The aftermath of COVID19 is still sending shockwaves through our society, new expectations of location freedom are changing the way we work, AI is changing the way we work, and the whole security industry is just doing their best to hold on. For this reason, there has never been a more difficult time to predict the future of… well, anything! But especially something as dynamic as cloud security. We're still going to give it our best shot.
Are you ready to dive in with me? Great! Let's check out the 5 cloud security predictions for 2023 that are bound to keep you on your toes.
The Cloud-Native Shift: Kubernetes, the Conductor of the Multi-Cloud Orchestra The cloud-native shift is a dance we've all been performing for a while now, and it's not stopping anytime soon. In fact, it's still gaining momentum. With Kubernetes becoming the default orchestration stack for multi-cloud environments, we're seeing more and more vulnerable clusters out there. If you're looking for something to help you here, it might be worth checking out Wiz's Kubernetes security solution.
What can you do to protect your precious Kubernetes clusters? You can start by keeping up-to-date with security best practices and ensuring your team is well-trained. The Kubernetes documentation has a lot of details about best security practices and hardening. This is a good place to start.
Software Supply Chain Security: The Looming Threat to Developer Laptops Remember when we only had to worry about the server room's security? Yeah, me neither. In 2023, we predict that software supply chain security will keep climbing up the threat class ladder. Now even developer laptops are in scope (see: the LastPass breach).
Supply chain security is a tough one to solve, but it helps to vet suppliers from a security standpoint. Now more than ever, adversaries are recognizing supply chain attacks as a viable entrypoint to an organization. MSPs are prime targets because, by design, they have access to the networks of their customers. It's no surprise that attacks against MSPs are on the rise.
Artificial Intelligence Attacks: Cloud's Newest Friend and Foe I don't believe AI will replace humans in cybersecurity in the immediate future. Rather, I think it will augment their abilities, which is an opinion shared by this article. This applies to both attackers and defenders, so it's important that the attackers fully embrace AI so as not to give attackers an unfair advantage.
We've already seen AI augmented phishing campaigns, and they're only going to get more sophisticated. What AI has done is given attackers the capability to scale out attacks that previously required human work, such as customizing phishing attacks to target a specific person's interests.
AI has also opened up a whole new attack surface: LLM prompt injection, where attackers use specially crafted prompts to convince chatbots to reveal their secrets and bypass security controls. Due to the unpredictable nature of LLMs, this is currently quite difficult to defend against and has led to some interesting vulnerabilities, one being the discovery of "Sydney", the name of Bing's new chatbot.
It will only be a matter of time before major cloud providers start using AI chatbots to help you manage your cloud. Imagine being able to type "initialize a new S3 bucket to host a static website, then set up Cloudfront in front of it and then point app.example.com to the Cloudfront instance", instead of having to perform these tasks manually. While this will save time, it may also cause some security settings to be overlooked, which could compromise security of the infrastructure and applications.
The Rise of Consolidated and Affordable Tools: A Golden Opportunity for Businesses As the overall economy pushes for consolidation, cheaper and consolidated tools are poised to win out. Not only is this more cost-effective, it may also be more convenient for security teams because it negates the need to implement half-baked integrations between tools.
The pros:
Tools become more affordable.
Integrations become less of an issue.
Available tools will be high quality, belonging to large organizations.
The cons:
The cybersecurity vendor market will be further dominated by larger organizations, making it more difficult for smaller vendors to compete or innovate.
Security teams may be forced into a "one-size-fits-all" approach, having to follow the prescribed or implied processes that are determined by their tooling.
The End of the Cryptomining Gold Rush Cryptocurrency prices have dropped and cryptominers have become less profitable. The more criminally minded cryptominers won't throw in the towel. Instead, they'll shift their focus to cloud ransomware, data exfiltration, and more targeted attacks on organizations.
What does that mean for security teams? More attacks, and more sophistication in those attacks.
Conclusion There you have it! Those are our top 5 cloud security predictions for 2023. We can't say for sure whether all of these will come true, but it's always wise to stay ahead of the game.
For now, keep your eyes peeled and your security solutions up-to-date. With Wiz by your side, we can tackle whatever the future throws at you. And remember, "An ounce of prevention is worth a pound of cure."