Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Cloud Security in 2016: Predictions from Security Leaders


Published on

Security leaders offer their predictions for how cloud security will evolve in 2016.

Published in: Technology
  • Be the first to comment

Cloud Security in 2016: Predictions from Security Leaders

  1. 1. Predictions from Security Leaders Cloud Security  in 2016
  2. 2. Encryption of data at rest will evolve to address the objects rather than where the objects are stored. As sensitive data moves between applications, some hosted on-premises and some in the cloud, blindly encrypting entire repositories of data will become unfeasible for business requirements. Companies will rely on automated, intelligent policy enforcement that encrypts only the most sensitive data to comply with security and regulatory requirements. Jim Routh, CSO
  3. 3. The return of end point security: new tools will examine behavior versus signatures. This new method will lead to faster detection without increasing the infrastructure requirements for these controls — many of which will be based in the cloud and allow for 24x7 coverage versus the 9 to 5 on your network for incident detection. Richard Rushing, CISO
  4. 4. The battle to keep data within the corporate perimeter will evolve into the challenge to allow data to travel securely wherever it is needed. IT security is under pressure to align with business initiatives. As companies gather data and transition to digital business models, security teams need to prioritize making data available for business units: on mobile devices, across departments, and within cloud-based applications. Departments who pull this off deliver a competitive advantage for their organization. Brian Lillie, CIO
  5. 5. There is still a challenge for some organizations with establishing trust between the cloud provider and organizations with confidential or proprietary information. Security is becoming better integrated into cloud services and is being highlighted as a feature of the standard services provided. Cloud providers will develop automated methods of obtaining data needed to support assurance. Additionally, encryption techniques and services are being developed to allow the needed separation of duties — paving the way for cloud adoption even for companies that have critical information. Mike Watson, CISO State of Virginia
  6. 6. In 2016, the biggest challenge for cloud-based companies will be to leverage privacy in their business models, as the Safe-Harbor invalidation by EU will trigger new incentives, not only for European companies, but globally. Digital trust will certainly be the most important trend and a business enabler if branded efficiently. Proactive data asset management is becoming fundamental, to keep real-time inventory of where, how and by which company corporate information is handled. Failing to do so is simply accepting the risk of data loss. Bruno Kerouanton, CISO Canton of Jura, Switzerland
  7. 7. As for my own predictions, I believe 2016 will usher in a new age in the cloud economy, which will bring a new set of challenges for companies. They will start to worry less about whether their cloud provider will be breached, and more about whether employee error or stolen passwords will lead to a breach. The majority of cloud incidents in 2016 will come from employee insiders, whether through error or malicious intent. Security budgets will adapt to reflect the maturity of cloud adoption, as companies pay off cloud security debt. According to Gartner, companies currently allocate just 3.8 percent of cloud spending to security, compared to 11 percent from overall IT budgets. Finally, I think 2016 will shutter the approach to simply block or eliminate cloud services. Risk to data in the cloud is contextual, and security policies will evolve accordingly. Rajiv Gupta, CEO