rvlsoft - Fotolia

Cloud key to future cyber security, says Qualys

Security could be improved by moving to a world where security is enabled by customised and optimised security agents in virtual datacentres, endpoints and apps, says Qualys CTO Wolfgang Kandek

Netflix, AirBnB and Uber are all pointing the way to the cloud as the future, and that is also true for security, according to Wolfgang Kandek, chief technology officer (CTO) at security firm Qualys.

“Most enterprises are facing today’s cyber security challenges with IT architecture that was developed 25 years ago when IT had full control over computing,” he told the RSA Conference 2015 in Abu Dhabi.

However, he said, this has changed completely with the move to employees using their own consumer devices to access enterprise services, systems and data.

“This leads to a much bigger attack surface, which we try to address by piling up security technology on security technology. In turn, this has led to a terribly over-loaded enterprise technology stack that is very brittle and bound to fail,” said Kandek.

He believes the way around the current “calamitous situation” is to move to a world where security is enabled by security agents in virtual datacentres, endpoints and apps that will be adapted and optimised for these environments. 

“Think of these embedded security agents as the white blood cells in our bodies – they know about intruders and they detect and try to isolate threats,” he said.

“But unlike white blood cells, they communicate security and monitoring data to the cloud where systems are capable of joining all this data together and giving security professionals additional information, such as whether the infection is localised or part of a much bigger cyber attack.”

In this way, said Kandek, cloud computing can be applied to information security to ensure that security professionals respond quickly and in the most effective and appropriate way to security incidents.

“To achieve this capability, we need to move aggressively away from traditional enterprise systems and move things into the cloud,” he said.

Architecture of the future

According to Kandek, large companies have a bigger challenge in this regard because they have invested heavily in legacy technologies and training, but if large companies make the transition now, they will be able to benefit.

“There will be the business advantage of being able to move faster and transact worldwide, as well as the security advantage of being ahead of the rest,” he said.

But companies that delay the move to the cloud, said Kandek, will probably not get these advantages and will consequently be unable to compete with those who have made the move.

Smaller companies are less invested in legacies and are more nimble as a result, he said, and should move at least some parts of their infrastructure to the cloud, such as email or other services that are really well-defined.

According to Kandek, if companies have not done so already, 2015 is the year they should be moving to the cloud, which is a core component of the architecture of the future that is capable of delivering better security, as well as cost savings and agility for the business.

“Cloud computing has reached a critical mass and can now run any type of enterprise application in a more economically, faster, secure way that also has global reach,” he said.

Read more about cloud as a security enabler

Read more on Privacy and data protection

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

I like the approach that "security is enabled by security agents in virtual datacentres."

We know that the cloud architecture is based on sharing infrastructure resources and I find it concerning that researchers recently found similar issues that six years ago
where demonstrated by Ristenpart about concrete evidence for sensitive information
leakage on a commercial cloud. A 2015 research paper presents a full-fledged attack that exploits leakages of decryption keys and concluded that the cross-VM leakage is present in public clouds and can become a practical attack vector for both co-location detection and data theft.

When will the next cloud vulnerability in this area be discovered?

I agree with Gartner when recommending to "understand when data appears in clear text, where keys are made available and stored, and who has access to the keys," and
recommending to "apply encryption or tokenization."

I think that encryption keys for sensitive data should not be exposed in the cloud


Ulf Mattsson, CTO Protegrity