In the study of ecology, there's a concept called the "empty niche hypothesis," which states that an abundance of unexploited resources in an ecosystem leads to opportunities for one or more species to be successful by exploiting those resources (thereby "filling" the niche). This may occur when a species already in the ecosystem develops new ways to exploit the niche, or it can happen after the introduction of a species from outside that does so. Either way, the "empty space" creates an opportunity for a new organism to come in and enjoy success.
…much like how an ecological 'empty niche' creates pressure for a new species to fill it, (cloud) pain points create pressure for innovative solutions to close them.
In some ways, this analogy can help us understand what's going on in enterprises with respect to cloud and security.
Cloud is obviously a game changer for enterprise information security efforts. The abundant and rapidly increasing use of cloud services in the enterprise has introduced a number of new cloud computing security concerns that organizations didn't have before, at least not in this form. And much like how an ecological "empty niche" creates pressure for a new species to fill it, these pain points create pressure for innovative solutions to close them.
Consequently, we shouldn't be surprised to learn of what some might call a veritable renaissance of new security tools, services and other products that address these cloud security concerns. We've watched these issues arise, and now we're seeing innovative ideas emerge to counter them in what The MIT Technology Review calls "the coming wave of security startups."
In this tip, we'll explore five key areas where such technologies are beginning to materialize, focusing on the problems vexing enterprises and some of the innovative approaches to solving them that didn't exist (at least in this form) a few short years ago.
Niche #1: Commodity computing and multi-tenancy
In the cloud, the lower levels of the application stack are opaque to the client organization (i.e., they're a "black box"). Depending on the type of cloud model employed -- be it Software as a Service (SaaS), Platform as a Service (PaaS) or Infrastructure as a Service (IaaS) -- more or less of that stack could be part of the usually multi-tenanted infrastructure leased from a cloud provider. New categories of tools are emerging that seek to encapsulate (and thereby protect) what is run in those multi-tenanted environments. For example, encryption gateways like those provided by CipherCloud Inc. and PerspecSys Inc. help transform and protect application data, while tools like the PrivateCore vCage can protect data in memory while in use on semi-trusted, multi-tenant environments.
Niche #2: Proliferation, sprawl and shadow IT
Ease of adoption and as-you-go pricing can sometimes bring about unexpected and difficult-to-discover cloud usage, especially in situations where business units can directly adopt services without the intervention, approval or even knowledge of IT. In many organizations, this leads to a situation where IT organizations don't even know all of the cloud services in use, let alone where or how they are being used. New discovery-oriented products and services, such as those from Skyhigh Networks Inc. and Netskope Inc., can help organizations find and inventory usage, thereby allowing them to consolidate and identify inappropriate or high-risk usage, enforce licensing or take other actions.
Niche #3: Advanced malware protection
As enterprise environments become more complex in terms of the number and types of devices present on the network, discovering nefarious activity and attacks in progress becomes much more challenging. The increased sophistication of attackers, as well as the reduced efficacy of traditional network and host monitoring controls in a cloud context (because those services are below the visible stack for many cloud deployments), make the problem even more difficult. To solve such issues, more sophisticated attack detection and prevention tools are being developed by vendors such as Carbon Black, Triumfant, CrowdStrike and AhnLab. These products can collect more/different data, better index the data it collects, or collect data in different ways. This helps enterprises better defend against sophisticated attackers.
Niche #4: Threat intelligence
Likewise, advances in attacker sophistication have made understanding attacker techniques and methods a big cloud computing security concern for organizations. The cloud provides a useful vehicle for this information to be made available and creates opportunities to better monitor activity in light of changes to advances in tradecraft. Tools from vendors including Risk.I/O Inc. and Qualys Inc. use the cloud as a platform to tie together vulnerability information from a variety of existing sources organizations may already have in place -- for example data from OS and network vulnerability scanning tools, application scanning tools and port enumeration tools. By correlating and analyzing this vulnerability information, these tools promise to help locate vulnerable assets so that they can be remediated and the technical risk reduced.
Niche #5: Application release acceleration
More on cloud security issues
Cloud has brought about an acceleration in application deployment while at the same time revolutionizing how software is created and streamlining release cycles (e.g., DevOps). As development time is reduced and the QA/release processes become more automated, software licensing compliance becomes more critical. Newer players like SourceDNA, Inc., as well as more established but still innovative names such as Sonotype Inc., promise to help enterprises "unpack" and more concretely understand what libraries, components, application programming interfaces and ancillary supporting software are used in the software they create.
These are by no means the only pain points that enterprises are experiencing as a result of the increased externalization of IT environments, nor are these the only innovative companies providing products to help soothe those pain points. However, these examples can serve as useful proof points to illustrate that the proverbial "coming wave" has hit and a number of new, innovative species -- or cloud technologies, tools and services in this case -- have started to fill the niche.
About the author:
Ed Moyle is currently director of emerging business and technology for ISACA. He previously worked as senior security strategist for Savvis Inc. and as senior manager with CTG. Prior to that, he served as vice president and information security officer at Merrill Lynch Investment Managers.
This was first published in October 2013