Trends in Cloud Security: A Q&A with Sysdig Founder and CTO Loris Degioanni

In December 2021, Sysdig announced a $350 million Series G funding round led by Permira's growth equity strategy, valuing the company at $2.5 billion. This significant investment underscored the growing demand for cloud security solutions and Sysdig's position as a leader in this space, that continues to be even more relevant today.

The cloud has revolutionized the way businesses operate, offering unparalleled scalability, agility, and cost-effectiveness. However, with this shift comes the growing challenge of securing cloud environments. In this blog post, Principal Alex Melamud delves into the evolving landscape of cloud security with Loris Degioanni, Founder and CTO of Sysdig, a leader in unified container and cloud security.

Alex Melamud: Loris, thank you for carving out some time today to chat about what you are seeing across cloud security. Let’s start with your recent comments that cloud security is on track to become a $100 billion market. What makes you so confident in this prediction?

Loris Degioanni: The cloud has fundamentally changed the way we build and deploy applications. It's faster, more scalable, and more accessible than traditional on-premise solutions. As a result, organizations are increasingly moving their workloads to the cloud. However, even though 94% of companies across the globe are already cloud based, we’re still in the relatively early days of cloud adoption. This also means we are still in the early days of cloud security. At their peak, EDR and NextGen Firewalls were both $100 billion markets, and the cloud is on track to outpace both. Google considering the acquisition of a cloud security company for $23 billion and getting turned down only further reinforces this scale. The major players want to get into cloud security, and this shift has only highlighted the growing market demand for cloud-native security.

Alex Melamud: As cloud security transcends its early stages, what will be the next emerging trend?

Loris Degioanni: The first phase of cloud security has focused on hygiene and compliance, hardening cloud infrastructure by scanning for vulnerabilities like misconfigurations and locking the front door, so to speak. However, organizations developing applications in the cloud quickly realize that prevention alone is insufficient. Today, businesses are increasingly becoming concerned with real-time protection against unknown threats and malicious attacks. To continue to metaphor, attackers find windows, chimneys, convincing disguises, and other vulnerabilities through which to sneak regardless of how well security teams lock the front door. This is where Sysdig shines — it’s like a network of real-time security cameras for your cloud environment, always looking for intruders so it can alert you immediately.

Alex Melamud: Why do you think traditional security tools like NextGen Firewalls and EDR are not enough to protect the cloud environments?

Loris Degioanni:  The cloud presents significant challenges that traditional security tools were not designed to address. For example, whereas attacks on-premise occur over days and weeks, attacks in the cloud happen in 10 minutes or less. The cloud is fast, distributed, and constantly evolving — with new services and features emerging regularly — which makes it impossible for traditional tools to keep pace. Ultimately, they weren’t built for the speed of the cloud or to offer the granular visibility it requires to ensure that organizations remain secure. Additionally, the cloud's shared nature, where organizations rely on software supply chains, collaborate, and exchange resources with other companies across environments, complicates isolating and protecting individual data, assets, and applications.  

Alex Melamud: Let’s talk about the growing threat of AI-powered attacks. How worried should enterprises be?

Loris Degioanni: Cloud and AI have converged to create a level of automation not seen before. This has empowered threat actors to launch sophisticated attacks that can be deployed at a rate we couldn’t fathom five years ago, and the sophistication continues to increase. They are difficult to detect and all but impossible to entirely prevent. For example, attackers can use AI to steal cloud credentials and access sensitive data. They can also use AI to exploit vulnerabilities within the AI models themselves. 

AI also bolsters threat actors in less sophisticated and equally concerning ways, like scaling and refining phishing operations. In years past, spotting the intermittent phishing email from someone who lacked language proficiency might have been relatively easy. With AI, not only can those attackers automate their email sends to a greater scale, but they can also use generative AI to write more convincing, fluent messages in whichever languages they choose. For every task that AI simplifies and for every creative AI use case the average person dreams up, there are equally as many ways for threat actors to exploit the technology. 

Alex Melamud: What should CISOs be paying attention to most right now?

Loris Degioanni: CISOs and their organizations need to think a few years down the road. Day one, organizations tend to focus on posture management and compliance, but as their cloud adoption matures, they need to purchase tools that help them during the next phase of cloud security — threat detection, investigation, and response. Everyone is tired of the agent/agentless debate, but the reality is, in the cloud, you need both and there are solutions out there that have good agentless cloud security solutions, but their agents are very immature. They will take years to improve. Without a strong agent, you lack the real-time visibility to make game-time decisions when they matter most. Day one with many of these tools is great, but by day seven, there are so many alerts that you have no idea if someone is actually in your system. 

Alex Melamud: Thank you for your insights, Loris. It is definitely an exciting time for Sysdig and we are thrilled to support you and the team as you navigate and lead the way in the cloud security landscape.