Last week I posted the first of my five predictions for the future of cloud security. This week, I am focusing on a very interesting transformation that has already begun in the way that enterprises will implement and use cyber security technologies.
Enterprises will Favor Integrated Cloud Services vs. On-Premise Point Solutions
Today’s CISO is faced with an over-load of point products (NAC, IDS, IPS, Endpoint Security, Web Gateway, Next Generation Firewall and APT to name just a few) provided by a plethora of vendors. These products are typically deployed in some on-premise configuration and tend to be difficult, if not impossible, to integrate together – resulting in severe visibility limitations across the organization’s security posture. At best, the CISO gets to see individual pieces of the security puzzle – which is tantamount to flying blind through very dangerous territory. The CISO thus has no choice but to adopt a highly reactive security posture due to this lack of visibility and control.
The trend towards cloud-based security services will enable a fundamental shift towards true integration. Delivering security as a cloud-based integrated service enables truly integrated security policies to be defined and easily enforced, putting policy and control back in the forefront of the CISO’s arsenal. This shift will be of fundamental importance in delivering complete visibility across the organization’s security posture – something that simply isn’t possible with today’s piecemeal approach.
As I mentioned in last week’s prediction, as more of the applications and data that enterprises rely on is delivered by cloud-based services, and accessed through personal mobile devices, so the CISO has come to recognize that the traditional on-premise approach to security is no longer adequate. However, if the user’s identity, access rights and security privileges are defined and managed through a central cloud-based service, then the CISO instantly regains control over the enterprise’s critical data. The ONLY way to achieve this is with a policy-based, integrated, cloud-based service.
Ultimately the CISO will continue to demand best of breed solutions for his or her organization, and a move towards open APIs and integration frameworks will enable this to be achieved without today’s critical visibility compromises. Security vendors that are unable to deliver the entire service stack, or that choose to specialize in particular areas of functionality, will need to ensure that they can easily interoperate with these integration frameworks, or will ultimately face longer-term irrelevancy.
Not only are legacy on-premise products inadequate defense against today’s advanced and evolving threats, but CISOs resent their exorbitant total cost of ownership. JP Morgan Chase alone spends over $250 million per year on security! Obviously not ever enterprise is spending at this level, however the high cost of security is forcing the CISO to make risky trade-offs between coverage and budget. It has been said that the costs of deploying and maintaining on-premise technology is akin to an iceberg – not only does 80% of the true cost lie below the waterline, but it’s this “unseen” piece that can ultimately kill you. Costs such as buying, operating and updating hardware, software patches, upgrades and maintenance quickly add up to dwarf the costs of the underlying security software. Those costs go by the wayside in a fully cloud-based model, delivering total cost of ownership that can be 20% of the comparable legacy on-premise approach.
This shift to integrated cloud-based security services won’t happen overnight, and there will certainly be many organizations that choose to implement a hybrid cloud/on-premise model. However the fact remains that we will see a sharp shift towards cloud-delivered security services for a variety of reasons, and that cloud will quickly become the predominant way in which enterprises keep their critical infrastructure, data and people protected.
To learn more about iSheriff’s cloud services, please visit: https://www.isheriff.com/products. Also, don’t forget to check back next week for my 3rd prediction for the future of cloud security. I look forward to you joining the conversation!