The biggest public cloud providers aim to be more secure

Apr 14

When cybersecurity company Mandiant announced in early March that it had entered into a definitive agreement to be acquired by Google in a transaction valued at about $5.4 billion, it marked the latest sign that security expertise and capabilities have become critical for effective cloud service operations. Nataraj Nagaratnam, CTO of Cloud Security at IBM, says that the sophisticated and complex architectures of today's applications have led to modernization of cloud security by both enterprises and cloud providers.

All three of the biggest public cloud providers, Amazon Web Services (AWS), Microsoft Azure and Google Cloud, have made acquisitions in the cybersecurity space over the past year and it’s quite possible others will follow as these companies look to shore up their data protection efforts.

Google Cloud

Mandiant, which will become part of Google Cloud at the close of the acquisition, provides threat intelligence services and its more than 600 consultants respond to thousands of security breaches each year. It leverages research from more than 300 intelligence analysts to help organizations defend against threats.

Google Cloud has been building cloud-native security into the foundation of its technology as it tries to block threats such as malware, phishing attempts and other cybersecurity attacks. The company says the acquisition of Mandiant underscores its commitment to advancing its security offerings to better protect and advise customers for both on-premises and cloud environments.

Azure

Microsoft made two key acquisitions of its own in 2021 to bolster the security of its Azure cloud service. First, it acquired CloudKnox Security, a provider of cloud infrastructure entitlement management (CIEM) technology, as part of an effort to offer unified privileged access and cloud entitlement management to customers across their multi-cloud and hybrid cloud environments.

Another key security acquisition for Microsoft was RiskIQ, a provider of threat intelligence and attack surface management. The company’s offerings are designed to help organizations assess the security of their entire attack surface, including cloud services from Microsoft, AWS and other clouds, as well as on-premises and supply chain systems. They can identify and remediate vulnerable IT components before attackers can capitalize on them.

AWS

AWS, for its part, acquired Wickr, a company that offers an encrypted messaging platform used by companies and government agencies. The deal, terms of which were not disclosed, gives AWS advanced security features for messaging, voice and video calling, file sharing, and collaboration.

All of these transactions make sense, given the ongoing growth of the cloud and the increase in cyber threats. Research firm Gartner has said the pandemic and the surge in digital services are making cloud services the “centerpiece of new digital experiences.”

Public cloud spending worldwide increased by 23% in 2021, driven by increased digital services to replace person-to-person services and the migration of existing IT assets to the cloud to enable better availability, says Peter Firstbrook, research vice president at Gartner.

Examples of how companies are leveraging the cloud include increasing robotic processing automation (RPA) for service and support, adding new cloud storefronts, migrating existing services to the cloud to support newly remote workers, and using collaboration tools and desktop as a service. Most of these migrations were already happening, but the pandemic accelerated the migration to cloud in many organizations.

The firm predicts that global cloud revenue will total $474 billion this year, up from $408 billion in 2021. Gartner analysts estimate that cloud revenue will surpass non-cloud revenue for relevant enterprise IT markets over the next few years. By 2025, the firm predicts more than 95% of new digital workloads will be deployed on cloud-native platforms, up from just 30% in 2021.

In a newly released report identifying the top security and risk management trends for 2022, the firm notes that organizations worldwide are facing sophisticated ransomware, attacks on digital supply chains and deeply embedded vulnerabilities. If your organization wants to implement DevSecOps and best practices in cloud security, contact us by clicking on the button below.

Source: cnbc.com, gartner.com, digitalanarchist.com