As of a few years ago, there were few Security-as-a-Service (SaaS) providers and no IDasS providers. Is that still the case? If not, who provides those services? Explain the growth trend in this area.
The SaaS industry’s growth has thankfully risen to meet the rapidly expanding realm of cybercrime, yet the fight is never close to being won by security-as-a-service providers and their customers. Today, there is a wide range of available cloud security providers, such as CloudPassage, FireEye, LaceWork, McAfee, Symantec, and Solarwinds. Whether it be Infrastructure as a Service (IaaS), Platform as a Service (PaaS), or Software as a Service (SaaS), businesses now have the simplicity and flexibility to support their current and future operations. Per Gartner, the world’s leading research and advisory company, “the worldwide public cloud services market is projected to grow 17.3 percent in 2019 to total $206.2 billion, up from $175.8 billion in 2018.” Furthermore, as predicted, the fastest-growing segment of the cloud market is cloud system infrastructure services, also known as IaaS; this market is forecasted to grow 27.6 percent in 2019, reaching $39.5 billion (Gartner, 2018). 2019’s growth in cloud computing is sure to create serious competition between providers, ushering in a new era of features, costs, coverages, and support systems. The SaaS and IaaS industries are making an effort to grow as quickly as the cloud-services they secure, yet the necessity for skilled cloud security technicians is always present, and their positions are hard to fill. Possibly one day, when the salaries for those who play defense match that of the hackers and cybercriminals who play on offense, we may see a significant reduction in the barrage of ransomware and virus attacks and infections; this, however, is probably highly unlikely.
This reading includes information on the potential benefits of using CSPs, and the potential threats of using CSPs. Are there any benefits and/or threats that were not included in the discussion that should be?
As I have discussed several of the benefits and threats of using CSPs before and taking note of what is included in this week’s reading, I will attempt to go beyond what the common attributes are for CSP-usage. I believe that the next challenge many organizations face with CSP-usage is proper cloud management. With hybrid and multi-cloud environments, many businesses offer dashboards to help navigate and operate each one, but no real effective manner of combining them in a single easy-to-use operation exists; this will be very complicated to create as cloud providers typically do not use the same APIs, rendering those with the necessary skill to create custom frameworks for their systems (which can be quite the headache).
One interesting benefit of using CSPs is the hybrid deployment model. Hybrid clouds, which use a combination of local and public clouds, offer reduced deployment costs and promote more natural workload migration; they also improve their applications by using private clouds to control where their network geographically operates, which helps data security and data custody issues. Then, data that is less sensitive can be processed through public clouds, freeing up memory, and reducing the number of needed physical devices. Each model of cloud computing has its strengths and weaknesses, so a combination of more than one can ensure that each model’s advantages are benefited from. I feel that the benefits of hybrid cloud setups can be quite grand, yet failing to apply some customization to how an organization uses the Cloud can be a significant threat as well.
Gartner. (12 Sep 2018). “Gartner Forecasts Worldwide Public Cloud Revenue to Grow 17.3 Percent in 2019.” Retrieved from https://www.gartner.com/en/newsroom/press-releases/2018-09-12.