer and data security. Moreover, stand-alone security vendors can thrive in this new order, provided they can fully embrace the cloud and its all-consuming nature.

The views and opinions expressed herein are the views and opinions of the author and do not necessarily reflect those of Nasdaq, Inc.

Other Topics

Cloud Computing