Cloud Security To Be A possible Greenfield Opportunity In Enterprise Infrastructure

Enterprise Security Magazine | Wednesday, January 26, 2022

Companies, especially those in legacy industries have been forced to adopt SaaS and cloud tools to stay competitive and agile with the advent of remote work.

FREMONT, CA: The use of modern SaaS platforms like ZZoom, Slack, and Salesforce is essential in ensuring that workers can collaborate from home efficiently. The biggest beneficiaries of this change are the public cloud hosting providers like AWS, Microsoft Azure and Google Cloud. While modern software tool usage has become easy due to the cloud providers, the shift to the cloud has led to big cybersecurity challenges. Cybersecurity for the cloud-first world is a paradigm shift from traditional, on-premise security. In the old-on premise stack, customers hosted their applications in their own data centres and had full control of their security, but when customers adopt public cloud providers, security responsibility gets divided between the cloud providers and the customers. Despite not having full control of data in the AWS data centre, security breaches become a customer's responsibility, if for example, someone stores data in the AWS data centre, the customer has to configure and manage the security policies. Likewise, the customers adopting the public cloud do not remain in charge of their security ; security concerns are the top barriers to cloud adoption. Moreover, cloud environments aren’t very easy to secure. Microservices are those, in which modern cloud customers often deploy; each component of an application is built independently of the other. In the cloud and microservices, there could be up to 10x more workloads than on-premise. This increased fragmentation and complexity leads to access control issues and increases the probability of errors, simply put, the surface area of the attack is larger and more complex when one deploys in the cloud.

There has been a big go-to-market inversion from the top-down to a bottom-up sales motion, where security buying decisions are becoming decentralized in the past few years. Traditional security products were sold to the CISO at large enterprises and such sales processes involved lengthy proofs-of-concept and negotiations and the Cisco made the buying decision for the rest of the organization. The shift to the cloud has created new opportunities for startups to disrupt the security industry entirely. Large on-premise-focused security incumbents like Palo Alto, Checkpoint and Fortinet alone have a combined market cap of over USD 100 billion.

Weekly Brief