CNAPPs: The Business Case For Automating Cloud Security

Solutions Review’s Expert Insights Series is a collection of contributed articles written by industry experts in enterprise software categories. Shai Morag of Ermetic presents an overview of CNAPPs, as he makes the case for automating enterprise cloud security.

Security professionals agree that protecting cloud-based systems is more challenging and costly than keeping on-premises environments safe. According to one report, more than three-quarters of organizations are utilizing two or more cloud providers, which means increased complexity, security risk, and opportunities for errors.

This is where automation can help. Automated cloud security tools can detect risks and threats more accurately and quickly, remediate them in a fraction of the time, perform the analysis needed for regulatory compliance, and improve defenses against future attacks. They can easily prove their return on investment to any organization willing to do the homework to understand how they work and their advantages.

CNAPPs: The Case For Automating Cloud Security

The stakes for these capabilities are sizable: The toll of cybersecurity attacks hit a record high in 2022, $4.35 million on average per incident, according to the annual Cost of a Data Breach 2022 survey. And that’s just lost business and remediation costs; the figure doesn’t add up the lingering damage to the organization’s reputation and future efforts. One study found even the stock of public companies took a hit after a breach.

Running applications in public clouds ups the risk and the potential damage of a breach. The same study found the toll of a data breach is higher for an organization that relies on a public cloud infrastructure, $5.02 million on average. Cloud services greatly enlarge the attack surface available to hackers.

With the stakes so high, organizations should have a sense of urgency and prioritize cloud security, but many fall short in practice. Security teams remain understaffed due to the ongoing talent shortage in cybersecurity, and the staffers are overworked, wasting time chasing after security alerts and running manual remediation of those threats that get spotted, unable to set priorities, or even spare the time to deploy the tools they do have. This leaves frustrating security gaps, unpatched vulnerabilities, and “tool sprawl” with unused or inactive products.

Since many organizations lack a unified view of cloud security, they are unable to prioritize risk. This problem is compounded by the fact that the average enterprise lacks the security, developer, and DevOps resources to remediate vulnerabilities. Prioritization capabilities can help shore up the workforce shortage that is rampant throughout the industry.

During the height of the pandemic pivot, Gartner coined the term cloud native application protection platforms (CNAPP) to describe solutions that address this issue. CNAPPs target the flaws in the ad-hoc “lift and shift” approach many organizations have used to address cloud security by cobbling together single-purpose tools—and the security gaps they leave behind. They use an integrated approach that aims to provide a holistic view of risk and compliance across the cloud infrastructure.

Automation is a central enabler of this approach. CNAPPs can improve the speed of detecting risks and threats, prioritize and automate their remediation, and by doing so, minimizes risks and eliminates time spent chasing alerts. New tools are leveraging machine learning and artificial intelligence to thwart bad actors by performing behavioral analysis in real-time. Automation can also enable least-privilege access and manage just-in-time privileges that improve the security posture by handling the policy governance necessary with minimal burden to the staff.

The return on investment is measurable, a big plus when it comes to explaining its value to the C-suite and gaining buy-in from stakeholders. Evaluations by organizations such as Forrester and Gartner, analyzing cloud security platforms from a number of vendors, have found the return on investment can be significant.

A few relevant key performance indicators can highlight the benefits of these investments:

• SecOps efficiency: The real-time monitoring and guided remediation offered by CNAPP solutions give security operations staff the kind of visibility they need to execute a fast and effective response. Consolidating all cloud security insights in one place and automating reporting makes the security analysts’ work much easier and frees them to act more proactively to configure and enforce policies to protect against threats.
• DevOps productivity: “Shift-left” principles that integrate secure configurations into the software development and deployment process are a popular concept, and automation can enable this practice. By automatically scanning for and mitigating common software vulnerabilities and misconfigurations in code, CNAPP can eliminate time-consuming manual work, accelerate the development of new cloud-native applications and enable a DevSecOps approach to software development.
• Risk reduction: Of course, preventing hacks and data breaches is the main concern of cybersecurity. When more than $2.7 billion in regulatory fines were imposed in 2022 for the top data breaches, avoiding a cyber-attack can save an organization a lot of money. CNAPP also allows for more flexibility and scaling of security efforts as workloads increase, and easily integrates other tools such as security information and event management (SIEM) and security orchestration, automation, and response (SOAR) solutions.
• Compliance productivity: The improved visibility and single source of information provided by CNAPP boosts the efficiency of compliance efforts. Audits can be performed more efficiently; reports can be produced faster and management streamlined. One Forrester study found the time spent on compliance could be reduced by 50 percent over a three-year period.

The dynamic nature of the cloud, which includes the frequent spinning up and taking down of infrastructure, increases the scale and complexity of managing security configurations and policies. While most organizations recognize the business benefits that cloud platforms provide when it comes to automating IT operations, many still lag behind in accepting the cost and time savings afforded by security automation platforms. The emergence of CNAPPs, which enable defenders to operate with the same agility and efficiency that all business units are expected to demonstrate, is making the business case for investing in cloud security automation.