SAN FRANCISCO — RSA CONFERENCE 2013 — Public cloud services could have better security than the vast majority of corporate on-premise networks, but today’s tools fail to provide needed protections, and providers and security firms fall short of the cooperation necessary to build security into the cloud.
Companies need to improve the performance of security tools that run in the cloud, add multitenancy, and make the management of cloud infrastructure easier, David Apsrey, vice president of cloud security for Trend Micro, told attendees during the Cloud Security Alliance (CSA) Summit, which took place the day before the start of the RSA Conference. Cloud service providers need to give security higher priority in their businesses, while security companies need to provide tools that are created to thrive in highly virtualized environments, he said.
“It’s time to rethink cloud security tools and technology so it works better with cloud service providers,” Asprey said. “If we hit this right, then the cloud providers and the security providers work together and create a much better security feedback loop.”
More than half of all respondents in a recent Trend Micro survey listed security as the reason they felt hesitant about moving to the cloud. No wonder: While some cloud providers accept shared responsibility for data in the cloud, the customer ended up with the actual responsibility, Asprey said.