Over the last few years there has been significant security improvements in public clouds. For example, AWS now offers transparent data encryption, key management and secure compute features. Unfortunately, even with the advances in public cloud computing, organizations like financial institutions have been unable to leverage these services because many analysts work in secure facilities that have no Internet access.
One of the most significant new opportunities for public cloud is the processing and storage of regulated data. Until recently the idea was deemed heretical, mainly due to regulatory, compliance costs and the difficulty in interlocking physical and virtual security controls. That has changed due to a recent Vidder project for a public financial services firm with more than $10B in assets.
Let’s face it. The current security stack of firewalls amalgamated with a dozen other security products has been rendered irrelevant by advanced cyberthreats, from predatory malware to credential theft and man-in-the-middle attacks. And with certainty we can predict more attacks (and larger attacks) into increasingly sensitive apps and databases.
Malware has evolved to evade traditional security defenses and move laterally looking for vulnerabilities. It may even force a generational shift in security.