Cloud computing chaos (aka C-cubed). You’ve probably heard the old adage that change is the enemy of security. This axiom really sums up the issue with cloud computing security. Organizations are moving full speed ahead with cloud computing, deploying cloud-based technologies such as VMs, containers, micro-services, and serverless applications across Amazon Web Services (AWS), Microsoft Azure, Google Cloud, IBM cloud, and Oracle cloud platforms.
Unfortunately, this is happening at an increasing pace that security teams simply can’t keep up with — especially considering the global cybersecurity skills shortage. According to a recently published ESG/ISSA research report, 29 percent of organizations have an acute shortage of cloud security skills. Because of those issues, ESG’s cloud security guru Doug Cahill tells me that organizations are not setting up the right security policies, processes, or controls for the cloud. This will inevitably lead to lots of easily exploitable vulnerabilities, data breaches, and regulatory compliance violations.
To alleviate this risk, CISOs will have to up their game in 2018, work in lock-step with cloud developers and DevOps groups, surround cloud with the right policies, develop collaborative processes, and build a cloud security controls architecture.
Source : https://www.csoonline.com/article/3242547/security/a-few-cybersecurity-predictions-for-2018.html