Cloud technologies exploded in popularity in 2020 as organisations scrambled to respond to migrating workers and customers. But the cloud tools and migrations are creating a host of migration and security headaches, according to Trend Micro which says many organisations are unaware of the best practices required.
While public cloud spend has been growing steadily, vendor revenue for public cloud IT infrastructure jumped 47.8 per cent year over year in Q2 2020. Total public cloud spend hit $US14.1 billion and surpassing spend on non-cloud IT infrastructure for the first time, according to IDC, which put the boom down mostly to COVID related changes.
At Trend Micros’s annual CloudSec event, held virtually for the first time this year, company executives argued for a new approach to security to deal with the influx of cloud customers, many of which are sacrificing some of their traditional controls when they opt for cloud native infrastructure.
“Cloud native infrastructure is defined by containers, serverless, S3 buckets Azure Blobs, load balancers that you don’t own,” said Steve Quane, Trend Micro EVP of network defence and hybrid cloud security.
“The infrastructure that is cloud native to the cloud providers is becoming very very popular. So one of the big questions we have is: who chooses the security tool?”
In successful migrations, the decision is made by both DevOps and Security ops, Quane says. Conversely, in poor migrations there is typically poor communication between those teams, with the disconnect being the biggest barrier to successful migrations, according to Quane who oversees thousands of cloud migrations.
“What happens is, as we go up a stack and we bring more cloud native infrastructure into the equation, more and more tools get chosen, and at some point it becomes completely unmanageable.”
Without a cloud tool reduction, migrations end in “chaos” and an ultimately poor security posture, Quane says.
Trend Micro is warning many of the new arrivals to cloud that there has been a resurgence in ransomware, with attackers taking advantage of poor cloud security.
“We have had a crazy situation with ransomware,” Quane said. “We have had many many customers attacked by ransomware.
“And the tactics haven’t changed. However, [attackers] are much more effective than they were even three months ago so it has been a very busy three months.”
The attackers success comes from the increasing cloud targets, where organisations may not have fully utilised their security tools.
“Anywhere you can run code or store data in the cloud can be attacked by ransomware, and it is,” says Quane.
Most organisations don’t necessarily need new tools to fend off ransomware, according to Quane. Rather, he said it is usually the existing tools that must be appropriately configured.