Priya PatelTLDR:
Cloud security predictions for 2024 include a retreat from the public cloud, a rise in SaaS risks, a shift towards API security strategies, and an identity crisis in the cloud. Many enterprises are revisiting their cloud strategies and considering a shift to self-managed architectures. The U.S. government is expected to push agencies towards private cloud to reduce the risk of cyberattacks. Cloud-native malware infections are rising, and organizations need to secure their entire cloud estate. Regulators will scrutinize multi-cloud strategies, and organizations will demand better visibility into their attack surface. SaaS breaches will be a major concern in 2024, and organizations need to address the lack of visibility and control over SaaS applications. API security strategies will be a priority, and organizations need to focus on API governance programs. Organizations are facing an identity crisis in the cloud and will move towards an “identity fabric” approach that integrates and enhances existing identity solutions. Threat hunting will expand to include both cloud and internal systems.
Key Points:
- Enterprises are reevaluating their cloud strategies and considering a shift to self-managed architectures.
- The U.S. government is expected to push agencies towards private cloud to reduce the risk of cyberattacks.
- Cloud-native malware infections are rising, and organizations need to secure their entire cloud estate.
- Regulators will scrutinize multi-cloud strategies, and organizations demand better visibility into their attack surface.
- SaaS breaches will be a major concern in 2024, and organizations need to address the lack of visibility and control over SaaS applications.
- API security strategies will be a priority, and organizations need to focus on API governance programs.
- Organizations are facing an identity crisis in the cloud and will move towards an “identity fabric” approach.
- Threat hunting will expand to include both cloud and internal systems.
Full Article:
Cloud security predictions for 2024 include a retreat from the public cloud, a whirlwind of new software-as-a-service (SaaS) risks and a shift from the rush to build application protocol interfaces (API) to mitigating associated risks.
Igor Volovich, vice president of compliance strategy at Qmulos, predicts that large enterprises will shift to more self-managed, self-hosted architectures, leading to a need for traditional security models and approaches. Kevin E. Greene, public sector CTO at OpenText Cybersecurity, expects the U.S. government to push agencies towards private cloud or hybrid cloud to reduce the attack surface and exposures with public cloud identity.
Cloud-native malware infections are on the rise, with attackers becoming more sophisticated. Elia Zaitsev, CTO at CrowdStrike, advises organizations to focus on securing their entire cloud estate to combat these threats. James Campbell, CEO and co-founder of Cado Security, suggests that organizations diversify their cloud portfolios to ensure resilience and data availability.
Marc Gaffan, CEO of IONIX, emphasizes the need for better visibility and insights into the complete attack surface, including both cloud and on-premises assets. Ariel Parnes, COO and co-founder of Mitiga, warns that SaaS breaches will be a major concern in 2024, as organizations increasingly rely on these applications and create blind spots in their environments.
Adam Gavish, CEO and co-founder of DoControl, highlights the expanding attack surface presented by SaaS applications and the need for organizations to assess and manage security controls for these applications. Guy Guzner, co-founder and CEO of Savvy, predicts that SaaS will democratize the IT department, leading to challenges in maintaining identity hygiene and ensuring security.
Nick Rago, Field CTO at Salt Security, argues that organizations need to focus not just on deploying API security tools, but on developing API security strategies and governance programs. Wes Gyure, director of identity and access management at IBM Security, suggests an “identity fabric” approach to deal with the complexity of disparate identity capabilities across different cloud services and applications.
Threat hunting will also expand to include a better understanding of how cloud and internal systems work together, according to Josh Lemon, director of managed detection and response team at Uptycs.
