Facebook Twitter Instagram YouTube LinkedIn
    Facebook Twitter Instagram LinkedIn YouTube
    Trending
    • Rajiv Kulkarni Talks about the Malware Analysis Pipeline
    • IDS Alliance Raises Awareness of IAM Fundamentals with the ‘CISO Chronicles’
    • Building Digital Accessibility: AI Requires Human Oversight to Cut Down on Algorithmic Biases
    • BlackBerry Ivy: Enabling a New Age of Electric Secure Autonomous Vehicles
    • Security Automation Cuts Down Expenses and Saves Time for IT Teams
    • IBM Think 2022 – Embracing the Present, Preparing for the Future
    • A Game of Numbers: The Correlation Between Technology and Sports Betting
    • Software-based Enterprise Solutions for Navigating the “Too Much Information” Age
    TechSpective
    • RSS
    • Facebook
    • Twitter
    • Google+
    • LinkedIn
    • Instagram
    • Pinterest
    • Technology
      Featured
      March 1, 20216

      Could Home Study Be Better for Education? Using Technology to Craft a Better Tomorrow

      Recent
      May 20, 2022

      Building Digital Accessibility: AI Requires Human Oversight to Cut Down on Algorithmic Biases

      May 20, 2022

      BlackBerry Ivy: Enabling a New Age of Electric Secure Autonomous Vehicles

      May 15, 2022

      A Look At The Last Generation Of Internal Combustion Engines

    • Reviews
      Featured
      March 4, 20211

      Dell’s UltraSharp 40 – Improving Work and Workplaces with Monitor Innovations

      Recent
      April 7, 2022

      Dell’s Latitude 5430 Rugged – Redefining the Extremes of Mobile Computing

      October 12, 2021

      Innovating Home Video Conferencing: Dell’s New 27 Video Conferencing Monitor – S2722DZ

      September 22, 2021

      Review: Intrusion Shield

    • Podcasts
    • Security
      Featured
      March 7, 20212

      Pandemic Unmasks Vulnerability to Automated Bot Attacks

      Recent
      May 25, 2022

      Rajiv Kulkarni Talks about the Malware Analysis Pipeline

      May 23, 2022

      IDS Alliance Raises Awareness of IAM Fundamentals with the ‘CISO Chronicles’

      May 14, 2022

      Ransomware is Indiscriminatory – Prepare for Everything to Fail

    • Microsoft
      Featured
      September 12, 20201

      The Microsoft Surface Duo: The Communications Device for Those That Think Different

      Recent
      April 8, 2022

      AI and Why Windows 12 Could Be a Far Bigger Advance than Windows 95 Was

      October 11, 2021

      The Surface Laptop Studio: Building a Windows 11 Targeted Laptop

      August 28, 2021

      Why Microsoft’s Hardware Baseline for Windows 11 Is Important

    • News & Analysis
      Featured
      March 6, 20212

      Fixing The World One Person At A Time: Cisco Networking Academy

      Recent
      May 25, 2022

      Rajiv Kulkarni Talks about the Malware Analysis Pipeline

      May 20, 2022

      BlackBerry Ivy: Enabling a New Age of Electric Secure Autonomous Vehicles

      May 20, 2022

      IBM Think 2022 – Embracing the Present, Preparing for the Future

    • Business
      Featured
      March 6, 20212

      Fixing The World One Person At A Time: Cisco Networking Academy

      Recent
      May 20, 2022

      Building Digital Accessibility: AI Requires Human Oversight to Cut Down on Algorithmic Biases

      May 20, 2022

      Security Automation Cuts Down Expenses and Saves Time for IT Teams

      May 18, 2022

      Software-based Enterprise Solutions for Navigating the “Too Much Information” Age

    TechSpective
    You are at:Home»Business»Security»Cloud Security»Confronting Cloud Security Challenges in 2018
    cloud security
    Image from Pixabay

    Confronting Cloud Security Challenges in 2018

    1
    By Sanjay Kalra on December 30, 2017 Cloud Security, Cloud Service Provider, Machine Learning, Security

    Security and compliance are going to be hot topics next year as more and more organizations confront the challenges of the cloud. In 2018, a few major new regulations, such as the EU General Data Protection Regulation (GDPR) will start to swing the privacy pendulum towards better cloud security and more protections for consumers and end users.

    Here’s what that means for 2018:

    An accountability tipping point will change the calculus for custodians of sensitive private information

    High profile incidents in 2017 – Equifax, Uber, I’m looking at you – deeply shook the general public. In 2018, that angst will translate into action. Data custodians will be held to significantly higher data security standards. We’ll see more rigorous board and senior management oversight, with severe consequences for security malfeasance. More exacting regulations are already on the way – and they’ll continue to tighten fiduciary expectations and raise the penalties for non-compliance.

    Security risk management will change as a result. Executives will find it far more difficult to fob off blame to subordinates. Benchmarks for acceptable risk will change, and the approaches organizations take to manage that risk will change too. Which leads me to my second prediction:

    We’ll come to grips with the fact that perfect security isn’t possible

    In 2018, data custodians need to be better prepared for cloud breaches and their consequences. Due diligence on configurations, continuous auditing for security best practices, active monitoring, regular red team/blue team exercises, and response plans will be a big part of the security discussion in 2018.

    Spotting, fixing, and reporting breaches quickly makes post-breach press conferences far easier on the CEO. Therefore, expect reaction times to get much more attention. This focus on responsiveness, combined with the move to the cloud, will disrupt the IT status quo. Policy-centric perimeter security tools need lots of labor to stay effective and up to date.

    Those tools aren’t going away – but tolerance for their labor-intensive maintenance requirements is. The cloud magnifies the problem: DevOps and the drive for ever-faster service delivery velocity makes manual processes simply impossible. Which brings me to my third prediction:

    Security automation will get real

    DevOps and cloud computing may have started the automation party – but expect security to get in on the action in 2018. In the cloud, automation use cases will expand beyond DevOps to make compliance, detection and configuration management more systematic and robust. Automation will also expand to include incident detection, forensics, and visibility.

    Machine learning technologies will power successful automation solutions, and vendors with ML approaches will deliver significant value. Cloud security automation emerged as a theme in 2017 and it will become mainstream next year, with more and more organizations dramatically improving cloud security with automation in 2018. Complexity and the pace of change won’t slow down and there will be broad agreement that convention security tools aren’t right for the cloud.

    Cloud service providers (CSPs) will continue to take security – and security automation – seriously. In 2017, for example, Amazon quickly responded to the high risk of AWS misconfiguration and leaky S3 buckets with new services and toolings. In 2018, CSPs will increase their commitment to cloud security. Third-party vendors, working in concert with CSP-native security capabilities, will deliver powerful new solutions to automate and simplify operations across the entire security stack.

    Goodbye 2017!

    At Lacework, we believe that 2018 will be a watershed year in cloud security. After 2017’s string of shocking breaches, big changes are on the horizon. Risk calculations will shift towards a higher standard of care. IT practitioners will refocus on accountability and responsiveness. And, with any luck, that will translate into a less “eventful” 2018!

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleHow to Avoid Ending Up on Santa’s eCommerce Naughty List Next Year
    Next Article Do You Have the Most Up-to-Date Software for Your Business?
    Sanjay Kalra
    • Website

    Sanjay Kalra is co-founder and CPO at Lacework, leading the company’s product strategy, drawing on more than 20 years of success and innovation in the cloud, networking, analytics, and security industries. Prior to Lacework, Sanjay was GM of the Application Services Group at Guavus, where he guided the company to market leadership and a successful exit. Sanjay also served as Senior Director of Security Product Management for Juniper Networks, and spearheaded continued innovations in the company’s various security markets. Sanjay has also held senior positions at Cisco and ACC. He holds 12 patents in networking and security.

    Related Posts

    Security Automation Cuts Down Expenses and Saves Time for IT Teams

    How Security Testing Contributes to Enterprise Resilience

    Digital Identities Power All Your Daily Interactions: Here’s How Identity and Access Management Works for You

    Comments are closed.

    Site Sponsors
    Intel
    DevOps.com
    Adobe
    PopSpective
    • Technology
    • Popular
    • Top Reviews
    May 20, 2022

    Building Digital Accessibility: AI Requires Human Oversight to Cut Down on Algorithmic Biases

    May 20, 2022

    BlackBerry Ivy: Enabling a New Age of Electric Secure Autonomous Vehicles

    May 15, 2022

    A Look At The Last Generation Of Internal Combustion Engines

    9.0
    July 14, 2016

    Review: Lenovo Yoga 900S

    9.5
    March 2, 2015

    Review: Asus Zenbook UX305 ultrabook

    8.0
    February 9, 2015

    Review: Burg 12 smartwatch

    9.7
    November 16, 2018

    Review: BlackVue DR900S-2CH Vehicle Dash Cam

    9.5
    September 2, 2015

    Review: Microsoft Band

    May 27, 2014

    Protect your family photos with ScanMyPhotos

    Adobe
    Popular Posts
    9.0
    July 14, 2016

    Review: Lenovo Yoga 900S

    9.5
    March 2, 2015

    Review: Asus Zenbook UX305 ultrabook

    8.0
    February 9, 2015

    Review: Burg 12 smartwatch

    Coffee and Politics
    Adobe
    Adobe
    Adobe
    • RSS
    • Facebook
    • Twitter
    • Google+
    • LinkedIn
    • Instagram
    • Pinterest
    About

    TechSpective covers technology trends and breaking news in a meaningful way that brings value to the story, and provides you with information that is relevant to you. We offer in-depth reporting and long-form feature stories, as well as breaking news coverage, product reviews, and community content in plain English terms, and with a unique perspective on technology.

    PopSpective

    © 2020 Xpective, Inc.

    • About
    • Privacy
    • Advertise
    • Subscribe
    • Contact
    © 2021 Xpective, Inc.
    • About
    • Privacy
    • Advertise
    • Subscribe
    • Contact

    Type above and press Enter to search. Press Esc to cancel.