• Spending on cloud security is expected to grow 24% in 2024, making it the highest growth of all segments in global security and risk management market.
• CISOs need to look to emerging technologies in cloud security to align with the rest of the enterprise.
• More than 70% of enterprises will use industry cloud platforms to accelerate their business initiatives by 2027, up from less than 15% in 2023.

In today’s rapidly evolving digital landscape, organisations face increasing challenges in safeguarding their valuable data, applications, and infrastructure services from a myriad of potential threats.

Lawrence Pingree, Vice President Analyst at Gartner, said the vulnerability of these assets is heightened by their exposure to various risks, including insider threats and data breaches, particularly with the expanding use of cloud technologies.

“Organisations need to ramp up their investments in technology to bolster their defenses against these escalating threats. Cloud security technologies play a pivotal role in ensuring the protection of data through a range of functionalities such as authentication, authorisation, encryption, workload security, and access controls within both public and private cloud environments.”

New avenues for malicious attacks

According to Gartner’s projections, spending on cloud security is poised to surge by 24 per cent in 2024, marking the highest growth rate across all segments in the global security and risk management market.

The surge in investment is deemed necessary to counter the growing array of vulnerabilities unearthed by the pervasive adoption of cloud services, which present new avenues for malicious attacks.

Gartner’s foresight suggests that by 2027, investigations surrounding cloud and third-party infrastructure incidents will dominate reported cases, underscoring the urgency for Chief Information Security Officers (CISOs) to realign their security management strategies.

“CISOs are advised to leverage emerging technologies in cloud security to fortify their defenses, focusing on enhancing threat resilience, data integrity, security, and runtime isolation to mitigate evolving risks effectively,” Pingree said.

The data indicates that over 70 per cent of enterprises are projected to leverage industry cloud platforms to drive their business initiatives by 2027, showcasing a substantial uptick from the figures recorded in previous years.

Vulnerability posed by containerisation

By embracing innovative technological approaches and staying attuned to the latest trends in cloud security, Pingree said that CISOs can proactively shield their data and applications from dynamic threats, ensuring the sustained security of their cloud infrastructure.

One key area of concern highlighted by Pingree is the vulnerability posed by containerisation technologies in cloud environments, which can potentially expose sensitive information to exploitation by threat actors.

Consequently, there is a growing emphasis on investing in solutions like cloud-native application performance platforms (CNAPP), which offer comprehensive capabilities spanning threat detection, visibility, control, posture management, software analysis, and workload security.

By harnessing CNAPP tools, Pingree said that organisations can enhance the efficiency of their code deployment processes while concurrently bolstering the security posture of their cloud infrastructure, thus thwarting threats emanating from the cloud runtime environments.

AI configuration monitoring

Moreover, the integration of AI-focused cloud security measures, such as AI configuration monitoring, presents a promising frontier in security enhancement efforts, particularly in regulated industries like government, finance, and healthcare, where security and trust mandates reign paramount.

AI configuration monitoring embodies a suite of nascent security technologies aimed at intensifying the surveillance of security policy configurations, serving as a seamless extension of posture control, security management, and operational oversight for AI- and ML-centric cloud, identity, and infrastructure technologies.

Though the trajectory of AI-focused security measures remains uncertain, forward-thinking CISOs are encouraged to factor these technologies into their long-term security blueprints to navigate the increasingly complex threat landscape effectively.

Related Posts:

• Cybersecurity should be treated as a “business investment”
• CIOs geared up for AI but their organisations aren’t
• One in three firms that paid ransom still could not recover data