Four trends shaping cloud security in 2023
As we move into the new year, cloud security continues to be an area of focus and concern for organizations of any size. Cloud security is of paramount importance when an organization is utilizing cloud infrastructure technologies, so we decided to get some insights from three leading hyperscalers: Amazon Web Services (AWS), Microsoft and Google.
We asked them each one question: What trends in cloud security do you see making an impact to your customers in 2023?
After studying their responses, we have compiled the following list of top four trends that we think will shape cloud security in the coming year:
1
Digital sovereignty continues to grow with data privacy concerns across geographic regions.
2
Malicious behavior within cloud and hybrid infrastructures will continue to be a growing problem.
3
The talent shortage will continue to drive automation and the use of machine learning.
4
Operational technology (OT) should be secured to protect data and used for extending data analytics.
Let’s take a detailed look at each of these.
The confluence of digital sovereignty and data privacy
As more organizations plan their journey to the cloud, more questions around data privacy and custody begin to come to the forefront of the security discussion. This is not a new discussion. It has been around data centers for years, as organizations from the public and private sectors began to use technology to store user and customer data. The US has industry-specific standards and processes for handling data privacy (such as HIPAA for healthcare), while Europe has GDPR to protect the personal information of individuals.
In addition to privacy, governments want to protect data from being exposed and decrypted during a seizure of information. This concern was amplified by laws enacted in countries that wanted the legal authority to seize information from local companies that are doing business internationally.
Initiating data sovereignty protects this data by containing it within a country’s geographic boundaries to protect user privacy as a fundamental human right, such as through GDPR. If legal compliance is necessary to hand over the data, its sovereignty and privacy is protected by encrypting all hosts, operating systems and data utilizing external third-party key management systems.
Some hyperscalers provide confidential computing systems with encrypted processors and memory chipsets. They also provide separation of duties by managing keys with hardware security module (HSM) key management solutions. These HSMs are then managed in the sovereign geographic jurisdiction, requiring additional legal requests to obtain cryptographic information.
Maintaining digital sovereignty and data privacy for users continues to be a growing concern and will be an emphasis in cloud security in 2023 and beyond.
Stephan Hadinger
Director, Head of Technology
Amazon Web Services (AWS)
“It is critical to give customers features and controls to encrypt data, whether in transit, at rest, or in memory. Organizations are looking for services supporting encryption, and more specifically for the ones with customer managed keys that are inaccessible to the cloud services provider. At AWS, we commit to continue to innovate and invest in additional controls for sovereignty and encryption features so that our customers can encrypt everything everywhere with encryption keys managed inside or outside the AWS Cloud.”
Malicious behavior in a hybrid world
There is no way to avoid malicious behavior. There will always be bad actors that want to either do harm or simply prove to someone that they can. As all our identities move online, these behaviors will continue to trend upward and require security personnel to stay one step ahead.
Organizations that have traditionally operated their own data centers are planning to make either a partial or full data center exit — but why would they want to do this, with malicious behavior continuously increasing? Simply put, they want to leverage hyperscaler scalability and compute capabilities for data analytics, AI and machine learning. It then becomes the security team’s responsibility to detect threats and malicious activity before any damage is done.
In most cases, traditional on-premises security controls do not transfer to cloud infrastructures. It requires a mix of controls for a hybrid infrastructure to protect both cloud and on-premises resources. As organizations move to expand their cloud footprint and become more cloud native, the use of cloud security controls will expand — many of which can be used to monitor and manage security posture on-premises and in other cloud providers.
This growth of cloud security controls for both cloud and on-premises infrastructures will continue to trend upwards in 2023.
Phil Venables
Chief Information Security Officer
Google Cloud
“Malicious behavior will get worse before it gets better – and investments in technological infrastructure will rise in response. The increased malicious activity we saw in 2022 is no surprise – and will only continue to grow in 2023. My outlook long-term is optimistic, but short-term pessimistic, and I expect organizational approaches in the coming year to continue to be more cautious, especially as public and private organizations are still figuring out how to contain the growing number of cyberthreats.
In 2023, we can expect to see increased investment in IT modernization, especially as malicious activity continues to rise in sophistication. With modernized IT environments, security will become a ’built-in’ element of infrastructures instead of an ’add-on’ – so even with short-term challenges, the long-term benefits of IT modernization are paramount and key to mitigating evolving cyber threats.”
Talent shortage — An enabler for automation
Rather than expanding, the workforce seems to be decreasing globally. This talent shortage is very apparent within cloud security and infrastructure. The combination of individuals leaving the workforce and rapidly changing technology has amplified the gap. Many organizations have attempted to offset these gaps by outsourcing talent through managed security service providers (MSSP). Unfortunately, many of these organizations are facing the same challenge in training and retaining talent.
One way to combat this issue is to invest in upskilling your current talent. This is an approach that organizations and MSSPs have taken over the past few years as cloud adoption accelerated. Another approach is to utilize more automation to minimize the dependency on a small group of individuals to protect an organization.
Implementing automation within your organization enables you to eliminate mundane and repetitive tasks. Automation can be used to detect and respond to threats by utilizing artificial intelligence and machine learning (AI/ML) to identify unusual user behavior. It can also be leveraged to deploy organizational standards and best practice security controls when deploying infrastructure to avoid misconfigurations that may create vulnerabilities.
Automation will continue to be used to address the talent shortage as more organizations move to cloud-native security controls and tools. Eliminating repetitive tasks and allowing personnel to focus on more complex attack investigations may have a positive impact on talent retention as well.
Samba Koita
CISSP
Sr. Technical Business Development Manager
Microsoft
“[The] talent shortage will remain a key concern for most organizations in 2023. Over the last few years, the focus has shifted from heavy implementation of prevention measures (Firewall, proxy, AV…) to additional investigation and remediation capabilities like XDR.
Still, security teams are overwhelmed with the number of alerts and incidents. As a result, security teams will need to rely more and more on automation. SIEM and XDR technologies will need to evolve and provide real time remediation and automatic attack disruption.”
Operational technology as a vulnerability and a business growth driver
We live in a connected world. Everyone has more Internet-connected devices in their house and office than they did ten, or even five, years ago. This operational technology (OT) continues to increase year-over-year. Ten years ago, who would have thought that your refrigerator could recognize that you need milk and order it from your local market?
About 15 years ago, we had concerns when printers began to be connected to networks, enabling us to scan to email and file servers. There were news reports about malicious attacks against these multi-function printers that enabled attackers to access and obtain sensitive information that had been printed.
Today, we have smart lightbulbs, thermostats and digital assistants in our homes and offices. This increase in connected OT collects data that can be used for good — like when a business wants to understand temperature variations in a manufacturing facility or ensure that a life-saving vaccine is being transported at a safe temperature. This is the positive side of how OT is being used.
Unfortunately, this data and the volume of data being collected is intriguing to attackers. Maintaining proper levels of security for these edge devices is a growing necessity of cloud and hybrid infrastructure security. Monitoring connections for malicious activity and utilizing a private connection from these devices to the cloud infrastructure will be a growing trend in the coming years.
Samba Koita
CISSP
Sr. Technical Business Development Manager
Microsoft
“Attacks targeting OT will be on the rise, so it’s critical to gain visibility not only on the industrial network but also discover IoT devices in the IT network like printers, coffee machine, aquariums …”
Opinions on the technologies that you see emerging in cloud security
The hyperscalers were asked a follow-up question about emerging technologies that could impact cloud security in 2023.
Stephan Hadinger
Director, Head of Technology
Amazon Web Services (AWS)
“At AWS, keeping our customers’ workloads secure and confidential, while helping them meet their privacy and data sovereignty requirements, is our highest priority.
Our approach to delivering on this pledge is to continue to make the AWS Cloud sovereign-by-design, more specifically including:
- Encrypting everything everywhere
- Confidential computing and preventing operator access
- Supporting external key store managed by Atos
We pledge to expand on features, accreditations, and contractual commitments to allow customers around the world to meet their digital sovereignty requirements without compromising on the capabilities, performance, innovation, and scale of the AWS Cloud.”
Samba Koita
CISSP
Sr. Technical Business Development Manager
Microsoft
“CIEM (cloud infrastructure entitlement management) and attack surface management (ASM) solution will be a priority. Implementing a least privilege approach in multicloud environments is challenging knowing that more than 10,000 unique permissions are available in could computing platforms like Azure, AWS and GCP. CIEM solutions will give the visibility on overprivileged identities (human or machine) based on the historical usage of each assigned permission.
ASM solutions continuously discover and map the digital attack surface and provide an external view on online infrastructure. This visibility enables security and IT teams to identify unknowns, prioritize risk, eliminate threats, and extend vulnerability and exposure control beyond the firewall.”
Phil Venables
Chief Information Security Officer
Google Cloud
“In a hybrid world, cloud will be de-facto environment for maximum security.
On-premises environments cannot maintain the same default level of security as cloud environments can in today’s hybrid world. The base security of the cloud, coupled with an organization’s protected configuration, will be stronger than what any on-prem environment can realistically offer. Cloud technology will continue to embrace simplicity across a highly complex security landscape, and become an abstraction generating machine for identifying, creating, and deploying simpler modes of operating securely and autonomically. Organizations will also reap more of the benefits of using software-defined infrastructure in the cloud, or even on-premises, to deliver the promise of controls-as-code. For businesses, tapping into the constant security updates the cloud provides will be like tapping into a global digital immune system that is constantly growing in strength.
In 2023, we’ll see more organizations across sectors transition to the cloud to support better security.”
Summary of upcoming trends in 2023
Whether you are attempting to maintain sovereignty of your data, protect your hybrid and edge infrastructure, or increase your level of automation, these hyperscalers are ready to assist. Leveraging their capabilities, Atos’s cloud and cybersecurity expertise and solutions to address these trends, you will be better poised to protect your organization in 2023 and beyond.
Share this article
About the authors
Dwayne Natwick
Dwayne is the Global Principal Cloud Security Tech Lead at Atos. He supports the cloud security portfolio for the technical capabilities, solution business plans and strategy for Atos, and leads cloud education for Microsoft and AWS.
He has served in many roles over a 30-year career in IT, including as a solution engineer and product manager. Dwayne is a Microsoft MVP, an ISC2 CISSP and 18x certified in multiple Azure and M365 security, data engineering, architecture, and administrator roles. He is the author of multiple books on security and is a Security Professional Community Manager for Packt publishing.
Follow or contact Dwayne
Stephan Hadinger
Director, Head of Technology, Amazon Web Services (AWS)
Stephan is the Head of Technology for AWS in France, he is responsible for implementing the AWS technology vision at the local level and enhancing the innovation on behalf of AWS French customers. He is an alumni of the Ecole polytechnique. Prior to joining Amazon, he worked in as Chief Architect for cloud computing and led several initiative on APIs, Security solutions and IT Infrastructure, both for B2B and B2C organizations.
Follow or contact Stephan
Phil Venables
Chief Information Security Officer, Google Cloud
Phil Venables is the Chief Information Security Officer at Google Cloud. Prior to joining Google Cloud, Phil was a Partner at Goldman Sachs where he held multiple roles over a long career, initially as their first Chief Information Security Officer, a role he held for 17 years. In subsequent roles he was Chief Risk Officer for the firm’s operational risks, an operating partner in their private equity business and a senior advisor to the firm’s clients and executive leadership on cybersecurity, technology risk, digital business risk, and operational resilience. In addition to this, Phil was a Board Director of Goldman Sachs Bank (USA).
Before Goldman Sachs, Phil held multiple Chief Information Security Officer as well as senior engineering roles across a range of finance, energy and technology companies.
Outside of Google, Phil is a member of the President’s Council of Advisors on Science and Technology, and serves on the boards of the NYU Tandon School of Engineering and the NYU Stern Business School Volatility and Risk Institute. He also serves on the Information Security and Privacy Advisory Board of NIST and is a member of the Council on Foreign Relations.
Phil earned a BSc (Hons) in Computer Science from the University of York and an MSc in Computation and Cryptography from the Queen’s College at Oxford University. He was awarded the designation of Chartered Engineer in 1995 and Chartered Scientist in 2002 and was elected a Fellow of the British Computer Society in 2005.
Follow or contact Phil
Samba Koita
CISSP
Sr. Technical Business Development Manager, Microsoft
Samba is a Technical Business strategy manager with a mission to help partners be successful with Microsoft’s security solutions. He is primarily responsible for developing the business for security incubation solutions (Defender for IOT, Entra Permission Management, Defender for TI & Defender for EASM, and Priva). Samba has been with Microsoft for five years, serving mostly as a Security Presales engineer. Prior to joining Microsoft, Samba was a Technical Sales Engineer in various organizations, including security vendors and system integrators.
Follow or contact Samba