Businesses will increasingly be forced to adopt cloud-based security services to take care of the basics so they can concentrate on more complex threats, says Gartner.
This is one of several security-related trends that will emerge and grow in the coming year and beyond, analyst Earl Perkins told the Gartner IAM Summit 2015 in London.
“Businesses need to watch the development of security services from the cloud as we expect these to grow and evolve,” he said.
But Perkins said while a move to cloud services is essential to the success of internet of things (IoT), cloud is nevertheless still only in an “early maturity phase”, especially in Europe.
Gartner expects European organisations to familiarise themselves with cloud architecture by setting up private clouds first, but that over time they will evolve their thinking to overcome resistance to cloud.
Cloud access and other broking services that would negotiate the relationship between cloud service providers and consumers will be key to enabling wider use of public cloud, according to Gartner.
Under this model, cloud brokers would enable businesses to enforce policies by managing the use, performance and delivery of cloud services.
Running through an overview of Gartner’s group of around 70 security analysts, Perkins said Gartner believes organisations need to start thinking about securing all the components of digital business.
“Digital business is made up of devices, services and people with digital identities, and this represents the future of business as we enter an era in which we create and use more information,” he said.
Perkins said this means there is a need to move beyond information security or IT security to a concept of cyber security that also includes physical security, operational security and device security.
A key component of this more comprehensive approach is application security, and yet he said fewer than 10% of organisations have started making security part of the process of application development.
“This is an area in which most organisations will need to improve quite a bit,” said Perkins.
When it comes to identity and access management (IAM), he said, organisations need to embrace the idea that things and data will have identity too, and not only IT users.
Source: Computer Weekly