Light Dark
February 27, 2024 By Tom Fisher 4 min read
Data Protection
Cloud Security

Cloud environments were frequent targets for cyber attackers in 2023. Eighty-two percent of breaches that involved data stored in the cloud were in public, private or multi-cloud environments. Attackers gained the most access to multi-cloud environments, with 39% of breaches spanning multi-cloud environments because of the more complicated security issues. The cost of these cloud breaches totaled $4.75 million, higher than the average cost of $4.45 million for all data breaches.

The reason for this high cost is not only the penalties paid for the data breaches but also the amount of time (mean time to identify, or MTTI) it takes to discover and remediate the breach. The typical time in days that it takes to identify a breach is significant across all configurations, with the worst being multi-cloud and hybrid-cloud environments.

The figure above is measured in days. (Source: IBM)

These statistics are not only alarming but could conceivably be catastrophic, depending on the number and type of breaches that occur. They clearly spell out the compelling need for data protection in cloud applications and infrastructure.

Just how popular is the cloud?

According to a study published by G2.com in April 2023:

Cloud-first is the mantra

  • All companies use at least one public or private cloud
  • By 2025, 85% of organizations will be “cloud first”
  • Over 60% of all corporate data is in cloud storage
  • 100 trillion gigabytes of data will be stored in the cloud by 2025.

Multi-cloud is popular

  • 98% of enterprises use or plan to use at least two cloud infrastructure providers
  • 31% of enterprises have four or more cloud infrastructure providers
  • Nearly 9 out of 10 companies report having a multi-cloud strategy.

Hybrid cloud is on the rise

  • Nearly 8 of 10 companies use multiple public clouds and 60% use more than one private cloud
  • 56% of companies with more than $500 million in revenue have adopted a hybrid cloud.

If we apply a conservative estimate that 33% of 100 trillion gigabytes of data stored in the cloud is unprotected, that means that 33 trillion gigabytes are constantly at risk of being breached.

The emerging solution

Cloud-native data protection is a technology that protects data stored in and moving through cloud infrastructure by:

  1. Identifying where it’s located
  2. Identifying shadow copies of sensitive data
  3. Identifying data movement within and across multi-cloud and hybrid-cloud infrastructure.

To qualify as cloud-native and to handle the rapid movement and complexity of cloud services, the data protection technology should be implemented with cloud infrastructure and use cloud methodologies, such as containers, Kubernetes and microservices.

The name for this capability is data security posture management (DSPM), and it satisfies the requirements listed above for public, private, multi-cloud and hybrid-cloud environments.

What is cloud-native?

Cloud-native applications consist of multiple small, interdependent services called microservices. They are composed of:

  • Application programming interfaces (APIs), which bring loosely coupled microservices together
  • Service mesh, which manages the communication between multiple microservices
  • Containers, which are the application software components that pack the microservice code and other required files in cloud-native systems
  • Container Orchestrator/Manager, such as Kubernetes, which facilitates declarative container configuration, such as pods, and automation. 

Cloud and data protection impact

Data breaches certainly have the potential to slow cloud migration and innovation. How many breaches, after all, will users be willing to endure before demanding more comprehensive protection? Data privacy laws, such as the General Data Protection Regulation (GDPR), are also driving protection by levying fines on entities that don’t adequately protect data privacy.

Every application and website user appreciates cloud applications’ innovation and performance, including the personalization that cloud-native and artificial intelligence (AI) technologies facilitate. But that enthusiasm will likely ebb if data breaches escalate. Without more immediate attention to data protection, users may demand immediate, increased levels of accountability that could slow innovation.

DSPM to the rescue

To assuage these concerns, DSPM has emerged to address cloud data protection. DSPM identifies all repositories of “at risk” data within public, private, multi-cloud and hybrid-cloud infrastructure, which includes relational databases, Big Data stores, in-memory databases, Software-as-as-Service (SaaS) applications and shadow data.

That means DSPM finds data in any cloud storage repository, including data copied for any purpose outside a database or files such as log files. It also tracks data as it moves through cloud components to ensure that if data is moved, the organization knows about it and can implement remedial actions if needed.

But the most amazing part is that DSPM is incredibly easy to use. It automatically discovers data, catalogs where data resides so that shadow data can be identified and sends alerts about data vulnerabilities so that remedial actions can be taken as needed.

The compelling need for cloud-native data protection

Cloud-native data protection is needed to protect the wealth of generated data and traversing cloud infrastructure. The implementation needs to be cloud-native so that data in all multi-cloud repositories can be seen. In addition, cloud-native implementation enables organizations to see where data moves through applications built with cloud components, such as containers, APIs and service meshes, to get to the next storage location.

DSPM also belies the notion that cloud data security is hard to use and consumes too many resources to be effective. Using automated discovery, cloud-native DSPM automatically identifies sensitive data, shadow data, data locality and point-to-point data movement through cloud infrastructure and application components.

DSPM is easy to use, finds data locations and maps them and monitors data as it moves through the (multi-)cloud infrastructure. IBM Security Guardium Insights SaaS DSPM embodies all of the capabilities listed above.

Learn more on IBM Guardium Insights SaaS DSPM or sign up to try it for free now.

 |  |  |  |  |  |  |  |  | 
Tom Fisher
Product Marketing Manager, IBM Security Guardium

More from Data Protection
March 27, 2024

3 Strategies to overcome data security challenges in 2024

3 min read - There are over 17 billion internet-connected devices in the world — and experts expect that number will surge to almost 30 billion by 2030.This rapidly growing digital ecosystem makes it increasingly challenging to protect people’s privacy. Attackers only need to be right once to seize databases of personally identifiable information (PII), including payment card information, addresses, phone numbers and Social Security numbers.In addition to the ever-present cybersecurity threats, data security teams must consider the growing list of data compliance laws…

March 12, 2024

How data residency impacts security and compliance

3 min read - Every piece of your organization’s data is stored in a physical location. Even data stored in a cloud environment lives in a physical location on the virtual server. However, the data may not be in the location you expect, especially if your company uses multiple cloud providers. The data you are trying to protect may be stored literally across the world from where you sit right now or even in multiple locations at the same time. And if you don’t…

March 5, 2024

From federation to fabric: IAM’s evolution

15 min read - In the modern day, we’ve come to expect that our various applications can share our identity information with one another. Most of our core systems federate seamlessly and bi-directionally. This means that you can quite easily register and log in to a given service with the user account from another service or even invert that process (technically possible, not always advisable). But what is the next step in our evolution towards greater interoperability between our applications, services and systems?Identity and…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature