The seminal cloud computing event, AWS re:Invent is coming up and cybersecurity is likely to once again be front and center with Amazon, vendors, and customers all discussing best practices for securing cloud and hybrid cloud environments. At the same time, some cybersecurity vendors will be sharing how they leverage the agility and ubiquity of the cloud as a delivery platform to offer security-as-a-service.
Cloud delivered security makes perfect sense in the context of the outcomes customers require: improved threat detection and prevention, and a reduction in the operational cost to do so, especially given the acute shortage of cybersecurity resources. While some are still slowly walking their own journey the cloud, and others cite discomfort with their own “bread crumbs” (i.e., metadata) in a multi-tenant environment, the notable benefits of security-as-a-service are too compelling to ignore. These include:
- Expedited and Shared Threat Intelligence. Security vendors can employ cloud-resident sandbox technology to perform dynamic analysis in a wide variety of system configurations and can leverage auto-scaling to bring to bear compute cycles as needed. And such threat intel can be shared across all customers to expedite detection and response. Such a closed-loop sharing model leads to a collective defense situation in which all boats rise.
- Data Retention: Tiered storage allows for longer and flexible data retention, important for both incident response and compliance use cases.
- Cost Savings: A cloud-delivered management console eliminates the capital and operational expense associated with on-premises, customer-managed management servers.
- Self-service Efficiency: That cloud-based management console can also serve as a service portal for end-users and security pros alike.
- Innovation: While some security vendors offer options—on-premises or cloud—that means maintaining two code bases. Security- as-a-service allows software vendors to innovate more quickly and deliver new capabilities faster, goodness for all.
- Aligned Economics: It’s also worth noting that security-as-a-service typically means more flexible pricing models, including consumption-based so you can pay as you go and for what you need and have used, well aligned with the economics of the cloud.
- Services: And security-as-a-service is better positioned for managed and co-managed services.
A variety of vendors are now offering truly cloud-native “SaaS Squared” offerings including Veracode for code analysis to streamline incorporate application security into the software development process and Cybric for a platform that automates AppSec vulnerability checking at both the dev and test phases. Cloud infrastructure security monitoring vendor Threat Stack built its back-end as a cloud-native app and has delivered native integration with cloudy DevOps tools. Trend Micro offers a SaaS offering for its software-defined data center and hybrid cloud security offering, Deep Security, and Symantec rolled out SEP Cloud as part of its SEP 14 update. Other endpoint security vendors also employ the cloud as a delivery platform, including “next-gen” emerging market leaders Cylance, Crowdstrike, and Carbon Black. And CASB vendors such as Netskope and others employ a judicious use of the cloud to secure the use of popular cloud apps from Office 365 to Slack. This is just a partial list with many security vendors leveraging the cloud to provide the compelling benefits noted above.
In total, there are tremendous operational and efficacy benefits an organization can realize from security-as-a-service and it's the delivery model that should become the new normal. I look forward to hearing and learning more about this and other important cybersecurity topics at this year’s AWS re:Invent. I look also forward to seeing you there.