Generative AI will undoubtedly boost organizations’ cybersecurity capabilities. However, cybersecurity departments will reap few gains from generative AI without first enforcing solid cloud security principles. In this blog, we explain the top cloud security trends that organizations must track – and adapt to – this year in order to maintain a robust cloud security posture.

As hype around generative AI peaks in 2024, this type of artificial intelligence will have a significant impact on operations for both malicious actors and security teams. Although generative AI will not be the magic bullet some expect, it will advance our capabilities for tasks such as detecting anomalies, predicting threats and automating responses to security incidents. 

However, most organizations will gain little benefit from generative AI if they fail to first enforce fundamental cloud security principles, such as comprehensive visibility and monitoring; effective identity and permissions management; and data protection across multi-cloud environments. 

Organizations wishing to effectively protect cloud workloads against evolving threats will gain the most benefit from streamlining security automation and merging telemetry from previously siloed tools for securing applications and infrastructure. This will allow them to create actionable, prioritized alerts, based on enriched contextual data and analytics. 

By embracing the advancements in consolidated tooling and integrating these data flows into existing processes, real-time risk posture management programs can provide continuous actionable guidance. As a result, business leaders will be able to make informed risk decisions based on a comprehensive view of their overall multi-cloud security posture. 

Following the theme of continuous, overall risk reduction, below are the top five cloud security trends to watch in 2024.

1 - The evolution of identity-centric CNAPP

Successful organizations will increasingly adopt an identity-centric approach to cloud security as major vendors integrate advanced identity and access management capabilities into their cloud native application protection platform (CNAPP) offerings. This increased reliance on identity-based security is reflected by the recent rise in attacks on identity stores. As mentioned in my previous post, “Decrypting CNAPP: Moving Beyond the Acronyms and Analyst Jargon to a Unified Approach to Cloud Security,” multiple acronyms and security jargon lead to confusion and sub-optimal buying decisions from end users. CSPM, KSPM and CWPP are just some of the components being consolidated into CNAPPs to provide end-to-end protection of cloud workloads by combining previously siloed tools into a single platform. As vendors further add cloud entitlements and identity management (CIEM) capabilities to their offerings, we’re seeing the emergence of identity-centric CNAPP. The new generation of CNAPP tools increasingly offer fine-grained identity and access management to provide comprehensive control of cloud security risk across the full spectrum of assets and data in multi-cloud environments.

Consolidated authentication and single sign-on capabilities are nothing new, however advancements in zero trust access management and post-authentication user monitoring will further enhance our ability to control and manage access to cloud resources at a granular level. Advancements such as just-in-time (JIT) access allow us to grant developers speedy approval for as-needed, time-limited access without relying on pervasive privileged accounts and therefore reduce your overall cloud attack surface.

• Prediction: CIEM integration will drive significant advancements in identity-driven CNAPP technologies, particularly in managing identities across multi-cloud and hybrid environments.
• Advancement: We’ll see greater use of automated, fine-grained access management for behavioral analysis and adaptive authentication, which will strengthen security while improving user experience.
• Adaptation strategy: Invest in CNAPP solutions that offer comprehensive identity management capabilities and support for multi-cloud environments, because this will ensure that your organization has robust protection across your hybrid multi-cloud estate. As a result, business leaders will be able to make effective decisions to manage risk and meet compliance obligations.

2 - Hybrid and multi-cloud attacks will increase in maturity and frequency, resulting in major outages and data breach

Attackers will look to exploit hybrid cloud weaknesses to target sensitive data stored in previously unreachable destinations. As Google predicts in its new “Cybersecurity Forecast 2024” report, attackers will target misconfigurations and weak identity protection in cloud infrastructure and applications to cross boundaries between public and hybrid cloud environments. Threat actors will identify and exploit control gaps at the integration points created by hybrid multi-cloud applications to move laterally across integrated cloud environments, resulting in major breaches in 2024.

• Prediction: Hybrid and multi-cloud attacks will mature and become more frequent as attackers target newly exposed hybrid cloud attack vectors to access previously secure data stores by traversing the increased attack surface of hybrid cloud infrastructure.
• Advancement: There will be increased integration of hybrid and multi-cloud technologies, driving the use of advanced machine learning technologies to enable predictive risk modeling and real-time exposure analysis.
• Adaptation strategy: Assess your exposure management tools to ensure they provide comprehensive visibility into hybrid and multi-cloud assets and their associated risks, as then you’ll be able to perform proactive risk management and incident response. If control gaps are identified, select vendors or cloud service providers that provide comprehensive application protection platforms.

3 - Consolidation of security tools across security and DevOps

Expanding hybrid and multi-cloud attack surfaces will drive demand for consolidated security tooling as customers increasingly demand integrated risk management and threat intelligence capabilities in their security operations platforms. Complex multi-cloud and hybrid cloud estates will drive demand for intelligent tooling to automate manual processes, prioritize threats and reduce false positives. Organizations will increasingly rely on advanced tooling to enable cross-team collaboration and provide expert guidance on responding to incidents, which will reduce the burden on security teams and help address the security skills gap.

Consolidated tooling that integrates with both security and DevOps processes will become essential to enable cross-team collaboration and provide a unified view of your overall security posture.

• Prediction: Successful organizations will adopt consolidated application protection platforms that provide integrated tooling across security and DevOps silos to help reduce alert noise and increase collaboration.
• Advancement: There will be further integration of security controls into the DevOps pipeline, along with increased demand for intelligent tooling to automate manual processes across expanding attack surfaces.
• Adaptation strategy: Invest in cloud security tooling that provides integration points in the development pipeline and/or DevOps toolchain. Protect your organization from supply chain attacks by leveraging tools that automate security using shift-left technologies, such as infrastructure-as-code (IaC) scanning.

4 - Platform engineering finally reaches its potential

Platform engineering has been popular with technology focused organizations for a number of years. The appeal of standardizing development pipelines and developer experience has seen many internal engineering teams attempt to create customized platform-as-a-service (PaaS) offerings. 

In an attempt to rein in cloud sprawl and create centralized control of complex DevOps technology stacks, many organizations have created complex application development platforms, typically using Kubernetes in the engine room, as the orchestration layer. On top of supporting complex Kubernetes deployments, you also need multiple extra tools and custom scripts to create a cloud application development platform. Having been part of an in-house platform engineering program as early as 2016, I can tell you that self-hosted Kubernetes is not for everyone and platform engineering is for almost no one. Until now.

With hyperscale cloud providers such as Microsoft releasing open source application platforms, a degree of standardization and community support has been brought to the platform engineering space, aiming to enhance developer collaboration and reduce maintenance overhead. Organizations that embrace standardized application development platforms will reduce their deployment cycle times by reducing complexity and consolidating their technology stacks.

• Prediction: As hyperscale providers launch their own open source application platforms, platform engineering will see mainstream adoption, helping organizations consolidate and streamline their software delivery programs.
• Advancement: Hyperscale providers will compete to offer open source application platforms, driving efficiency and consolidation across multi-cloud environments.
• Adaptation strategy: Invest in security technologies that support hybrid, cloud native technologies and architectures, especially Kubernetes.

5 - Cloud security will merge with enterprise-wide exposure management strategies

For security strategies to be effective, you need a systemic approach to iterative, refined risk-management process optimization across the enterprise. With the evolution of CNAPP and the maturing of cloud technologies, cloud security practices, such as zero-trust and continuous configuration monitoring will become standard for enterprise security across all technology platforms. Successful organizations will increasingly integrate cloud telemetry into their overall exposure management strategy. This in turn will create actionable security exposure remediation and improvement plans that business executives can understand and that architecture teams can act on.

CNAPP allows you to manage cloud exposures by consolidating, refining and scoping cloud security risk thus becoming an essential pillar of your enterprise wide exposure management program. Using a unified exposure management approach, enterprises will be able to assess and manage risks by enabling faster analysis, decision making and guidance, and thus cut through complexity and stay ahead of attackers.

• Prediction: Cloud technologies will further advance to provide sophisticated threat intelligence data and hence become an integral part of enterprise-wide exposure management strategies.
• Advancement: Modern cloud security tooling has evolved to provide actionable insights on hybrid cloud infrastructure making it a vital component of enterprise exposure management strategies.
• Adaptation strategy: Prepare to adapt your enterprise security strategy by implementing a continuous exposure management program that identifies and prioritizes security risks across all infrastructure and endpoints. Integrate cloud risk into a combined threat and exposure management strategy using contextual threat intelligence data.

Conclusion

2024 is set to be a pivotal year in the evolution of cloud security. As these advancements unfold, organizations must adapt their security strategies to stay ahead of emerging threats and to protect enterprise workloads.

Successful enterprises will create expanded exposure management strategies and fortify their cloud environments against the evolving threat landscape by:

• embracing an identity-centric approach to cloud native application protection 
• adopting consolidated tooling to protect hybrid, multi-cloud infrastructure 
• enhancing cross-team collaboration through consolidated tooling
• standardizing their development environments and assessing platform engineering options against requirements and resource constraints
• integrating their cloud security programs with their overall exposure management strategy

If you want to learn more about the development of cloud security platforms and upcoming trends for 2024, check out my webinar titled "Utilizing Cloud Native Application Security Platforms (CNAPPs): The When, Why, and How for Your Security Team."