The cloud infrastructure has witnessed a significant growth in recent years and its popularity can be attributed to the on-demand services, scalability and flexibility, and the cost effective solutions it offers to organizations. The global cloud security market is expected to reach $13.93 billion by 2024, according to Grand View Research.
Global cloud security market, by application, 2014-2024 (million)
In addition to the tussle between public and private cloud the emergence of hybrid cloud has given cloud users numerous different platforms and frameworks to choose from. As the adoption of cloud reaches new levels, the security issues concerning cloud users and vendors have come to the forefront.
“The expected growth in cloud security is a reflection of demand for solutions that protect data as it moves beyond the network perimeter. Regulatory compliance has come to the forefront as a critical component for organizations that want to deploy cloud apps,” said Anurag Kahol, CTO at Bitglass.
Key findings from the report suggest:
- As an increasing number of organizations adopt cloud cyber-attacks and data breaches have increased dramatically with highly sophisticated attacks targeted at confidential data. Last two years have seen many high level data breaches such as the attack on Ashley Madison, Home Depot, Anthem and even some security providers such as Kaspersky Labs.
- Cloud computing has been erasing traditional geographic boundaries with its world wide spread but the changing cloud regulations and government roles may complicate the market. While some countries such as Germany are opting for greater data privacy, other countries are striving for greater visibility in the internet traffic (such as U.S. and France).
- The cloud security is also affected by industry specific regulations such as Health Insurance Portability and Accountability Act of 1996 (HIPPA) for healthcare, Payment Card Industry Data Security Standard (PCI DSS) for financial sector as well as international laws like Safe Harbor Act and European Union Data Protection Directive.
- CA Technologies Inc., Cisco Systems, Fortinet Inc., IBM Corp., Intel Corp., TrendMicro, VMware and Symantec Corp. some of the major industry players in this domain. Other key vendors include BMC Software, Bitium Inc., CloudPassage, Netskope, SkyHigh Networks Inc., Snoopwall Inc., Sophos, and Whitehat Virtual Technologies.
- Key industry players such as CA Technologies, TrendMicro, Symantec Corp., Intel Corp. and IBM Corp. use technological alliances, partnerships and collaborations with other industry players to maintain market competencies.
Reduce cloud complexity
We’ve asked Hari Srinivasan, Director of Product Management for Cloud Platforms, Qualys, to take a look at the report, and below is his opinion.
The new report by GrandView Research emphasizes the growing emergence of enterprises with assets in a ‘hybrid-cloud’ state as they migrate workloads between various different public and private cloud platform options. We find that many of the companies we talk to think that security completely changes in the cloud, but securing those assets isn’t fundamentally much different. You still need the same set of security solutions used to secure on-premises IT, but there are three main cloud-specific concerns for these companies to address in order to reduce the complexity of cloud security.
First, some companies can underestimate the added complexity of maintaining their end of a shared security responsibility model for workloads deployed across different clouds. Infosec teams tasked with assessing priorities to secure data and infrastructure across AWS, Azure, Google and private cloud workloads can get bogged down by comparing scans from different security solutions for each platform.
Second, as companies move to the cloud, they need to be able to provide security visibility to a broader range of stakeholders than ever before. This means deploying security in a way that provides multiple forms of visibility spanning multiple platforms for a range of constituents, from a single-pane executive dashboards for the CISO to automated API-based data for DevOps.
Finally, as companies leverage the cloud to embark on further digital transformation, the sheer scale of elastic workloads powering all those services can become cumbersome without scalable tools that can help manage asset discovery and tracking, internal asset scanning and application protection as well as external perimeter scanning across multiple platforms.
We find companies that can reduce these elements of security complexity by choosing cloud-centric security solutions will thrive on their journey to the cloud.