The cybersecurity industry is filled to the brim with new innovation, but as new technologies emerge, established markets can either join together or simply become obsolete. So, what’s in the works for 2023?
Fernando Montenegro, Senior Principal Analyst at Omdia’s Cybersecurity practice with over 25 years of experience in enterprise security, thinks that the way we view and discuss cloud security will evolve well beyond Cloud Security Posture Management (CSPM). He shared this prediction during a recent Cloud Security Alliance (CSA) webinar titled Security Leaders Debate: Cybersecurity Predictions for 2023. Let’s unpack Fernando’s prediction.
The foundation of cloud security
CSPM tools let you discover, identify, and remediate threats, misconfigurations, misuse, and compliance violations across your cloud service provider infrastructure. Their goal is to give organizations the assurance that their cloud infrastructure and cloud services are secure and compliant with industry best practices, and is particularly useful in monitoring multiple cloud environments at once.
Traditionally, CSPM was configuration-oriented technology — and largely, it still is. It was our industry’s first attempt at managing the risk that comes with leveraging the cloud.
However, as more organizations make the jump to the cloud, their infrastructure grows in complexity and make up, but traditional CSPM tools’ limited focus into configuration checks and monitoring rules lack the depth and flexibility that today’s digital environments require. Because CSPM can fall short when it comes to complexity and scale, organizations are often forced to invest in other cloud security tools such as cloud workload protection platforms (CWPP), cloud-native application protection platforms (CNAPP), cloud-native configuration management databases (CMDB), or cloud infrastructure entitlement management (CIEM).
Ultimately, the expectation that cloud security will go beyond CSPM solutions in the very near future can largely be attributed to the lack of context and customization they can provide.
The CSPM spectrum
While CSPM tools help you manage your cloud security posture and cloud workloads, they still only address basic security needs and overall only secure less than half of your cyber asset environment.
“The people who were early on their CSPM journey worried about cost even more than the average. They worried about compliance even more than the average. They worried about permissions even more than the average.
The responses for people with established CSPM programs shifted tremendously. They were less concerned about costs. They saw value in the tools that they were deploying. They were less concerned about compliance.
They were concerned about where their data was, and how to execute incident response on cloud environments. They were concerned with the ever-present skills gap that comes with cloud technology. Once you get past the initial CSPM stuff, the world is your oyster.”
Fernando feels that decision makers who are farther along their CSPM journey likely always had these concerns, but were forced to prioritize the implementation and justification of a CSPM tool. Once the tool helped the security team address initial issues, they could open themselves up to securing the other half of their environment.
What if we told you that insightful, detailed context at the cyber asset level doesn’t necessarily have to come after addressing cost and compliance? While CSPM cannot provide this context, another foundational technology can.
Get more out of cloud security with CSPM+
Since asset environments now comprise more than just your cloud infrastructure and cloud service providers, we coined the label “CSPM+” to cover the cyber assets and functionality that CSPM often misses by combining traditional CSPM solutions with Cyber Asset Attack Surface Management (CAASM) functionality.
Approximately 90% of devices in modern organizations are cloud-based. Cloud networks outpace physical networks by a ratio of 59:1. Unfortunately, traditional CSPM solutions cannot address the challenges these cloud-first and cloud-native developments bring, such as:
- Increased complexity as a result of rapidly scaling cloud infrastructures
- Ever-present backlog of alerts with limited security resources
- Gaps in visibility, resulting in limited security coverage
- Inability to track disparate solutions and cloud workloads given their ephemeral nature
- Heightened, hidden risk that develops as a result of complex asset relationships.
The shift in how we talk about cloud security going beyond CSPM signals a larger shift in what we want to achieve by investing in a tool — complete, comprehensive insight into your entire cyber asset environment, beyond general cloud infrastructure.
With CSPM+, cloud-native companies can leverage CSPM features to achieve comprehensive reporting and alerting for cloud misconfigurations that put your sensitive data at risk while tapping into CAASM’s ability to offer complete visibility across assets as well as the ability to identify, map, analyze, and secure your broader attack surface.
By investing in a solution that offers more than CSPM, you can:
- Save time: The average security team is responsible for over 120.5k security findings. With context into how assets interrelate, your security team can alleviate alert fatigue by making informed decisions about how to prioritize alerts.
- Accelerate SecOps processes: By understanding your cyber assets through contextual relationships, your security team can quickly identify the scope of a vulnerability and speed up incident investigation, triage, and remediation processes.
- Access cleaner data: CSPM+ solutions can aggregate, consolidate, and normalize data across disparate tooling so your security team can easily identify areas for improvement and monitor key metrics in a real-time dashboard.
- Stay compliant: With automated asset discovery and management, CSPM+ solutions align and enforce your cyber asset environment with custom or out-of-the-box compliance frameworks. Plus, your security team can also automate the collection and analysis of all cyber asset data to help you avoid any compliance gaps.
- Query your environment in seconds: CSPM+ solutions leverage the complete visibility that comes with CAASM to empower your security team to query their entire cyber asset environment and get answers to complex questions within seconds.
- And more!
Overall, the proliferation of cloud computing surfaces new, complex challenges that can no longer be addressed with traditional CSPM solutions. Reducing your attack surface with JupiterOne’s solution for CSPM+ gives you tried and trusted CSPM capabilities with the visibility, context, and scalability of CAASM.
Hear from other security leaders about what the future of cloud security might look like in this on-demand CSA webinar!