Global cybersecurity leader Palo Alto Networks announced yesterday the success of the first Doha edition of ‘Cloud Security Summit – A More Secure Everywhere,’ to support Qatar’s vision of driving digital transformation and economic growth.
According to HE the Minister of Transport and Communications, Jassim Seif Ahmed al-Sulaiti, Qatar’s ICT market, which was estimated to be around $3.9bn in 2017, is expected to grow by 2.3% annually to reach $4.4bn in 2021.
Organisations in Qatar can enjoy the flexibility, innovation, and efficiency that public cloud platforms provide, and today cloud is seen as a business priority for decision-makers in Qatar.
Conversely, organisations understand that adopting public cloud services magnifies security risks and compliance challenges. The summit, now in its third year, provides an engaging platform for organisations in the region to discuss how to stay protected in the digital age.
Cloud experts and security professionals gathered for the one-day event to share their experiences to secure cloud transformation as companies digitalise services.
While there might be barriers to securely enabling cloud adoption, with the right approach, organisations can establish consistent security postures, protecting applications and data anywhere their users access them.
Executives from the American multinational cybersecurity company highlighted these key cloud trends to watch out for in 2019:
Account compromises increase in scale and velocity
Credential compromises are becoming more commonplace in the public cloud. When a root cloud account is compromised, it’s game over because the attacker gets full access to nearly everything in your cloud account. Organisations clearly need to enforce strong governance and access hygiene. They also must operate under the assumption that account compromises are inevitable. By abiding by a principle of assumed breach, organisations can focus on monitoring that detects and rapidly responds to suspicious user activities.
Containers are booming, but not secure by default
There’s no question that containers are rapidly gaining traction in the enterprise. According to Unit 42, which is Palo Alto Networks’ threat intelligence arm, one in three organisations use native or managed Kubernetes orchestration. Even with AWS, Azure, and Google doing much of the heavy lifting for managed container services, there is still security work for enterprise consumers of public cloud services to address. One area of extreme importance is network security, which is still very much relevant in the cloud. Unit 42 found that 46% of organisations permit traffic from any source to reach their Kubernetes pods, which is definitely not good practice.
Public cloud security standards, benchmarks will go mainstream
Security teams used to spend months grappling with writing cloud security standards. Last year, the Centre for Internet Security (CIS) completed security benchmarks for all major public cloud infrastructure platforms. This will save cybersecurity teams from the drudgery of starting from scratch and constant maintenance as cloud providers constantly release new features. Although there is no silver bullet for cloud security, the CIS benchmarks can serve as a strong foundation and can greatly reduce many of common cloud security issues that affected organisations last year.
Cloud to go from CIO initiative to board-level requirement
In 2018, CIOs largely took cloud up as an organisational-level initiative. Most businesses now recognise, however, that the cloud allows them to innovate faster. They increasingly view moving to the cloud as a differentiator for their organisations. In 2019, boards will begin to require CIOs and CISOs to implement organisation-wide cloud initiatives. Technology and cybersecurity teams will have their feet held to the fire by boards focused on making cloud migration a reality.
Participants of the first Doha edition of ‘Cloud Security Summit u2013 A More Secure Everywhere.’
