BRAND VISIBILITY 2019

The CloudTweaks brand visibility 2019 program provides a number of terrific opportunities to help leverage your brand and service bringing it to the forefront of the technology world. We provide sponsorship, lead generation services, custom content packages, blog management and promotion. Contact us for a quote!

security-info

The Cloud In 2015: Eight Trends To Look For

The Cloud In 2015

For organizations of all sizes, in 2014 the cloud emerged as a critical part of the default consideration set when implementing any new application – in large part due to the cloud’s proven ability to handle data storage and processing demands in an elastic manner, improved verifiable standards around data security and service reliability, and lower overall total-cost-of-ownership.

As we move into the New Year, below are eight big-picture trends in cloud computing for 2015.

preditions

1. Forecast

Cloudy days ahead. Despite the continued incidence of cyber threats and attacks – including the latest against Sony – the market remains optimistic towards the cloud, especially as companies grow and economies scale. Applications spanning HR, sales automation, and governance, risk and compliance (GRC) will become even more widely adopted in the cloud in 2015, a view shared by independent technology and market research company Forrester Research. There is a robust and rapidly growing cloud subscription market, and organizations are continuing to take advantage of pay-as-you-go models, a new norm in the cloud world.

2. Flight to safety

Organizations are continuing to put more and more data in the cloud. With so much critical and sensitive data all in one place, comes increased risk. Some still remain skeptical as to whether existing cloud safeguards are adequate and sufficient. But rest assured – in 2015, we will see unprecedented resources and brainpower used to further strengthen and secure the cloud. While we may see more cyber threats and successful attacks, we will also see the industry rally in response, united by its mission to build bulletproof organizations, and with it, bulletproof clouds.

3. Information security a top concern

Big cloud and data storage players such as Amazon and IBM have thought about information security from the ground up. This includes everything from the staff, training programs, tools and processes that are needed to run truly world-class cloud and data storage centers. Today, strong information security programs are paramount for every organization and every industry, but even more so for banks and financial services institutions who face increasingly stringent compliance requirements and scrutiny from the regulators. Banks and financial services institutions have led the way when it comes to building out centers of information security excellence, and they are well on their way to ensure that all of the proactive and remedial measures are in place to protect against information security threats today and into the future. We will see similar stringent norms being adopted by other industries too, particularly those with large exposures to customer data and multiple customer touch points. The usage and integration of newer technology trends such as mobility, big data and real-time computing will also be brought into the information security paradigm in order to make it more robust and fool proof.

4. Greater need for industry standards

Broadly speaking, there are insufficient industry standards when it comes to baseline information security. In large part, across industries, everything remains fragmented, and organizations are focused on issues of the moment, such as information leaks, or privacy breaches, rather than bigger picture risks. We need to see organizations and industries get past their current challenges and think more proactively about the future. Cloud vendors, in particular, have realized the need for greater industry standardization when it comes to information security, and the Cloud Security Alliance, and ISO will likely spearhead continued developments in this regard.

5. Information security reviews will become more like audits

It’s a short step from a review to an audit. IT organizations will continue to ask, on a more frequent basis, for a review of their cloud accounts, what information security incidents have occurred, and how they were addressed. Similar to an audit, handling information security incidents requires visibility and transparency. Let’s say a company has put its entire Enterprise Resource Planning (ERP) in the cloud. Each known information security risk for each operation must be classified by its criticality, which then drives the frequency of the review. There will also be more frequent and random spot checks, just like audits. The IT organization will be on the sharp lookout to ensure their cloud providers are able to proactively identify, assess and mitigate risks.

6. Greater scrutiny on access controls

Currently, cloud providers offer a set of accounts to a company, who then distributes the accounts to its employees. Companies are increasingly asking their cloud providers for more data about their cloud accounts, such as who is using these accounts, and in what capacity. Due to several recent high-profile cases, we will continue to see greater scrutiny around which employees have access to these cloud accounts. Critical questions are also being asked, such as: if an employee is no longer with the company, either through termination or change of roles, whose responsibility is it to ensure their account is immediately terminated? In 2015, we will see more robust segregation of duties, greater assurance regarding the rights to use an application in the cloud, as well as new restrictions around employee access to data and applications operating on a “need to know” basis. We will also see more real-time access management, dynamic rights allocations and revocations, and other such features playing a bigger role to ensure the sacrosanct of information.

7. Hacker robots

Automatic robots are continually testing applications for availability and performance. In the same way, once security testing is added to the robots’ protocol, this becomes an important new metric for management, who are asking for trending heat maps with green, yellow and red assurances for security, just like they are used to seeing for availability or performance. In 2015, automation will continue to change how we test for information security — testing that was previously done on an ad hoc basis will become more systematic and automatic. “Pen testing” (penetration testing), which consists of programming a hacker to break into an application, is done infrequently, but I predict there will be more automated frameworks to “hack my app” in the coming year. The most sophisticated and security-aware companies will want to frequently bombard their cloud systems, and they will ask for contractual agreements that permit ongoing and real-time information security testing.

8. A whole new C-Suite

Mobility, cloud computing, social media and Big Data have become central to a company’s competitive advantage. As such, we will continue to see greater prominence of organizational positions that are related to and connected with the organization’s data. More and more companies are creating a Chief Data Officer role, with the actual title depending on the company and the industry. This position will work hand-in-hand with other key C-level roles, including the Chief Risk Officer, the Chief Compliance Officer, and the Chief Digital Officer.

By Vidya Phalke

Vidya Phalke

Vidya Phalke is responsible for MetricStream's technical architecture and strategy. Prior to being promoted to the CTO position, Vidya served as Vice President of Product Management and Engineering where he was responsible for MetricStream's Software Products and Platform Delivery. Starting with MetricStream in 2003, Vidya has been instrumental in developing an industry-leading GRC software platform. Before joining the software industry, Vidya earned a PhD in Computer Science from Rutgers University, where he won two Small Business Innovation Research grants for his research on databases and network optimization.

Marty Puranik

HIPAA Risk Assessment Guide for Smaller Practices

HIPAA Risk Assessment Guide Disconcertingly, one in four practices (25%) are failing meaningful use audits by the Centers for Medicare ...
Cloud Services Providers - Learning To Keep The Lights On

Cloud Services Providers – Learning To Keep The Lights On

The True Meaning of Availability What is real availability? In our line of work, cloud service providers approach availability from ...
Virtual Immersion And The Extension/Expansion Of Virtual Reality

Virtual Immersion And The Extension/Expansion Of Virtual Reality

Virtual Immersion And Virtual Reality This is a term I created (Virtual Immersion). Ah...the sweet smell of Virtual Immersion Success! Virtual ...
Impact of AI and 5G on the Possibilities of Data

Impact of AI and 5G on the Possibilities of Data

Impact of AI and 5G This blog post was made in collaboration with Intel. A smarter world is now a ...
Maintaining Network Performance And Security In Hybrid Cloud Environments

Maintaining Network Performance And Security In Hybrid Cloud Environments

Hybrid Cloud Environments After several years of steady cloud adoption in the enterprise, an interesting trend has emerged: More companies ...
Cloudification - Budgets are Shifting Toward a “Cloud-first” and “Cloud-only” Approach

Cloudification – Budgets are Shifting Toward a “Cloud-first” and “Cloud-only” Approach

Cloudification and the Budget Shift Gartner has recently predicted that by 2020, a corporate "no-cloud" policy will be as rare ...

Cloud Supporters

AI Meets Industrial IOT: Power Your Data-Driven Enterprise

AI Meets Industrial IOT: Power Your Data-Driven Enterprise

The rapidly progressing Artificial Intelligence (AI) technology offers a lot of new opportunities to businesses in the industrial sector. Smart machines that are capable of performing repetitive tasks with accuracy and self-correcting errors would be the perfect solution for any factory involved in large scale
How to Stop Worrying and Love the Rise of the Machines!

How to Stop Worrying and Love the Rise of the Machines!

Love the Rise of the Machines! Announcing a new blog: “Leveraging the Engines of the Digital”. Are you overwhelmed by all the buzzwords, studies and new apps? Here’s an invitation to become more digitally fluent and navigate this new world. Read on! It’s late and

"Top 100 Brand Influencer, Cloud”
-ONALYTICA

"Best Cloud Computing Blog"
-SYSADMIN MAGAZINE

"Top 10 Sites For Cloud Computing"
-DIGITALISTMAG SAP

"Top 10 Cloud Computing Blogs”
-MARKETING ENVY

"Top 25 Must Read Cloud Blogs"
-CLOUDENDURE