There Is No Cloud Security Market Segment
Yes, there are plenty of security solutions that protect cloud assets, but there is no cloud security segment in the Directory published in Security Yearbook 2020.
In 2019 I embarked on a project to categorize 2,337 vendors of security products. I had to open 2,000 web pages and wade through mountains of marketing jargon. My favorite vendors are the ones that say what they do on their splash page. “We sell network firewall appliances” would be a great example. What I usually find is something like: “We use state of the art AI and ML to protect our clients’ key digital assets.”
I started the project with what seemed an obvious assumption—that cloud security was a distinct category. I put cloud security at the same level as my other major categories:
- Network security
- Endpoint security
- Data security
- Identity and Access Management
- Governance Risk and Compliance
There are a few categories that deserve to be broken out separately because they are relatively new, they are of elevated importance, or they cross boundaries:
- Anti fraud
- Threat Intelligence
- Email security
So during the first pass of categorization I used cloud security as a separate category. Most “cloud security” vendors have pictures of cumulonimbus clouds on their websites, making it easy to identify them. It was during the final pass before going to press for the Directory that I realized there are actually two very separate categories of ‘cloud security’ vendors.
- Vendors that have security solutions for cloud deployments. These could be cloud network monitoring, alerting, logging, analysis, and blocking. Or they could be solutions for monitoring configurations and activity on VMs and containers.
- Vendors that deliver their solutions from the cloud. These vendors have broken away from on prem enterprise software and hardware models. They have dashboards delivered as web apps and at most deploy sensors or control points within the enterprise.
But the products in that first category, those that protect cloud deployments, invariably include data center deployments too. What data center these days is not virtualized, meaning standard configurations of commodity servers running a hyperviser to control VMs? (Well, a mainframe or PDP11 populated data center of course, but those are dying off). In other words a ‘cloud security’ vendor is really a general purpose security provider for modern computing infrastructures.
They may enforce policies across micro-segments (network security) or harden the VMs or containers against attack (endpoint security) or encrypt data in motion or at rest (data security). They may enforce access to cloud applications based on identity (IAM). In other words, all of the cloud security providers can be put into network, endpoint, data, or IAM, categories.
The second category of ‘cloud security vendors’ is just a way to consume security products as a service. The Gartner concept of Secure Access Service Edge (SASE, pronounced sassy) is merely a way to provide Unified Threat Management (UTM) in a distributed set of data centers. Hosting logs from the cloud, as most modern Security Information and Event Management (SIEM) product do, is not cloud security, it is just the logical way to do it.
Thus, I do not track ‘cloud security’ as a separate sector of the IT security industry. That is not to say that cloud security is not a separate discipline. Practitioners must understand cloud architectures and how to defend them. The Cloud Security Alliance, formed to promote best practices in cloud deployments, is still highly relevant. It’s sub-chapters around the world are valuable forums for security practitioners to meet and learn about these best practices. Cloud Security Architect is a perfectly legitimate job title.
The next time you are pitched by a cloud security product vendor, ask yourself what they really do. Are they a network security solution deployed from the cloud? Are they an endpoint solution for protecting containers from exploits?
This article originally appeared on forbes.com To read the full article and see the images, click here.
Nastel Technologies helps companies achieve flawless delivery of digital services powered by middleware. Nastel delivers Middleware Management, Monitoring, Tracking and Analytics to detect anomalies, accelerate decisions, and enable customers to constantly innovate. To answer business-centric questions and provide actionable guidance for decision-makers, Nastel’s Navigator X fuses:
- Advanced predictive anomaly detection, Bayesian Classification and other machine learning algorithms
- Raw information handling and analytics speed
- End-to-end business transaction tracking that spans technologies, tiers, and organizations
- Intuitive, easy-to-use data visualizations and dashboards
Nastel Technologies is the global leader in Integration Infrastructure Management (i2M). It helps companies achieve flawless delivery of digital services powered by integration infrastructure by delivering tools for Middleware Management, Monitoring, Tracking, and Analytics to detect anomalies, accelerate decisions, and enable customers to constantly innovate, to answer business-centric questions, and provide actionable guidance for decision-makers. It is particularly focused on IBM MQ, Apache Kafka, Solace, TIBCO EMS, ACE/IIB and also supports RabbitMQ, ActiveMQ, Blockchain, IOT, DataPower, MFT, IBM Cloud Pak for Integration and many more.
The Nastel i2M Platform provides:
- Secure self-service configuration management with auditing for governance & compliance
- Message management for Application Development, Test, & Support
- Real-time performance monitoring, alerting, and remediation
- Business transaction tracking and IT message tracing
- AIOps and APM
- Automation for CI/CD DevOps
- Analytics for root cause analysis & Management Information (MI)
- Integration with ITSM/SIEM solutions including ServiceNow, Splunk, & AppDynamics