New year, new cyberattacks? 2020 was a rollercoaster of a year, but what does 2021 have in store? We asked the cloud security experts at Aqua Security and Fugue for their predictions for 2021 and it looks like it’ll be another interesting year (hopefully more interesting and less “interesting”).
Here’s what they had to say about Kubernetes, the role of CISOs, DevOps, and more.
Kubernetes cyberattacks and the serverless takeover
Many of the predictions of cybersecurity and tech in 2021 revolves around the role of Kubernetes, which is an open-source container-orchestration system for automating computer application deployment, scaling, and management.
In 2021 we’re going to see the first major container runtime breach
The adoption of container technologies such as Kubernetes is far outpacing the general understanding of the role runtime configuration plays in the security of data. 2021 will be the year we’ll see the first significant data breach involving the exploitation of container runtime misconfiguration.
–Josh Stella, CEO of Fugue
Cyberattackers will set their sights on Kubernetes in 2021
In 2021, cyberattackers will bring greater focus to breaching Kubernetes deployments, and become more sophisticated in how they target Kubernetes environments. While some breaches in 2020 were related to unprotected Kubernetes clusters, for the most part the bad actors took advantage of some common security oversights. More sophisticated attacks have either not yet happened, or more likely, were not noticed. With Kubernetes in wider use, that won’t be the case in 2021.
— Research Team Nautilus, Aqua Security
Honey, I shrank the number of K8s distributions
The number of K8s distributions has been expanding in recent years, but will shrink in 2021 as more organizations gravitate to cloud-based Kubernetes offerings and consolidate platforms. Operations teams simply won’t be able to justify maintaining a large number of K8s distributions. We expect that companies that provide platforms for managing cloud native deployments over K8s will even stop maintaining their own K8s distributions.
— Amir Jerbi, CTO, Aqua Security
Serverless will overtake containers as the first choice in 2021
The buzz around Kubernetes will continue, but we’re going to see serverless become the first choice for new cloud-based applications in 2021. Whether you’re comparing on cost, simplicity, security, or agility, serverless architectures based on cloud services such as AWS Lambda or Azure Functions significantly out-perform container-based approaches in just about every greenfield use case. Serverless-first will become the first class citizen for cloud-native in 2021.
–Josh Stella, CEO of Fugue
Software supply chain attacks will be much more frequent in 2021
In 2020 attackers launched a large number of orchestrated attacks on the software supply chain, targeting build features on Docker Hub, Git Hub, Circle CI and others. They also showed their hand for 2021: their objectives will be more sinister than cryptocurrency mining (one of the most popular attack vectors to date), and the techniques they use will expand significantly (including image look-alikes, open source project takeovers and typo squatting).
— Research Team Nautilus, Aqua Security
New threats will target Infrastructure as Code
As DevOps moves more broadly to use Infrastructure as Code (IaC) to automate provisioning of cloud native platforms, it is only a matter of time before vulnerabilities in these processes are exploited. The use of many templates leaves an opening for attackers to embed deployment automation of their own components, which when executed may allow them to manipulate the cloud infrastructure of their attack targets.
— Amir Jerbi, CTO, Aqua Security
In 2021 many CISOs will make themselves irrelevant
Digital transformation is now a universal mandate across all industries and the movement is in full swing. CISOs that understand the role they play in a successful digital transformation effort, and why security transformation is essential to that effort, will find renewed success themselves. CISOs that fail to understand this and resist security transformation will find themselves largely irrelevant in the modern digital enterprise, relegated to simply managing employee education programs. The key to security transformation and renewed CISO relevance is a focus on empowering the organization to innovate faster than the competition, rather than a focus on being gatekeepers to innovation.
–Josh Stella, CEO of Fugue
Multi cloud becomes a reality while cloud providers look for ways to create platform loyalty
The “Big 3” cloud platform providers – Amazon, Microsoft, Google – are poised to put even more distance between themselves and all other competitors by extending into the on-prem datacenter and taking over the management plane and automation. At the same time, there will be greater tension between organizations trying to gain pricing leverage through a multi cloud strategy, and cloud providers introducing “sticky” added value features that create a degree of lock-in.
— Tsvi Korren, Field CTO, Aqua Security
Lift and shift gives way to modern era application development
Applications will continue to devolve and will start to be defined as an ad-hoc interaction of shared services, across different deployment schemes, including serverless functions. We will see more of these shared services that are utilized by many different applications at different times, resulting in a breakdown in areas of responsibility across development teams. Organizational structures will need to adopt new ways of ensuring reliability and security for these microservices running across a range of platforms.
— Tsvi Korren, Field CTO, Aqua Security
DevOps and DevSecOps will evolve into “platform teams” in many organizations
New “platform teams” will take the lead on enterprises’ strategy for what historically been within the purview of cloud operations, security, and development tooling functions, to provide a higher-level abstraction to application developers. This frees the developers to focus on the business application itself, with less concern about the underlying infrastructure often required by DevOps-oriented teams. One challenge here will be finding the talent able to take this broader architectural view.
— Liz Rice, VP Open Source Engineering, Aqua Security
Service mesh vendor consolidation will start in 2021
Many organizations have been early adopters of service mesh technologies to automate and standardize functionality that would otherwise have to be implemented in application code. While particularly helpful for things like setting up observability and secure connections between components, most would agree there are now too many solutions in use. Organizations will rationalize their service mesh implementations, choosing those that give them what they need, and perform well, with a minimum of complexity.
— Liz Rice, VP Open Source Engineering, Aqua Security
More cloud native IPOs/acquisitions, and even more startups
The cloud native market continues to heat up, with exit valuations climbing dramatically in terms of both acquisition and IPO prices. This will further fuel investments in the next generation of solutions providers, resulting in more well-funded companies — each with greater sums of money to put towards development and marketing. Discerning the wheat from the chaff will only get harder.
— Liz Rice, VP Open Source Engineering, Aqua Security
What do you think will be the biggest news in cloud security in 2021? Let us know in the comments below.
