Just as it’s transforming networks so too is the business world’s pandemic-fueled embrace of cloud computing exerting a large and growing effect on where security vendors train their R&D attention.
Further proof emerged this week at the Amazon Web Services re:Invent conference, where the public cloud titan unveiled a refreshed edition of its Amazon Inspector vulnerability management service featuring continuous, automated scanning and automated discovery of Elastic Compute Cloud instances, among other features. Almost immediately after that announcement, a host of leading vendors declared their support for the revamped solution.
Trend Micro, for example, has aligned the configuration checks in the compliance and governance component of its Cloud One security platform with Inspector’s new functionality, while Sophos has added telemetry from the new Inspector to the consolidated data tracked by its Cloud Optix security posture management solution. Channel pros can expect to see further, similar updates regularly too, according to Sophos Chief Product Officer Dan Schiappa.
“As AWS and Microsoft and Google and Oracle make more and more of these services available, we’ll do more and more of these integrations,” he says. “That’s where a lot of the compute is going, and that’s where security is going, and that’s where we’re going.”
Indeed, in a second upgrade announcement this week, Sophos said Cloud Optix now continuously monitors data from AWS CloudTrail, Amazon’s user activity and API usage tracking solution. Both integrations, furthermore, arrived some two months after Sophos added data collected by Cloud Optix from sources like Amazon GuardDuty and AWS Security Hub to its XDR solution’s data lake to help users identify and diagnose threats more quickly.
All that activity comes amid accelerating use of software- and infrastructure-as-a-service solutions by businesses rushing to enable work-from-anywhere arrangements in which employees split time between office and home. Gartner expects global cloud outlays to rise more than 16% next year, in fact, to $474 billion. By 2025, the analyst further predicts, over 85% of organizations will have adopted a “cloud-first” IT model and more than 95% of digital workloads will be deployed on cloud-native platforms, up from 30% this year.
Data published by Trend Micro this week underscores the impact that groundswell is having on security vendors. Already, the company says, it’s protecting 2.5 trillion cloud events daily for 20,000 customers in 114 countries. Sales through the online AWS Marketplace, moreover, spiked 177% year over year in Trend Micro’s second fiscal quarter.
The pattern is similar elsewhere. Cloud security is currently the smallest security and risk management market segment tracked by Gartner but also the fastest growing, projected to soar over 41% this year to $841 million. The yawning gap between global demand for cybersecurity talent and the available supply, which industry association (ISC)2 says presently stands at some 2.72 million people, all but guarantees more such growth, according to Aaron Ansari, Trend Micro’s vice president of cloud security.
“Fundamentally, they’re just not there,” he says of cybersecurity professionals, “and so use of technology has become something that’s mandatory.”