Notes On Cloud Security: An Interview With Krishna Narayanaswamy, Chief Data Scientist At Netskope

Cloud Computing Today recently spoke to Krishna Narayanaswamy, Chief Data Scientist at Netskope, about the company’s positioning in the cloud security space in addition to his predictions for the cloud security landscape in 2015. Part of the impetus for the conversation was to understand how cloud security involves more than the monitoring of real-time system and application behavior that suggests fraudulent or abnormal activity by implementing proactive actions based on predictive analytics and machine learning. Krishna responded by elaborating on Netskope’s ability to develop security policies in conjunction with its analytics as well as the BYOD phenomenon and its attendant challenges for cloud security. As for cloud security predictions for 2015, Krishna noted an expected increase in data breaches, the use of cloud apps as a vector for the spread of malware and the way in which cloud security for apps sanctioned by enterprise IT policies will need to address the security of data at rest as well as data in motion.

1. Cloud Computing Today: How do you understand Netskope’s differentiation within the cloud security space?

K. Narayanaswamy (Netskope): The workforce of nearly every company today uses cloud apps, and as adoption has become common, it’s more likely that people will share sensitive business information via those apps. Our research shows that the average organization today has 613 cloud apps in use, 88 percent of which are not enterprise ready. Today’s companies not only need a way to discover the cloud apps that are used by their workforce — sanctioned or not — they need to be aware of the activities that happen within those apps, and set policies to prevent the activities that put confidential and sensitive information at risk.

Netskope is the only cloud app security and enablement company that offers real-time analysis and policy creation to prevent unwanted behavior, and the ability to monitor ALL cloud apps (not just those within IT’s purview). Secure cloud enablement is no longer a “one-size fits all” solution, and through Netskope’s Active Encryption, any user can tailor the creation of policies to fit their needs — large healthcare companies are going to focus more in HIPAA compliance than a music and entertainment company, for example.

2. Cloud Computing Today: What is the fundamental problem of cloud security as you see it from a business perspective?

K. Narayanaswamy (Netskope): Cloud apps are the norm in the workforce, with the vast majority being brought in by users unknown to IT, known as “shadow IT.” Today, IT grossly underestimates the number of cloud apps in use by their workforce, which presents significant data security and compliance risks. With the BYOD trend gaining momentum with no end in sight, more apps are guaranteed to make their way into organizations, and access corporate information than ever before, and CISOs are scrambling for a solution. The underlying problem with cloud app security has been that IT’s been forced to make a stark black and white decision — either block all cloud apps at the network perimeter, or let secure corporate data run rampant in unsanctioned cloud apps. Today, IT can can get the insights they need about usage, users, and activities done within apps to that they can promote secure usage. Rather than clamping down and blocking all apps, IT can embrace BYOD, rid negative connotation with the term “shadow IT,” and formulate security policies using a highly scalable approach that adapts to the cloud app economy.

3. Cloud Computing Today: What are your Cloud Security Predictions for 2015?

K. Narayanaswamy (Netskope): In 2015 we will see continued growth and adoption of cloud services in enterprises. The adoption will fall under IT sanctioned apps as well as lines of business driven procurement. The implications for security solutions are:

•Enterprise IT sanctioned cloud apps will be deployed in production only in conjunction with a suitable security solution to secure the enterprise sensitive data as it migrates to the cloud. The security solutions will cover both data at rest as well as data in motion to the cloud apps.
•Cloud security solutions will be deployed to monitor and safely enable the use of non IT sanctioned cloud applications
•We will see increased use of SSO technologies and MFA policies to access cloud applications
•Data breaches in cloud apps will start becoming prominent. App vulnerabilities will continue to be a major threat vector. Keep an eye for open source related vulnerabilities. Cloud apps rely heavily on open source components. Vulnerabilities in open source packages will imply threats to cloud apps if not addressed in a timely manner. Vulnerable cloud apps in turn lead to data breaches
•Malware – cloud apps will become a significant channel for distribution of malware. Existing URL filtering technologies do not adequately address this threat vector.
•Data driven security will become mainstream. Cloud security solutions will generate metadata that is used for detecting anomalous user behaviors and data theft.