Cloud Providers And How They Have Shaped Security
Over the last 5 or so years or so, there has been a huge shift in cybersecurity: security data has moved/moving to data lakes.
Data is moving to tools such as BigQuery, Microsoft Azure Data Warehouse, Amazon Redshift, Snowflake and so on. As the amount of data increases in size, moving it around to various applications becomes hard and costly. Snowflake, Google, Amazon, and Microsoft understand their advantage incredibly well and are taking action to fully leverage it.
Many people looking to enter the field have asked me what trends have been seen lately, or where the field is headed.
If nothing changes, what will security of the future look like?
The Big Getting Bigger
Cloud providers and large data companies are pursuing a “land and expand” strategy: get the customer to adopt the product for one use case, and once the data is in, start offering other products. This is a similar strategy other businesses use on their customers. Once a user is already in the ecosystem, it is easier to offer them services they could get elsewhere but are less likely to leave for those alternatives.
It is debatable if we are relatively early in the shift to the cloud, and all major cloud providers are fighting for being chosen as the number one solution. For example, most if not all tech companies are already here, whereas companies in the public sector might not be.
Because the fight for the cloud market share is still being waged, there are a lot of feature sets being refined and rapid development.
In 2022, AWS was at 33% market share, Azure 23%, and GCP 11%.
Brief Overview of Cloud Market Share
Integrations
Having pre-built integrations with the most commonly used tools and solutions used in the industry. Seamless communication between other tools through your cloud provider is fundamental nowadays.
Interoperability.
The platform has to make it easy for people to keep using the tools they prefer, even if they are competitive and the platform offers its own solution to the same problem.
For Google and Microsoft, deciding which products to integrate into their platforms is much easier than for AWS. This is due to the vast majority of solutions being built on or integrating with AWS, and the pool of those on Azure or GCP (or that integrate with them) is smaller. Interoperability is trickier because of the inherent conflict of interest.
As of today, protecting the cloud & what’s in the cloud is very different. It will be very interesting to see how the “shared responsibility” model for cloud security evolves in the next decade.
Interestingly enough here, Google is moving towards the “shared fate” model. This is noteworthy because it will determine what the scope of the Security practitioner’s role will look like. Whatever the outcome is, the role of someone in Cybersecurity will heavily involve operating and securing these cloud services.
That being said, as someone in the field or looking to get in the field, you really can't go wrong with learning one of these cloud providers.
Nowadays, roles tend to look for a combination of these skills or someone who is cloud agnostic. So don’t get too hung up on which to learn, any of them will build your skillset and make you a strong candidate in the market.
In a future post, we’ll be going over the certifications in this space.
In Conclusion
The more data is accumulated by a cloud provider, the more other data it attracts, and therefore more products and services will be introduced to attract even more data. This cycle is continuous, and it leads to the inevitable deepening of the relationship between the users and their providers, making it harder and harder for companies to switch (Vendor Lock-In).
In the end, I believe whoever owns and can make sense of the vast amount of data, will have the ability to shape the future of cybersecurity. Time will tell.
I hope this helps you in your learning journey!