Securing Your Cloud Today and for the Next Decade – Trend Micro CloudSec 2020

The adoption of cloud solutions has become very crucial for companies – inevitable even – for their operations and systems as part of their journey towards digital transformation. In fact, organisations are already undergoing 10 years’ worth of digital transformation in just 10 months this year, according to Grace Yu, Alliance Manager, Trend Micro, as she formally opened the virtual CloudSec 2020 conference.

According to Grace, in terms of cloud adoption, there has been three main changes this year. Firstly, there has been a massive explosion of cloud-based videoconferencing apps, citing growths of up to 300 million users for providers like Zoom and Cisco Webex.

Secondly, cloud computing has now reached a tipping point, where for the first time in history, public cloud spending has surpassed traditional IT spending. “This year, public clouds grew up to 34% while traditional IT spending has fallen by 8%. We expect this trend to continue into the next few years”, she added.

Lastly, we are now seeing a watershed moment in business history, as 4 out of 5 top companies in 2020 based on market capitalisation are technology-based, which are leading the way for digital transformation. With that, Grace listed the three stages in cloud adoption: knowledge acquisition, gaining experience through the cloud and creativity stage where innovative ideas can be conceived and brought to fruition.

Continuing the discussion about cloud adoption, Steve Quane, Executive Vice President, Trend Micro, talked about the best practices in securing your cloud adoption. The first one is cloud migration, which according to Steve is the most common use case as many organisations are still at the stage where they are moving applications to the cloud to take advantage of its infrastructure and accessibility.

“The most important concept in defining a successful cloud migration use case is this concept. When working with development teams and more importantly DevOps function, we often hear this ‘How come I have to learn about security as DevOps but security doesn't have to learn about DevOps’?”, explained Steve.

He remarked that this is probably the biggest barrier to cloud migration success. Steve added that the most prominent topic when talking about DevOps in the cloud is automation, such as deploying Security-as-Code services where developers in Security Ops Team help translate policy and compliance needs.

As for the second use case, which is cloud-native infrastructure, Steve said that even if some companies are already in this stage, they should still adopt the concepts around security for DevOps in the cloud migration use case. This is to solidify their cloud security capabilities before jumping into more complex CI/CD in the cloud.

The last use case focuses on cloud operations where companies have used the cloud at scale and are starting to think about cost and architecture optimisation, which we will be seeing more in the next few years.

“We see a fair amount of customers spending up on cloud apps. Now, the last thing I want to talk about for best practices is really the balance between SecOps, DevOps and CloudOps. This can be automated all the way through the workflow, through services and now through the tools in the infrastructure”, Steve added.

Moreover, cloud adoption also enables generation and capture of more data, which translates to the needs in security, management and analytics. This has also signified a shift in building machine learning models that feed on data.

Talking about these and other top trends to watch in 2021 around the cloud, from the leading cloud services provider today, Amazon Web Services, is Sandy Carter, Vice President of AWS. “As we look at some of the trends, we see how the cloud is an enabler today and how it is really driving other technologies into the market. For example, we see a lot of uplifts right now from IoT and data”, said Sandy.

In fact, IDC says that the use of IoT has increased 400% since the start of COVID. Sandy added that data is the oil that feeds analytics, machine learning and artificial intelligence. With that, Sandy discussed several cloud trends underpinning these technologies.

  1. Security and Skills: Using the cloud means you will get a lot of agility in your business. Most of the organisation who have adopted the cloud thought that they were just going to get cost-savings features but now, some want to run their business in the cloud. This comes with more attention that needs to be paid to security, especially during these times where there has been a 400% spike in cyber attacks. As for companies looking for skilled people to utilise their cloud, Sandy said that they already have the people they need, saying that you need only train existing employees in reaching business goals sooner for less cost.

  2. Data, IoT and Analytics: “Today, companies, organisations, governments, states, countries all recognise that having the right data is essential to them. And so, we expect this trend to actually multiply in the coming years”, said Sandy. She added that because of the importance of data and its accelerated use during the pandemic, customers have to define a data strategy first before having machine learning capabilities.

  3. ML: Reinforcement Learning: After having security and skills and talking about the sources of data, the focus is about how the data is going to be used. For that, a lot of organisations right now are utilising machine learning strategies to gain insights and benefits with their data. Data models are also being used in reinforcement learning for dynamic business situations. Sandy explained that reinforcement learning is teaching a computer to learn the way we were taught to learn through observation, taking action and then potentially getting rewarded for the action that we took. “Reinforcement learning is popular because now you can put in the hands of every developer the power of machine learning”, added Sandy.

Concluding her session, Sandy listed some suggestions in futureproofing your organisations’ cloud adoption. First, you must always think that security is critical, and you should design security from the beginning.

Then, you should design your data platform for today and tomorrow – asking where your data is coming from and what plans should you have in place in capturing, managing and analysing it. Finally, you should utilise refined and accelerated decision-making through AI and ML, which are embedded in the business process and future trend capitalisation.

You might also like
Most comment
share us your thought

0 Comment Log in or register to post comments