Security incidents seem to be the daily news these days. As multi-cloud environments take center stage, how can enterprises ensure a standard security architecture across both the private and public cloud?
Panelist responses to this audience question:
With security breaches becoming more frequent the more digitized we become, the issue of data security is likely to take center stage in boardrooms everywhere. But the technology is not always the source of the problem. Panelist Jeff Ready (Scale Computing) points out that “when you really dig into a lot of these security breaches, a huge portion of them are a result of human error as opposed to IT dropping the ball.”
Edge computing only compounds the issue through the increased risk of physical security exposure. Flexibility is important, but so too is the need to control users who have access to the data.
There is the question of AI and how it might mitigate some of the risk. Ready sees AI as a potential boon to threat detection, but he’s not convinced it’ll be easy to develop.
Sirish Raghuram (Platform9) blames the problem on security as an afterthought. “Security needs to be brought further up in the design and development process.”
Automation may be one way to do this reliably, Mike Wronski (Nutanix) points out. “As we get to more API-driven, programmable data centers, now the security component gets to be somewhere where we can tie that in.”
Security is absolutely a board room issue now and in 2019, it’s going to continue to rise in importance. As we see infrastructure and data explode out of the safe (ish) confines of the data center, there is more opportunity for malfeasance and the attack surface of organizations grows exponentially.
Over time, a number of trends will have to come together to help organizations and, frankly, society, deal with security:
- A security-first mindset. This is not to say that every product and service has to be a security product, but every product and service needs to be developed with security as a core part of the design and that goes for any organization undertaking multi-cloud projects.
- Increasing levels of awareness. Employee training programs and a focus in the boardroom are critical. No one can afford to lose sight of security in today’s world. The resulting impact is simply far too severe.
- AI-powered tools. It’s impossible for humans to keep up with every potential breach. Only with automated tools that keep a constant vigil over every aspect of an organization’s data infrastructure will companies be able to reduce their risk of exposure. I believe we’re going to see entire security markets upended by AI-centric tools. These robots won’t replace humans but will augment them. The AI tools will sift through volumes of information in seconds and alert humans to anomalies. We’re starting to see this today, but it’s a market still in its infancy.
- An expanded definition of security. When we think of security in the context of IT, it’s often thought of a breaches of some kind. But, as a society, we’ll also need to grapple with security in the context of autonomous vehicles and the like. 2019 and beyond will provide a plethora of opportunities for those with an interest in security to expand their horizons!