2023 was an eventful year for cloud security. We saw multiple high-profile incidents, such as the discovery of a far-reaching zero-day vulnerability in the MOVEit file transfer server application and a rise in attackers targeting cloud credentials for lateral movement. Across the board, over half (58%) of companies experienced cloud-based phishing attacks in 2023, and 30% reported targeted attacks on their cloud infrastructure. There was also an increase in new attack tactics targeting DevOps pipelines and cloud storage solutions as threat actors continued “shifting left” earlier in the application lifecycle.
These insights underscore just how challenging it can be to protect complex multicloud environments. However, by taking a step back and examining some of the biggest cloud security trends from the past year, we can better evolve future protections to remain one step ahead of the latest adversarial tactics, techniques, and procedures.
Informed by the top trends of 2023, read on to learn how you can adapt your cloud security strategy in 2024.
3 key cloud security trends to monitor in 2024
1. Organizations are looking to consolidate security across the entire application lifecycle in the cloud. As more and more companies embrace a cloud-first approach, we’re seeing previously siloed capabilities like data security posture management, DevOps security posture management, external attack surface management, container security, and more get folded under a single cloud security umbrella.
As attackers “shift left” and target code vulnerabilities, it is critical to secure your application development from the start. In order to do that, organizations must integrate security into the DevOps process and enable security teams with increased visibility and policy management enforcement. Rather than trying to accomplish this with individual point solutions, many companies are instead prioritizing vendor consolidation in the form of cloud-native application protection platforms (CNAPPs). Forty percent of companies reported using a CNAPP in 2023, and a further 45% plan to implement one by the end of 2024.
This is because CNAPPs act as a unified command center where security and developer teams can review and implement security policies from one centralized dashboard. Not only does this help correlate and contextualize security signals across your entire cloud enterprise, but it also delivers more comprehensive protection from the earliest stages of application development to deployment and runtime. This capability is critical if organizations are to counter the ongoing “shift left” trend in cybersecurity.
2. Generative AI is emerging as a critical need in cloud security. AI also rose to prominence in 2023 and will likely continue to be a critical enabler of cloud security in 2024. One of its biggest advantages is that AI can quickly analyze and prioritize the thousands of security signals admins receive daily—helping teams get to a state of real-time threat detection and automated response.
Rather than having security admins sort through disparate alerts, which is time-consuming and can lead to critical missed signals, machine learning can be used to identify patterns in vast amounts of data, separate relevant signals from false security alerts, and prioritize alerts based on their potential impact on the organization. This allows security teams to focus their attention on remediation rather than getting bogged down in the flood of daily alerts.
New advancements in generative AI can also help upskill more junior security admins while creating efficiency and scale. For example, nearly half (46%) of companies reported lacking the required security expertise to implement DevSecOps in their cloud environment in 2023. When embedded as part of a CNAPP, generative AI can proactively suggest remediations and guide admins through incident response in accordance with the company’s pre-defined security policies.
3. CISOs face increasingly stringent compliance and risk disclosure requirements. Finally, 2023 saw a number of high-profile cases against cybersecurity executives. In May, Uber’s former CSO, Joseph Sullivan, was sentenced to three years of probation and fined $50,000 for his role in the 2016 coverup of the rideshare company’s data breach. More recently in November, the SEC filed a landmark lawsuit against SolarWinds and its CISO, Timothy Brown, for fraud and internal control failures related to the company’s 2020 cyberattack.
The SolarWinds case in particular marks a significant turning point in the way the federal government treats cybersecurity incidents, as it opens the door for companies to be held liable for cybersecurity-related misconduct just like they would for insider training or other serious financial crimes.
Moving into 2024, CISOs will continue to face increasingly stringent industry regulatory requirements and heightened media scrutiny alongside the already existing pressure of an understaffed workforce and tightening budgets. Many security leaders are looking to implement more robust compliance and governance controls without having to adopt a separate point solution. CNAPPs can help by acting as a centralized solution where security teams can continuously map their environments’ configurations to their required industry regulations. This also helps drive consistent security standards across all multicloud and hybrid environments while also providing comprehensive visibility and reporting for security admin teams.
When evaluating cloud security, consider a unified CNAPP solution
As CISOs evaluate their cloud security strategies in 2024, vendor consolidation is a top priority. CISOs want a holistic security solution that can deliver code-to-cloud protection across their entire cloud estate without needing to juggle the overhead that comes with managing multiple point solutions. By adopting a unified CNAPP solution that consolidates previously siloed security tools under one umbrella, companies gain two key benefits.
First, CNAPPs drive more holistic protections for your cloud applications and infrastructure by integrating insights across CSPM, cloud workload protection platforms (CWPPs), DevOps security, and cloud infrastructure entitlement management (CIEM). Not only does this deliver deeper, more contextualized security learnings, but it also allows companies to get to a place of proactive risk management in which they can map all potential attack paths across cloud-based applications, virtual machines, containers, data, cloud workloads, and more. From there, they can more easily identify future risks and remediate them before attackers have the chance to capitalize on the vulnerability. This is a significant step change in the way companies approach cloud security as it allows them to proactively understand their degree of risk across the entire cloud estate and respond accordingly
Secondly, CNAPPs act as a bridge between developer teams and security admins. Developers can use CNAPPs as a common dashboard to view the security policies they need to embed in their code. Some CNAPPs offer this as a bolt-on capability, however at Microsoft, this is done through native tool integrations with Github, Azure DevOps, and extended to GitLab as well. This ensures that developers can operate in their preferred tool of choice while still following security best practices. Likewise, security admins can use CNAPPs to embed security in the code from the start and to ensure all relevant policies are set and implemented following industry standards.
Defender for Cloud, Microsoft’s CNAPP solution, uses its leading threat intelligence and the scale of 65 trillion daily security signals to empower security teams with the latest insights. This ensures that security admins are equipped with the insights they need to identify current attack vectors and remediate them according to known best practices.
Ultimately, as CISOs look to evaluate their cloud security strategies in 2024, there are multiple important factors to consider. As the definition of cloud security grows more nuanced and granular, CISOs need an end-to-end solution that can deliver comprehensive, proactive protections from code to the cloud while also integrating critical capabilities like governance and compliance. They also need a streamlined way to take advantage of the latest advances in AI and machine learning to ensure security teams can move at the speed of attackers. The right unified CNAPP solution can help CISOs evolve their cloud security strategy to meet the most pressing needs of today.
To learn more, visit us here.