Ava Chawla
Short bio about author here Lorem ipsum dolor sit amet consectetur. Vitae donec tincidunt elementum quam laoreet duis sit enim. Duis mattis velit sit leo diam.
Tags
Share this article
11/24/22
Published
1. Application-centric security
Many of today’s security discussions focus on compromised credentials, misconfigurations, and malicious or unintentional misuse of resources. Disruptive technologies from Cloud to smart devices and connected networks mean the attack surface is growing. Security conversations are increasingly expanding to include business-critical applications and their dependencies. Organizations are beginning to recognize that a failure to take an application-centric approach to security increases the potential for unidentified, unmitigated security gaps and vulnerabilities.
2. Portable, agile, API & automation driven enterprise architectures
Successful business innovation requires the ability to efficiently deploy new applications and make changes without impacting downstream elements. This means fast deployments, optimized use of IT resources, and application segmentation with modular components that can seamlessly communicate.
Container security is here to stay Containerization is a popular solution that reduces costs because containers are lightweight and contain no OS. Let's compare this to VMs, like containers, VMs allow the creation of isolated workspaces on a single machine. The OS is part of the VM and will communicate with the host through a hypervisor. With containers, the orchestration tool manages all the communication between the host OS and each container. Aside from the portability benefit of containers, they are also easily managed via APIs, which is ideal for modular, automation-driven enterprise architectures. The growth of containerized applications and automation will continue.
Lift and Shift left approach will thrive Many organizations have started digital transformation journeys that include lift and shift migrations to the Cloud. A lift and shift migration enables organizations to move quickly, however, the full benefits of cloud are not realized. Optimized cloud architectures have cloud automation mechanisms deployed such as serverless (i.e – AWS Lamda), auto-scaling, and infrastructure as code (IaC) (i.e – AWS Cloud Formation) services. Enterprises with lift and shift deployments will increasingly prioritize a re-platform and/or modernization of their cloud architectures with a focus on automation.
Terraform for IaC is the next step forward With hybrid cloud estates becoming increasingly common, Terraform-based IaC templates will increasingly become the framework of choice for managing and provisioning IT resources through machine-readable definition files. This is because Terraform, is cloud-agnostic, supporting all three major cloud service providers and can be used for on-premises infrastructure enabling a homogenous IaC solution across multi-cloud and on-premises.
3. Smart Connectivity & Predictive Technologies
The growth of connected devices and AI/ML has led to a trend toward predictive technologies. Predictive technologies go beyond isolated data analysis to enable intelligent decisions. At the heart of this are smart, connected devices working across networks whose combined data 1. enables intelligent data analytics and 2. provides the means to build the robust labeled data sets required for accurate ML (Machine Learning) algorithms.
4. Accelerated adoption of agentless, multi-cloud security solutions
Over 98% of organizations have elements of cloud across their networks. These organizations need robust cloud security but have yet to understand what that means. Most organizations are early in implementing cloud security guardrails and are challenged by the following:
Misunderstanding the CSP (Cloud Service Provider) shared responsibility model
Lack of visibility across multi-cloud networks
Missed cloud misconfigurations
Takeaways
Cloud security posture management platforms are the current go-to solution for attaining broad compliance and configuration visibility.
Cloud-Native Application Protection Platforms (CNAPP) are in their infancy.
CNAPP applies an integrated approach with workload protection and other elements.
CNAPP will emerge as the next iteration of must have cloud security platforms.