Cloud environments were frequent targets for cyber attackers in 2023. Eighty-two percent of breaches that involved data stored in the cloud were in public, private or multi-cloud environments. Attackers gained the most access to multi-cloud environments, with 39% of breaches spanning multi-cloud environments because of the more complicated security issues. The cost of these cloud breaches totaled $4.75 million, higher than the average cost of $4.45 million for all data breaches.
The reason for this high cost is not only the penalties paid for the data breaches but also the amount of time (mean time to identify, or MTTI) it takes to discover and remediate the breach. The typical time in days that it takes to identify a breach is significant across all configurations, with the worst being multi-cloud and hybrid-cloud environments.
The figure above is measured in days. (Source: IBM)
These statistics are not only alarming but could conceivably be catastrophic, depending on the number and type of breaches that occur. They clearly spell out the compelling need for data protection in cloud applications and infrastructure.
Just how popular is the cloud?
According to a study published by G2.com in April 2023:
Cloud-first is the mantra
- All companies use at least one public or private cloud
- By 2025, 85% of organizations will be “cloud first”
- Over 60% of all corporate data is in cloud storage
- 100 trillion gigabytes of data will be stored in the cloud by 2025.
Multi-cloud is popular
- 98% of enterprises use or plan to use at least two cloud infrastructure providers
- 31% of enterprises have four or more cloud infrastructure providers
- Nearly 9 out of 10 companies report having a multi-cloud strategy.
Hybrid cloud is on the rise
- Nearly 8 of 10 companies use multiple public clouds and 60% use more than one private cloud
- 56% of companies with more than $500 million in revenue have adopted a hybrid cloud.
If we apply a conservative estimate that 33% of 100 trillion gigabytes of data stored in the cloud is unprotected, that means that 33 trillion gigabytes are constantly at risk of being breached.
The emerging solution
Cloud-native data protection is a technology that protects data stored in and moving through cloud infrastructure by:
- Identifying where it’s located
- Identifying shadow copies of sensitive data
- Identifying data movement within and across multi-cloud and hybrid-cloud infrastructure.
To qualify as cloud-native and to handle the rapid movement and complexity of cloud services, the data protection technology should be implemented with cloud infrastructure and use cloud methodologies, such as containers, Kubernetes and microservices.
The name for this capability is data security posture management (DSPM), and it satisfies the requirements listed above for public, private, multi-cloud and hybrid-cloud environments.
What is cloud-native?
Cloud-native applications consist of multiple small, interdependent services called microservices. They are composed of:
- Application programming interfaces (APIs), which bring loosely coupled microservices together
- Service mesh, which manages the communication between multiple microservices
- Containers, which are the application software components that pack the microservice code and other required files in cloud-native systems
- Container Orchestrator/Manager, such as Kubernetes, which facilitates declarative container configuration, such as pods, and automation.
Cloud and data protection impact
Data breaches certainly have the potential to slow cloud migration and innovation. How many breaches, after all, will users be willing to endure before demanding more comprehensive protection? Data privacy laws, such as the General Data Protection Regulation (GDPR), are also driving protection by levying fines on entities that don’t adequately protect data privacy.
Every application and website user appreciates cloud applications’ innovation and performance, including the personalization that cloud-native and artificial intelligence (AI) technologies facilitate. But that enthusiasm will likely ebb if data breaches escalate. Without more immediate attention to data protection, users may demand immediate, increased levels of accountability that could slow innovation.
DSPM to the rescue
To assuage these concerns, DSPM has emerged to address cloud data protection. DSPM identifies all repositories of “at risk” data within public, private, multi-cloud and hybrid-cloud infrastructure, which includes relational databases, Big Data stores, in-memory databases, Software-as-as-Service (SaaS) applications and shadow data.
That means DSPM finds data in any cloud storage repository, including data copied for any purpose outside a database or files such as log files. It also tracks data as it moves through cloud components to ensure that if data is moved, the organization knows about it and can implement remedial actions if needed.
But the most amazing part is that DSPM is incredibly easy to use. It automatically discovers data, catalogs where data resides so that shadow data can be identified and sends alerts about data vulnerabilities so that remedial actions can be taken as needed.
The compelling need for cloud-native data protection
Cloud-native data protection is needed to protect the wealth of generated data and traversing cloud infrastructure. The implementation needs to be cloud-native so that data in all multi-cloud repositories can be seen. In addition, cloud-native implementation enables organizations to see where data moves through applications built with cloud components, such as containers, APIs and service meshes, to get to the next storage location.
DSPM also belies the notion that cloud data security is hard to use and consumes too many resources to be effective. Using automated discovery, cloud-native DSPM automatically identifies sensitive data, shadow data, data locality and point-to-point data movement through cloud infrastructure and application components.
DSPM is easy to use, finds data locations and maps them and monitors data as it moves through the (multi-)cloud infrastructure. IBM Security Guardium Insights SaaS DSPM embodies all of the capabilities listed above.
Learn more on IBM Guardium Insights SaaS DSPM or sign up to try it for free now.
The post The compelling need for cloud-native data protection appeared first on Security Intelligence.