The global pandemic has accelerated business transformation far past the cloud tipping point and uncovered severe and far-reaching implications for security teams, according to an Enterprise Strategy Group (ESG) survey of 500 IT and security personnel in North America and Europe.
The vast majority—90%—of organizations surveyed said they have increased their use of public cloud computing as a result of the global pandemic.
Rethinking Cloud Security
The report also indicated that, as organizations embrace public cloud apps and infrastructure, they need to rethink the tools, processes and people employed to secure the resulting expanded attack surface.
More than one-third (34%) of organizations surveyed said at least half of their applications and workloads reside in public cloud infrastructure today, and 81% of those surveyed said they have accelerated plans and timelines for public cloud computing in response to new requirements driven by the global COVID-19 pandemic.
Organizations are particularly active in moving security information and event management (SIEM) systems to the cloud, with the majority (85%) of organizations that rely on a SIEM SaaS provider having “lifted and shifted” on-premises SIEM to the cloud, or are in the process of adopting a cloud SIEM strategy.
“Cloud is different; it is much more dynamic and distributed than the on-premises data center world,” explained Douglas Murray, CEO at Valtix, a provider of cloud-native network security services. “The speed with which the cloud moves is also much faster. Organizations that have tried to port their existing on-premises-focused security tools to the cloud quickly realize the challenges.”
He noted organizations are increasingly turning to cloud-native platforms for network security and other domains, arguing only cloud-native platforms can keep up with the speed and complexity of the cloud and, ultimately, increase visibility and control with a more dynamic security model.
“The ESG report echoes what we hear on a daily basis from our customers,” Murray said. “With the move to the public cloud introducing more complexity and two-thirds of SOC teams not having confidence in cloud visibility, you’re getting close to reaching a tipping point.”
For John Morgan, CEO at Confluera, a provider of cloud cybersecurity detection and response solutions, there were a couple of statistics from the report he thought organizations should pay special attention to.
“The report says 43% of organizations have at least half of their security tools and controls deployed in the cloud,” he said. “While such percentage shows progress, it also demonstrates the gap between cloud deployments and security and that security continues to lag behind the organizations’ shift to the cloud.”
Transitioning to the Cloud
He said that statistic also demonstrates the state of transition many organizations are going through from on-premises to the cloud, and how such a major transition cannot happen overnight.
“Security solutions must be able to accommodate this transition for the long haul,” he said. “Businesses should be looking at tools designed to support the cloud, as well as simplifying threat detection and response to better utilize existing IT resources.”
Like Murray, Morgan said the growing levels of complexity in IT and security that cloud has fostered is something to which organizations need to be paying closer attention.
“The lack of familiarity with cloud security and challenges in moving existing security policies and controls are some of the common challenges organizations face,” he said. “With IT and security staff already spread thin with the recent barrage of ransomware and other attacks, adding the complexity of moving existing security solutions to the cloud can result in security exposure organizations cannot afford.”
The survey indicated that in addition to more complexity, the vast majority of organizations are dealing with an increase in security telemetry, with 80% of survey respondents agreeing cloud computing has led to an increase in the amount of security data to analyze.
This increase can easily overwhelm the SOC team or lead to performance and scalability issues with existing logging and analytics tools.
Brendan O’Connor, CEO and co-founder at AppOmni, said he thought IT workers specializing in security should shift their focus to supporting the new business model many enterprises are adopting.
“Some enterprises are shifting their business model to focus on virtual workforce, de-emphasizing the need to secure office networks. In other cases, offices are being eliminated altogether,” he said. “IT workers need to change their focus from traditional network security of a campus/office to application security of the work-anywhere model.”
O’Connor pointed out that, with employee location and devices in constant flux, organizations will rely on the consistency and security of cloud service applications.
“IT workers should look to the management and security of these SaaS applications as the new skills and technology to embrace,” he said.