SecOps, DevOps and CloudOps need to work in tandem to achieve cyber resilience
CLOUDSEC 2020, one of the industry’s biggest cybersecurity events hosted by Trend Micro Incorporated (TYO: 4704; TSE:4704), attracted more than 100 business and technology leaders from industry-defining companies speaking at the virtual event this year. At the exhilarating three-day event, the panelists and experts emphasized on how a fine balance between SecOps, DevOps and CloudOps should be met, for organizations to achieve success in their digital transformation journey. A model, where CloudOps and SecOps teams can talk about doing touchless or SOC-less security, that is automation all the way through the workflow. Where, DevOps and CloudOps teams can share dashboards and talk a lot about vulnerabilities. Also, where SecOps and DevOps teams can discuss full shift left with no code releases etc.
They broached on important aspects, such as what they consider to be the biggest barrier to successful cloud migration among organizations – which is, while working with the DevOps function, the question that usually arises is – How come I have to learn about security as DevOps, but security doesn’t have to learn about DevOps? Automation was a hot and trending topic, with two very big in different forms of automation currently underway in security operations. The first one being Automation/ Security-as-Code (SaC) for SOC, which is about focusing on the alert problem. This is a very important form of automation, however, it’s not the automation that drives a successful cloud migration use case. That can be achieved through a different automation – Automation/ SaC for DevOps. The difference is that this automation is targeted at cloud security deployment, configuration and DevOps workflow, and not security operation workflow and operations.
At the sidelines of the event, Trend Micro also highlighted the tremendous growth they have achieved in India in the last two years, especially in its cloud and endpoint security business. The company has increased its team size to address the cloud requirements and has launched Trend Micro Cloud One – Network Security this year, that delivers simple and comprehensive protection of virtual private clouds at scale to support compliance requirements, with zero disruption to applications or traffic. The company will also launch its local XDR data lake next month in India, available for key partners and SOC solution providers. Trend Micro will continue to have a razor-sharp focus on banking, manufacturing and government sectors as the major segments for the coming year.
Nilesh Jain, Vice President, Southeast Asia and India, Trend Micro said, “India is a growing and an important market for us. As the cybersecurity industry and the technology landscape evolves, we see ourselves transitioning to become a DevOps company, emphasising more on product development to drive growth. With digitalisation and the ongoing pandemic, Indian enterprises are rapidly moving to cloud and adopting next generation technologies and SaaS based solutions. There is a growing concern on data sovereignty issues, and at Trend Micro we consider this as a big priority and hence have decided to invest in our local data lake for majority of our critical projects like XDR, Apex One and Cloud App Security solutions. We opine that enterprises will increasingly choose solutions from vendors who give them assurance on their confidential data not leaving geographical boundaries of the country. Also, globally we will be launching file storage security for cloud, which is a first-of-its-kind and unique offering that is going to address the requirements of customers.”
Sharing his advice for CIOs and CISOs on choosing the right security solution and safeguarding their journey to the cloud, he further added, “Analyzing technologies which provide proactive protection and detection with cross-generational technology to prevent cyberattacks should be a priority. It is also important to invest in technology with minimum of five years value in mind, for it to be effective. Being the organizations’ security gatekeepers, they need to identify a vendor who provides best-in-class solutions in all categories with the ability to integrate and work together, without compromising on the functionalities and security posture. This is where XDR comes into the picture.”
With respect to the growth of its channel and partner ecosystem, Trend Micro is investing heavily in building a strong service and cloud delivery team in India, considering the tight integration with AWS and Microsoft Azure. The company is enabling and recruiting partners with the skillsets of doing API, SOC/SOAR integration, incident response services, coding and programming and those who understand security analytics. This team will also be responsible for developing partner ecosystem not only in India but also in APAC and bigger regions for Trend Micro.