6 Predictions for Cloud Data Security in 2023
%20(1)%20(1).png)
It’s been a rough year for cloud data security. The tendency for cloud security to take a backseat to innovation isn’t new. But in the last 12 months, a spate of data breaches have shone an unflattering light on the challenges this creates. Will 2023 be the year that security catches up? How is the landscape likely to change in the coming year?
Let’s start by looking at the current state of play.
Flying Blind
In recent months, several high profile incidents have highlighted just how vulnerable cloud data stores can be – even for organizations that ostensibly understand cybersecurity and invest heavily in data protection.
Uber suffered two significant data breaches, both targeting its Amazon Web Services infrastructure. In September, Twitter’s former head of security testified before congress that “they don’t know what data they have, where it lives and where it came from and so, unsurprisingly, they can’t protect it.” Then, at the tail end of the year, LastPass – a company that ostensibly exists mostly in order to safely store user passwords – announced that its cloud storage had been breached, that user data was stolen, and that this had all happened several months earlier and had gone unnoticed.
The common thread is lack of visibility. No security program can provide 100% protection, but it’s harder to accept the idea that the world’s most advanced software companies have only a vague idea of what sensitive data they’re storing where, and only detect exfiltration months after it occurred. Each incident differs, but the nature of the public cloud – which makes it incredibly easy to spin up a new data store but incredibly hard for security teams to monitor the contents of that data store – is undoubtedly playing a role.
Enterprises won’t abandon the public cloud. But we are likely to see a heightened awareness of the risks and a movement towards better governance and monitoring over data assets.
How will this manifest in practice? Here are our 6 predictions for cloud data security in the coming year:
Prediction 1: The cloud as the main target
Cloud adoption is far past the point of no return. According to some estimates, 2022 was the first year in which more corporate data was stored in the cloud than on premises. Enterprises have invested heavily in sprawling cloud deployments; as macro conditions squeeze their bottom lines, they will seek to leverage these investments by using data and analytics to chase every last drop of operational efficiency.
It’s not hard to see how this means that more cloud services will be deployed away from the watchful eyes of centralized IT teams – especially as the latter are overworked and understaffed after recent layoffs. These data stores will be the prime target for ransomware and other cyber attacks. We will see more pure cloud attacks without an on-premise element.
Prediction 2: A spotlight on shadow data
The number of data stores used in a medium-to-large organization has grown dramatically. Enterprises have moved away from monolithic data warehouses towards data lake, data lakehouse, and data mesh architectures; business teams are under constant pressure to become more data-driven and make better use of the data they have access to. The result is that the same data can find itself on multiple databases for different purposes (e.g., Elasticsearch for log analytics and Snowflake for BI reporting). Copies proliferate between services, cloud providers, and local machines.
This trend is often referred to as ‘data democratization’ and undoubtedly has its upsides. But for security professionals, it represents a major headache – as the official data inventory fails to account for many instances of shadow datasets, each containing unknown quantities of sensitive information such as PII or access keys.
In 2023, we will see a greater effort to detect, catalog, and classify shadow data stores, and stricter enforcement of policies meant to prevent unauthorized copying of sensitive data. DSPM has a major role to play here.
Prediction 3: Shift from static to dynamic defense
When companies owned their database servers, they could install monitoring agents that would instantly detect unusual activity such as snapshots or exfiltration. But when the physical infrastructure is owned by the cloud provider, organizations are forced to make do with native solutions (which are often partial or prohibitively expensive). More often than not, they will forego real-time monitoring altogether and focus on strengthening their static security posture.
This reality cannot go on much longer. Businesses and their customers cannot accept situations such as the ones described above, where an organization’s most sensitive data assets are leaked, and the security team isn’t even aware of the breach until months later. In 2023 and the years to follow, we will see a shift towards adopting new solutions such as data detection and response to provide dynamic data loss prevention in the cloud.
Prediction 4: More rigid requirements for forensics
Alongside demand for more timely responses to data breach incidents, we will see a focus on forensics after an attack – understanding the vulnerabilities that attackers exploited to gain access, and having a complete view of the data that was compromised. Companies will want to prevent the reputational damage and potential legal liabilities of providing ‘evolving’ narratives in this regard, as was the case in the LastPass breach.
Hence, we are likely to see CEOs, boards, and regulators demand more detailed and accurate attack forensics – and accordingly, CISOs investing more resources into these areas.
Prediction 5: Emergence of dedicated cloud data security teams
Most business data is stored in the cloud and most cyberattacks target data. At the same time, new disciplines and technologies are rapidly emerging to cover the unique challenges associated with cloud data security. In other words, the field is becoming more mission critical and specialized. Hence, it is bound to become the purview of a specific team within the organization.
Cloud data security teams will need to possess a firm knowledge of security best practices and the latest technologies – as well as the relevant data engineering expertise. They will need to be familiar with the specific deployment and data pipelines in place in order to tackle security issues without jeopardizing critical data-driven processes.
Prediction 6: A new mindset for multi-cloud
As enterprises continue to explore multi-cloud and hybrid cloud deployments, security will need to become more than an afterthought. Containers and microservices make these architectures more viable, but monitoring data across clouds is an unsolved problem for most organizations.
When production workloads are moved between multiple public cloud environments, it becomes easy to lose track of data inventory, lineage, or permissions. The limitations of native solutions, which are tied to a specific cloud, become more apparent. This will force businesses to adopt new toolsets – and new mindsets – that are better suited for a world where data is in constant flux.
Better Security for Better Business
2022 has exposed many potential weaknesses when it comes to the ways businesses store sensitive data in the cloud. At the same time, the rapid innovation and scale that cloud services offer make them indispensable – and means they will play a pivotal role in most organizations’ data strategies.
We see 2023 as the year in which cloud data security matures – with businesses demanding better visibility, better forensics, and faster detection. The cybersecurity industry is tasked with delivering these solutions. If they succeed, companies will be able to continue leveraging cloud data and analytics, without jeopardizing themselves or their customers.
FAQs
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed consectetur do eiusmod tempor incididunt eiusmod.
