Chapter 10. Security in the Future

The pace of innovation in the IT sector is continually increasing. With the shift from IT as a cost center to IT as a source of competitive advantage, although the principles of IT security have not fundamentally changed, the expectations from the business demand a revolution in approach. By adopting cloud native tooling as part of your security estate, you benefit from the rapid innovation of the cloud service providers, which keeps pace with how cloud adoption is changing over time.

As cloud service provider solutions are most often offered as managed services, their adoption also lowers the total cost of ownership (TCO) of your security tool chain. Through a low-TCO approach, you unlock the ability to invest time and money in higher-order initiatives, which enables a superior security posture. For example, running a self-hosted patching service requires maintenance, ongoing server costs, and recovery. By using the cloud vendor’s solution, you reduce the human effort required and are provided with a contractually backed service-level agreement.

This book has shown, throughout the recipes, that you can solve the same set of security problems across each cloud. Sometimes the components of the solution look similar, such as with patching, and sometimes they look radically different, such as with preventing privilege escalation. In real terms, being fluent across two clouds is not twice as hard as being fluent in one, but it’s not far removed. ...