Written by Tim Mullahy

The cloud is constantly changing - both for better and for worse - as is its security landscape. Here are just a few of the big trends we'll see this year.

While some fear-mongers in the media might have you believe otherwise, the cloud is actually quite secure - in some cases, even moreso than traditional infrastructure. That isn't to say there aren't still challenges, mind you. The cloud's cybersecurity profile and threat landscape are constantly (and rapidly) changing.

New threats are constantly on the rise, with security experts constantly puzzling over new problems and challenges. Today, we're going to talk about just a few of the developments we can expect to see in 2018, for better and for worse.

Grazed from Check Point Software

Check Point Software Technologies Ltd., a leading provider of cyber-security solutions globally, has today announced the CloudGuard product family to protect enterprises from Gen V cyber attacks on cloud applications and infrastructure.  Check Point is also introducing CloudGuard SaaS protecting enterprises against cyber attacks on SaaS applications. CloudGuard is a part of the Check Point Infinity architecture, built on industry proven and award winning technologies to provide comprehensive Gen V cyber protection for the cloud.

Enterprise cloud adoption is accelerating, enabling greater business agility and efficiencies through both deployment of hybrid cloud infrastructures like Amazon Web Services, Microsft Azure and  VMWare NSX; and migration to cloud-based applications such as Microsoft Office365, Google G-Suite, Salesforce, Servicenow, Slack, Box, Dropbox, Egnyte and more.  There is also an increase in multi vector attacks on cloud workloads and cloud applications including malware, as well as increasing incidences of account hijacking.  According to Check Point research, half of all breaches of enterprise SaaS applications are the result of account hijacks.

The Cloud Security Alliance (CSA), the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today released the Quantum-Safe Security Awareness Survey Report. Conducted by CSA's Quantum Safe Security Working Group (QSS WG) the survey looks to assess the overall awareness and understanding of quantum security risk and is part of the group's larger effort to develop a future framework for addressing quantum computing threats.

"Within the next 10 to 15 years we can expect to see a cryptographically useful quantum computer," said Bruno Huttner, CSA QSS WG co-chair and product manager for the Quantum-Safe division of ID Quantique. "With this considerable breakthrough will come a significant threat to the security of public key cryptography and the associated challenges of securing the global digital communications infrastructure. This report is an important step in identifying potential areas of concern and so we can begin to lay the groundwork for security solutions."

CloudPassage, the leader in cloud and container workload security, today announced availability of their award-winning security automation platform Halo and the Server Secure cloud workload security solution on AWS Marketplace. Customers subscribing to Halo Server Secure on AWS Marketplace can now purchase it as part of the new AWS Enterprise Contract program. The Enterprise Contract program standardizes the contract between CloudPassage and the customer, helping them simplify their security budgeting and streamlining payment - CloudPassage Halo will simply appear as a line item on their AWS bill.

"Now AWS Marketplace customers can buy and deploy Halo Server Secure for high-performance cloud workload security in a highly predictable and cost effective way - via a single integrated AWS bill," said John Janetos, director, business development, CloudPassage. "As global enterprises rapidly embrace the cloud for mission-critical workloads and DevOps for application development, automated security that can operate at speed and scale is becoming a critical path. The AWS Marketplace helps eliminate protracted negotiations to make it easy for our customers to securely embrace the cloud."

Netwrix Corporation, provider of a visibility platform for user behavior analysis and risk mitigation in hybrid environments, released the 2018 Netwrix Cloud Security Report. The report identifies concerns that organizations have about cloud security, the threats they dealt with over the last year, and their plans for further cloud usage and security enhancements.

The 2018 Netwrix Cloud Security Report presents the results of our third annual survey, conducted in November 2017. The respondents represent 853 organizations of various sizes, industries and geographical locations. All organizations are public or hybrid cloud users.

The key findings include:

Grazed from Carbon Black

Cb ThreatSight leverages the PSC to provide customers with a managed threat hunting service, which simplifies alert management to prioritize and streamline the validation of important alerts. The service is staffed by top threat experts who keep constant watch over an organization's environment, alert teams to emerging threats, and provide access to critical security services when they are needed most.

As the global threat landscape accelerates, security teams often worry an attack will slip through. Compounding this issue is a scarcity of cybersecurity staffing and expertise. Many organizations, especially SMBs, lack dedicated security professionals to investigate and respond to the flood of alerts and attacks they face. Even skilled professionals miss important alerts in their own environments (or trending threats in the public realm) because they are so resource constrained.

With Cb ThreatSight, organizations can better understand context surrounding alerts, ensure the most important alerts are adequately addressed, and earn peace of mind, knowing they are protected by some of the world's best threat hunters.

Traditional business models and the delivery of services are changing as small and midsize businesses demand more from providers to meet evolving requirements and cloud needs. In order to rapidly deliver and strengthen security controls to workloads on the public cloud, Armor, an Amazon Web Services (AWS) Advanced Technology Partner, today announced the availability of the Armor Anywhere solution in AWS Marketplace with new consumption-based pricing and enhanced log management services. 

"The market for cloud-based security services is expected to total close to $9 billion by 2020. To us, this signals an increased dependence on cloud offerings and demand for additional security controls," said founder and CEO Chris Drake, Armor. "There now lies a unique opportunity to accelerate the delivery of additional security features to cloud, and AWS customers now have the ability to further increase the breadth of their security controls and prevent downtime with simple and immediate deployment of Armor Anywhere."

A10 Networks, a Secure Application Services company, today announced the A10 DDoS Protection Cloud, powered by Verisign, and the A10 Thunder 1040 TPS appliance offering advanced on-premise protection. With the availability of the latest A10 DDoS protection solutions, A10 delivers full spectrum enterprise protection to detect and mitigate distributed denial of service (DDoS) attacks.

A10 Networks' hybrid approach to DDoS defenses combines surgical precision on-premise protection with orchestrated cloud scrubbing, delivered in form factors and subscription models that are cost effective. Smart, scalable solutions from A10 to assist with protection against harmful DDoS attacks, helping to ensure availability of enterprise business services while protecting legitimate users on the network.

Unlike other cloud-based DDoS protection services, A10 DDoS Protection Cloud, which is powered by Verisign's cloud-based DDoS Protection Service, is based on legitimate traffic, so enterprises do not pay for the amount of traffic that attacks apply against their network. Traffic diversions, or "swings," to the cloud service are optimized by the on-premise Thunder TPS appliances. The Thunder TPS appliance employs machine learning, traffic profiling and intelligent policy escalation in order to reduce disruption on-premise and alert A10 when redirection to the cloud may be necessary.

The Cloud Standards Customer Council (CSCC), an end-user advocacy group dedicated to accelerating cloud's successful adoption, today published version 3.0 of its Security for Cloud Computing: Ten Steps to Ensure Success paper.

When considering a move to cloud computing, organizations must have a clear understanding of the potential security benefits and risks associated with cloud computing and be able to set realistic expectations with their cloud service providers. The heart of this guide is a list of ten steps designed to help decision-makers evaluate and compare security and privacy offerings from different cloud providers in key areas. The ten steps cover: