17 Jun 2020 3 min read

Cyber security under the cloud

By Aude Martin

The sudden switch to remote working has made cloud-based services central to corporate resilience planning, but poses security challenges that specialist providers are rising to meet.

 

supercell-storm-1140.jpg

“We’ve seen two years’ worth of digital transformation in two months,” said Microsoft chief executive Satya Nadella in April after the company saw a 39% surge in its overall cloud operations during the first quarter of 2020.

Since the beginning of the pandemic and associated lockdowns, a large portion of the global population has been working from home, accelerating the adoption of cloud computing. Companies have had to ensure their operational resiliency, so they have increased their investment in working-from-home technologies to enable the transition. The cloud’s scalability has also driven its use, as it can maintain performance under either growing or diminishing demand.

Head in the cloud

Yet as recently as 2010, a survey by Mimecast found that 46% of respondents that had considered cloud-based applications had identified security as their main reason for not switching to the cloud. There are certainly numerous threats to cloud-based systems: data breaches, malware injections, compliance breaches, and distributed denial of service (DDoS) attacks to name just a few.

Thankfully, though, the cyber security industry is keeping pace with these threats and developing solutions that can help companies make the vitally important move to the cloud without fearing for the integrity of their data or systems. Cloud security now encompasses a wide array of solutions: detection, response, prevention, and recovery.

Alongside protecting their cloud, companies must defend the devices through which their employees access it – particularly now so many of us are working remotely. Endpoint and network security therefore go hand in hand with cloud protection, as do internet and web-filtering for controlling access to cloud-based applications and threat detection. Finally, access management and identification – including biometrics – are emerging fields that will support more flexible working arrangements.

Through all these technologies, companies are improving and adapting the ways that they secure their networks and platforms. Enterprises can no longer rely solely on hardware security solutions based in their office building when their employees are working from thousands of different locations, so the combination of hardware and software cyber protection is becoming essential.

Clouds with secure linings

Specialist providers are helping companies in these endeavours. For example, Qualys* and Mimecast* both derive 100% of their revenues from cloud security. We will find out in the months ahead the full effect the sudden and mass transition to remote working has had on their businesses, but even before the pandemic they were enjoying strong growth.

Revenues at Qualys increased at a compound annual growth rate of 18% from 2016 to 2019, with a 24% growth in cloud agents sold in the first quarter of this year compared with the fourth quarter of 2019. Mimecast experienced a 24% year-on-year increase in total revenues from March 2019 to March 2020, and added 3,700 net new customers for its fiscal year ending in March 2020.

Others, meanwhile, are entering the cloud security market as they expect it to keep growing in the coming years: Zscaler* with integrated cloud-based security services, Atos* with identification and access management, Palo Alto* with secure access and remote networks, and many more.

In the future, many of us could continue to work from home as it saves both employees and employers money, can increase productivity, and can improve the work/life balance. This means we will rely on remote devices a lot more, making protecting them an absolute corporate priority. Cloud-based storage and applications can help in this regard, but create new challenges. We believe the cyber security companies at the forefront of these trends will be indispensable in this new environment.

 

 

*For illustrative purposes only. Reference to a particular security is on a historic basis and does not mean that the security is currently held or will be held within an LGIM portfolio. The above information does not constitute a recommendation to buy or sell any security.

Aude Martin

ETF Investment Specialist

Aude joined L&G ETF in July 2019 as a cross-asset ETF Investment Specialist. Prior to that, Aude worked as a delta one trader at Goldman Sachs and within the structured-products sales teams at HSBC and Credit Agricole CIB. As an investment specialist, she contributes towards the design of investment strategies and actively supports the ETF distribution and marketing efforts. She graduated from EDHEC Business School in 2016 with an MSc in Financial Markets.

Aude Martin