Image: Rafael Henrique/Adobe Stock Worldwide spending on public cloud services is set to grow 20.7%to total$591.8 billion in 2023, according to Gartner, and threat actors are getting better at making use of unpatched vulnerabilities. Recent research by Palo Alto Networks ‘Unit 42 found that more than 60 %of organizations take control of four days to deal with security issues, over 63
%of codebases in production have unpatched vulnerabilities, and threat stars make use of a misconfiguration or vulnerability within hours.< img src ="https://www.techrepublic.com/wp-content/uploads/2023/05/Figue.A.AnkurShah-270x316.jpg" alt =" Ankur Shah, SVP and basic manager of Prisma Cloud"width="175 "height="205"/ > Ankur Shah, SVP and basic manager of Prisma Cloud The company’s Prisma Cloud is a top security player in finding vulnerabilities in cloud-native application development and release. TechRepublic spoke to Ankur Shah, SVP and basic manager of Prisma Cloud, about what cloud security implies and how IT pros and choice makers need to
believe beyond the standard cybersecurity playbook when it pertains to cloud security. TechRepublic: How has hybrid work and migration to cloud company informed what Palo Alto’s Prisma does? Ankur Shah: Prior to the cloud, security was like a house with one front door, a cam and a security personnel: one level of security and you’re excellent to go. Now security is very dynamic. Every home looks different. There are windows and doors and you do not constantly understand which are open, and the crown jewels are within.
So there’s a great deal of”lift and shift” [the process of migrating applications and systems to the cloud] with customers rewording applications– structure”houses”in cloud facilities, and the security individual at IT does not have as much control over how these homes get developed. TechRepublic: Developers do, nowadays. Ankur Shah: … Due to the fact that every business is becoming a digital company. If I’m Home Depot, I am a technology company that takes place to be in home hardware; if I’m Pfizer, I’m a technology company that happens to be doing pharmaceuticals: today people are using AWS or another cloud company and developing their own software application.
So, yes, designers can have outsized impact
since they need to build fast. Today there are over 33 million designers and fewer than 3 million security people who really know the cloud. I do not have data for this one, however I would guess that there are probably less than 20,000 people on the planet who actually understand cloud and security. TechRepublic: However isn’t cloud security basically what a lot of security is about now? Must-read security protection Ankur Shah: You have to comprehend that the bulk of the security experts come out of an understanding of network and endpoint security. A lot of security people are using the very same playbook that we utilized back then and using it in the cloud.
It’s an extremely different paradigm now, though. The method workloads get released in the public cloud– the
windows and doors of your home–
is really vibrant. You do not rack and stack a server anymore. You click a button … or you don’t even have to click a button. Through automation, you can create actually numerous thousands of work in the cloud today. So these are the very best of times, these are the worst of times if you remain in security. TechRepublic: Should cloud companies be doing more in regards to securing what enterprises enact in cloud environments? Ankur Shah: If you look at AWS, Azure, Google Cloud, IBM, Oracle and the others … you can have one cloud company alone with over 200 cloud services that developers are utilizing to build new applications. The cloud providers state, “Look, I will protect the infrastructure layer, but what you put
in your applications, I do not have responsibility, that depends on you. “When I was a designer, we would ship that code once a year. Now
clients are shipping code daily. So the CI/CD [continuous integration/continuous deployment] pipeline has minimized considerably now. TechRepublic: Palo Alto Prisma Cloud is about securing that whole CI/CD procedure, correct? Ankur Shah: The whole code-to-cloud journey … frequently involves 7, 8, 9 tools. The left doesn’t speak with the right, right doesn’t speak with the middle, middle does not speak with the right. So, yes, Prisma Cloud’s mission has actually been to deliver code-to-cloud security at each stage of the pipeline. There will be security issues as soon as things are in production. Constantly monitoring the end product to ensure that security holes are not left is likewise a huge part of what we do. TechRepublic: Even with code-to-cloud
security there will still be exploitable crucial vulnerabilities, do not you require several tools to deal with this in development and production? Ankur Shah: Well, there are 2 ways to not solve that issue. One is if you have multiple tools that aren’t incorporated, which is what much of the security industry is today. There are 3,000 different suppliers, 200 in cloud security alone. And everyone’s trying to sell point services. It’s not going to save the day for you.
More tools make you less secure, not more. TechRepublic: Which I assume is why enterprises are moving far from gathering point options towards platforms like extended detection and action, or
XDR, in Security Operations Center contexts. Ankur Shah: There is a big consolidation movement due to the fact that consumers can’t continue repeating the sins of the past and have multiple tools, point products, however in security, sufficient is unsatisfactory. You need to be best in class. TechRepublic: Is DevSecOps fundamentally different than what is happening in the world of SOCs and
does Prisma Cloud respond to both contexts? Ankur Shah: Tools like XDR for SOC are out there for doing risk detection prevention. If you have software currently in production and a trespasser gets in, Prisma Cloud will detect it and
we will send out those signals to the SOC. From the code to the cloud process, there are risk signals, and Prisma’s task is to avoid those issues to begin with. TechRepublic: What are some uses of big language models in cloud security? Ankur Shah: My vision
is to take advantage of AI for two purposes: to improve the user experience and to enhance the security results. It’s really that basic. Clients today are asking simple questions, however to answer those questions we typically have pages and pages of product info. With AI, why can’t you ask something like,”Hey, what’s my leading security concern? What’s the next event that I can expect?”In the future of security, users are going to be engaging with AI to help fix problems for these sort of queries. That talks to the user experience element of it.
The security result is a lot of the things that we did already in AI. You can anticipate us
to do a growing number of in the future with automation, more AI and artificial intelligence since it’s truly connecting the dots to make sure that if there is a breach– if there is a security occurrence– we’re able to discover it faster than later. Source
