The argument of public cloud vs private is one that has been hotly debated in recent years with each having their own drawbacks and benefits. Hadi Jaafarawi, Managing Director, Qualys Middle East, speaks to InBusiness.ae about the trends taking place in the cloud security industry.
Cloud security has come a long way in recent years. How do you explain this rapid growth?
Cloud security has indeed come a long way – more companies than ever before are choosing public or hybrid cloud for their IT, while new software deployment strategies are also becoming popular. This is because companies are increasingly realising that such approaches are helping IT to implement services for the business faster, reduce costs and scale up their applications based on demand.
What challenges are currently affecting the industry?
Gaining visibility to secure digital assets is one of the biggest challenges that Chief Information Security Officers (CISOs) face today. As enterprises race towards digital transformation, CISOs must redefine their role on the digital business team. By enabling infrastructure agility and visibility, they can create business value and become a trusted partner. CISO need to build security into accelerated technology implementations while maintaining continuous risk reduction for today’s hyperconnected business.
How do you expect it to evolve in the next few years?
Cloud Security must move towards ‘Transparent Orchestration’ – this means simplifying security by eliminating friction and making it as intuitive and automated as possible for end users. Implementation of a common IT language and automated asset management system helps create a foundation of transparency, thereby allowing enterprises to leverage existing cyber security tools and programs.
A major benefit of security automation and orchestration is the ability to aggregate and consolidate a variety of information from multiple sources in a single console. That way, customers can easily see their security and compliance posture at a glance in one place.
With all the security and compliance information at their fingertips, and with the ability to drill down into details on an ad hoc basis from a central console, customers can make better and faster decisions to protect their IT environments.
How is Qualys helping customers in this region to comply with GDPR?
For GDPR compliance, organizations need full visibility into all hardware and software involved in processing, transmission, analysis and storage of EU residents’ personal data, so that they can protect and account for it according to regulation requirements. Qualys Asset Inventory, accomplishes this task and provides businesses with an expansive view where they can have complete visibility of their IT environment, and also where their customers’ data is stored which can then help in sharpening, for example, sales strategies and marketing campaigns.
Qualys has also announced a new functionality in its Security Assessment Questionnaire (SAQ) Cloud App. These new out-of-the-box templates and dashboard enable rapid and cost-effective cloud-based assessments for businesses to help quickly identify and address internal and external GDPR compliance posture.