The Evolution of Cloud Security in 2022

This blog was originally published by G2 here.

Written by Aaron Walker, G2.

This post is part of G2's 2022 digital trends series.

Unified security for the distributed cloud

In the early days of cloud computing, businesses had a simple choice: adopt or don’t. Back then, security was a secondary concern. But today, those choices are a lot more complicated, and security is a much larger priority.

The unbelievable expansion and widespread availability of cloud services have pushed virtually every modern business to adopt some form of cloud computing services. From cloud-native startups and small businesses to growth companies and long-standing enterprises, every business has a challenge that didn’t exist just a decade ago: managing complex systems of cloud services, networks, APIs, and data.

As hybrid and multicloud environments became the norm, challenges arose in terms of access management, visibility, and protection. Utilizing various cloud services without centralized management reduces observability and complicates governance. Distributed clouds are emerging as the next evolution of enterprise cloud computing, primarily because of reduced complexity and increased consistency.

Businesses are adopting secure access service edge (SASE) tools to address these needs and offer unified access control at scale and across complex environments. With advancements, funding has followed. This year’s biggest SASE investments include Versa Networks securing $84 million in June 2021 and Cato Networks receiving $200 million in October 2021. By 2026, the SASE market is expected to nearly quadruple from $1.2 billion to $4.1 billion.

The core components of a SASE solution include the following technologies:

• Cloud access security broker (CASB): CASB tools help continuously authenticate users and secure connections between end users and cloud service providers.
• Zero trust network access (ZTNA): ZTNA solutions utilize adaptive authentication to continuously verify user permissions and allow for network segmentation to simplify and broaden policy enforcement.
• Secure web gateway (SWG): SWGs provide filtering and scanning of web content for viruses, spam, or other malware. They also help identify and block potentially dangerous URLs or web traffic.
• Data loss prevention (DLP): DLP tools focus on distribution control, ensuring users do not send sensitive information outside of corporate business networks.

Pairing these technologies with the functionality of firewall, SD-WAN, and software-defined perimeter (SDP) tools in a single unified solution help tackle the challenge of securing the complex cloud environments we see every day.

899% is the increase in traffic to Cloud Access Security Broker (CASB) category on G2 since November 2020.

Expanding protection while maintaining control

2022 TRENDS PREDICTION: Major enterprises evaluate solutions in 2022 and lay the foundation for distributed cloud adoption in 2023.

The advent of edge computing, the ability to run cloud services as close to data as possible, made data security easier but added management challenges without a centralized control plane. The distributed cloud takes this idea and applies it to cloud services.

The distributed cloud model provides an architecture to unify control of public cloud and hybrid cloud services while extending functionality to the edge and data centers.

Edge computing secures data, enhances deliverability by utilizing edge devices and shifting workloads to nearby data centers. Operating at the edge reduces congestion and increases data protection by minimizing data in transit. Local infrastructure allows for the utilization of information gathered on the edge without the need to transfer it back to a centralized source.

Unified control over distributed cloud environments allows end-to-end visibility and inherently scalable management. Application deployment and container orchestration can be achieved through a single solution. Security policies can be added or updated and applied across environments regardless of physical locations or platform providers. In all, distributed clouds make it easier for enterprises to optimize network traffic, increase visibility, and improve service performance.

A Perimeter 81 review says:

“With the recent pandemic starting, our on-prem hosted VPN solution became overwhelmed very quickly with all of our employees switching to remote work. Perimeter 81 provided a quick and easy solution to split the load between VPNs and provide our company with a reliable backup if needed.”

Since tools are already emerging to centralize protection, securing distributed cloud environments should eventually save businesses money by reducing the number of tools in the security stack.

Centralized security platforms used to wrangle in complex cloud environments

2022 TRENDS PREDICTION: Vendors across various security markets shift product focus to service edge security.

The shift to SASE systems has been in the works for some time, but now cloud management and computing abilities are catching up. SASE doesn’t include much technology that didn’t exist a few years ago, but they are being unified for the distributed cloud use case.

Still, SASE adoption is no simple task and can increase in complexity, parallelling the complexity of the environments they’re designed to protect. Proper implementation requires seamless connectivity between applications and data sources to ensure consistent operation and availability.

With SASE, companies can combine the functionality of secure application and network access through a software-defined, cloud-native solution. This can be delivered as a single software-as-a-service (SaaS) offering or a collection of integrated security solutions flexibly designed to meet the unique needs of modern enterprises.

Many vendors entering the SASE space formerly provided network infrastructure services or standalone security solutions for web access, identity management, and other components of the overall SASE solution.

Citrix and Cisco, for example, emerged from the SD-WAN and network security spheres, while companies like Zscaler and Perimeter 81 emerged as zero trust networking solutions. This has expanded the field in terms of competitors for more traditional cybersecurity vendors like Palo Alto Networks, McAfee, and Fortinet.

The future of cloud-native security

SASE hopes to secure the enterprise cloud and modern workforce, primarily adopters of the emerging distributed cloud architecture. Still, new solutions emerge to provide uniform security and continuous monitoring of cloud services. The next evolution of security tools may go by a different acronym, but they will all aim to wrangle in assets, prioritize identity, and ensure compliance.

About the Author

Aaron has been researching security, cloud, and emerging technologies with G2 for more than half a decade. Over that time he's outlined, defined, and maintained a large portion of G2's taxonomy related to cybersecurity, infrastructure, development, and IT management markets. Aaron utilizes his relationships with vendors, subject-matter expertise, and familiarity with G2 data to help buyers and businesses better understand emerging challenges, solutions, and technologies. In his free time, Aaron enjoys photography, design, Chicago sports and lizards.