Events are back, big time, including the last event I attended, Black Hat USA in Las Vegas. Which was an absolutely packed house! COVID schmovid! – Don’t stop, won’t stop…attendees from cramming into the Mandalay Bay Hotel and Convention Center. All of us were chomping at the bit to get back out there to talk in person, learn new skills and network with thousands of other InfoSec professionals and evaluate an awe-inspiring (and yes, somewhat overwhelming) amount of security products and solutions.
I should mention that I’ve been to hundreds of events over my 10+ years as a field marketing professional, and at this point I feel like I’ve seen and heard it all. That’s why I thought it would be fun to share some of my observations in a more lighthearted manner. If you are up for some chuckles and learnings, check out my highlights reel of statements “overheard in the halls of cyber conferences,” backed up with results from a 2022 Security Professionals Insight Survey Laminar conducted of over 400+ cybersecurity professionals at Black Hat USA and AWS re:Inforce.
“The vendors with simple, clear, and focused offerings are the ones that stick to my mind. So many companies are trying to do 30 different things.”
That’s right folks, stick to what you know and do it well.
Focus. Simplify. Streamline.
The race to the cloud has created a domino effect for data proliferating within that cloud, security teams haven’t been able to keep up with the pace. AND, before you even know it, with the subscription to a few cloud services and the click of a few buttons, security has become a mere afterthought. Public cloud data security adoption is severely lagging public cloud usage, creating gaps for attackers to sneak in an exploit.
So here is some focus, simplicity, and clarity for you. It’s time to secure your cloud data. Fortunately, focusing on the best ways to help our customers secure their cloud data is all we do at Laminar. We don’t do anything else, so we can do it really, really well. And when two-thirds of security professionals have data in the public cloud, that’s a focus that’s sorely needed.
- Nearly two-thirds (65.1%) of respondents said they currently have data resident in the public cloud (Amazon Web Services, Microsoft Azure, or Google Cloud Platform). With public cloud adoption having a compound annual growth rate (CAGR) of nearly 26%, it’s surprising that respondents haven’t yet hardened data security for these assets.
- Less than half (40.3%) said that they had a public cloud data security tool in place to monitor for insider and outsider threats and data exfiltration.
- Over one-third of organizations are not sure if an internal employee accidentally accessed sensitive data in the public cloud in the past months
- Over a third are not sure if they have had a data exfiltration
“Black Hat is BACK” + “It’s so nice to see users walking around, not just industry professionals.”
The pandemic sure did a number on Black Hat attendance and how the event was executed over the past two years. 2020 was 100% virtual and 2021 was dismally attended with a large virtual component. It’s safe to say that this year was an immense success, both in person and virtually…so ya…Black Hat is BACK and people were there to network and learn!
The pandemic has shifted how people work. Far more of us are choosing to work remotely part of, if not all of the time. Just like how a lot of conferences now take a “hybrid” approach to their event that gives attendees the option to come in person or remotely, this shift has also required organizations to support a hybrid work model. This new approach to work demands a different approach to cloud data security because it has accelerated public cloud adoption, removed the perimeter, and created huge blindspots for security teams.
- Nearly two-thirds (62.3%) of respondents said their organizations have a hybrid work model, while another quarter (25.9%) are fully remote. As a result, data is outside the control of the traditional on-premises security perimeter and must be secured and monitored with new, cloud-native solutions.
“With all the hackers about, it might be safer to text going forward.”
This statement shows how little most people know about how hacking actually works. And yes, I did actually hear this at a security conference. But my point is: for anyone who doesn’t know how hacking works, how on earth would they be expected to know that they need a cloud data security tool to monitor and mitigate the insider threats to their data? Many people focus on the “boogeyman” threats to their data without understanding that cybersecurity is a lot more basic, and boils down to one basic theme: visibility.
According to Gartner, through 2023, 75% of cloud security failures will result from inadequate management of identities, access and privileges. That’s sobering news given that securing one’s cloud falls to the customer, not the cloud provider.
- 59.6% of security respondents simply do not have a public cloud security tool to monitor inside threats or are unsure if they do.
As you absorb these thoughts, ask yourself what you are going to do to protect your organization from the insider and external threats lurking in your public cloud. How will you discover, prioritize, secure, and monitor data used and stored across multi-cloud environments? It’s time to get ahead of the game to protect the attack surface so that your organization can boost efficiency, collaboration, and reduce costs to stay competitive in this roller coaster of a market.
If you liked what you saw here, then be sure to share with your co-workers and friends because we want to hear from you! Follow us on Twitter @laminarsec or find us on LinkedIn. And definitely, don’t forget to @mention us when spreading the word!