Industry Guide to Cloud Workload Security in Asia-Pacific

The trend of moving data storage to the cloud continued in 2019 due to the need for digital transformation among businesses. With cloud technology, businesses can shorten the time-to-market in developing products and services, optimize infrastructure, streamline and simplify processes, and thus enable overall cost reduction. The awareness of cloud security has significantly improved among businesses, largely driven by industry regulations and in-country cybersecurity laws. Many businesses state that security and privacy are their biggest concerns when moving to the cloud. However, misconceptions about cloud security remain, particularly regarding cloud application and cloud workload security; this leads to the misuse of cloud security protection strategies. Additionally, many businesses lack clarity about the responsibility of data security between cloud service providers and the businesses themselves. Due to the ineffectiveness of legacy security solutions (e.g., endpoint security, firewalls, application security), it is vital for businesses to have visibility in the cloud environment and fully understand what, where, and how to protect workloads. Requirements for containers, containerized applications, and serverless workload protection are soaring due to the increased adoption of public cloud and multi-cloud models. Cloud workload protection (CWP) is increasingly integrated with other cloud security management tools, such as vulnerability assessment, security information and event management, security analytics, and log management, to have the full capabilities of risk management for cloud workloads. CWP solutions are also integrating with other cloud security solutions, such as software-defined and virtual firewalls, cloud identity access management (IAM), cloud access security broker (CASB) for data security, advanced endpoint detection and response for server workload threat detection and response, and malware protection. These solutions will be increasingly integrated with artificial intelligence and machine learning to drive the automation and orchestration of threat detection and response with minimal or no manual intervention. Mergers and acquisitions (M&A) continue to take place among security companies. Traditional security companies will use this as one of effective strategies to strengthen their product portfolios for cloud protection. Companies mentioned in this Asia-Pacific Cloud Workload Security Industry Guide include Amazon Web Services, Google Cloud, IBM Cloud, Microsoft Azure, Oracle, VMware, Cisco Systems, Check Point Software Technologies, Palo Alto Networks, McAfee, Symantec, Trend Micro, VMware Carbon Black, and CrowdStrike. Author: Kenny Yeo