Cloud Security

Cloud security has become one of the top priorities for orgs operating on hyperscaler infrastructure. Market size estimates for 2022 range from $20bn to $40bn, with the expectation that it will grow to somewhere between $80bn and $110bn by 2030. The fundamental catalyst for the rising demand for cloud security is the complexity of operating IT infrastructure in the cloud.

The benefits of orgs using cloud computing are plentiful; from faster product innovation, greater scalability to meet rising end user demand, better end user experiences, more efficient utilization of resources, and greater business agility, to name a few. In essence, these benefits derive from the virtualisation provided by VMs, containers, serverless compute, and APIs, that are often all constructed into a microservice architecture that is widely distributed across AWS, Azure, GCP, or others. Such an architecture provides the innovation, agility, and business scalability, but the distributed, ephemeral, and dynamic nature also makes securing things unmanageable.

Since 2006 when AWS was launched, we have witnessed the evolution of cloud security, in which more and more solutions have come to the market to close the security gaps. Initially, it was just the CSPs (Cloud Service Providers) themselves that provided the tools for IT teams to secure applications hosted in the cloud. Though, the CSP security suite turned out to be appropriate as a baseline toolset only. The mobile era, and then the IoT era, creating a global explosion of data, combined with bad actors becoming increasingly prevalent and sophisticated, meant that good cloud security had to come from a dedicated industry, not something peripherally provided by the CSPs.

As a consequence of the dynamic threat landscape, out emerged various specialist cloud security vendors. In the early 2010s, CASBs (Cloud Access Security Brokers) came onto the scene to monitor activity and data movement in SaaS apps. Around the same time, CSPM (Cloud Security Posture Management) vendors came to market with products that can detect misconfigurations across servers, databases, VMs, and containers, etc. In the mid-2010s, CWPP (Cloud Workload Protection Platform) became the next must-have solution, which involved having an agent installed on cloud instances to protect workloads (any process that consumes CPU and memory) from malware and bad actors.

More recently, CIEM (Cloud Infrastructure & Entitlement Management) and microsegmentation have come to the fore - these help orgs better manage user permissions and network connections, respectively. These are really important to thwart bad actors from exploiting excessive permissions on a machine (CIEM), and also in preventing them from moving laterally across the infra in search of valuable systems (microsegmentation).

The latest trend in cloud security is the shift-left philosophy. CASB, CSPM, and CWP are all detective by nature, that are still needed but because of the dynamic pace of cloud computing - mainly driven by developers innovating fast to ensure their orgs remain competitive - such solutions trigger voluminous alerts. Hence, in recent years a more preventative approach has emerged, often referred to as shift-left, that is all about baking in best security practices and detecting potential vulnerabilities as early as possible in the software development and software production lifecycles. The benefits are a more robust security posture, reduced alert fatigue (that enables a shift to more value-adding endeavours), and an orders of magnitude faster time-to-market for software projects.

Tech research giant Gartner, has recently coined the term CNAPP, for Cloud-Native Application Protection Platform, to describe a platform that encompasses all the above solutions. Focusing on one area of cloud security is no longer sufficient for vendors to execute a durable runway of growth. There is increasing pressure on CISOs (Chief Information Security Officer) and SecOps teams to radically reduce the number of vendor solutions in order to make things more manageable, and more secure as a by-product. Therefore, orgs will be increasingly likely to opt for vendors with a broad platform of solutions in the coming years - a platform that can provide holistic protection as orgs consume software from the cloud (SaaS) and build, deploy, and productionize software within the cloud (DevOps).

Key players in the race toward the complete CNAPP solution include public names like Palo Alto Networks, Zscaler, Crowdstrike, and SentinelOne, and late-stage startups such as Lacework, Orca Security, and Wiz. Two vendors creating a lot of buzz in shift-left specifically, are GitLab (had IPO in October 2021) and Snyk (Series F).

For institutional investors (public and private), on request, we can do tailored research for your requirements. For all types of investors, here are individual reports you can purchase related to cloud security:

For institutional inquiries, or to pay for individual (a' la carte) reports, please click Subscribe for more information. From there you can also sign up as Premium subscriber if you wish to.

Reports

Which Cybersecurity Stocks Should You Buy? (June 2021) - Free

Illumio: Pre-IPO Report (October 2021) - $50

Part 1 Of Mini Security Series: Cloud Security (May 2022) - $50

Palo Alto Networks: Prisma Cloud (October 2022) - $50

Orc Security (September 2022) - $50

Lacework (October 2022) - $50

Wiz (coming soon) - $50

Tailored research requests - price negotiable