Intelligent CIO caught up with Tarek Abbas, Systems Engineering Director, Emerging Markets at Palo Alto Networks to gain insight into what CIOs need to prioritise when it comes to securing the cloud.
Q: What is the focus of Palo Alto’s participation in GITEX this year?
A: GITEX is an annual returning event for us and we participate regularly in GITEX as a company. We began by focusing on our core business which traditionally was the security market. We have now evolved our offering and moved more towards the service providers side and eventually to focus on cloud security as well.
Q: What do you think is driving the increased uptake of cloud in the region?
A: We conducted a survey last year which found that roughly half the customers are using cloud. I think the move is driven by application architecture, mainly.
A lot of the applications in the market are turning more and more cloud-based. It’s driving the culture, it’s driving the natural progression for that. I think also the market is growing quickly. I think that the lack of qualified security personnel in many areas across the region drives more and more problems in production because you offload a lot of your operations through the cloud provider. But again at the same time, and this is something that we speak about, security needs a special consideration if you start uploading your application in the cloud.
Q: Did Palo Alto’s cloud security survey reveal any UAE-specific challenges?
A: The findings for the survey were roughly in line with findings for the global market. We also found that that two thirds of the CIOs we spoke with believe that cloud security is important for them. However, more interestingly, around a third of the CIOs were not sure how secure the cloud infrastructure is. They’re using it, but again, they weren’t able to speak with confidence about the level of security that the cloud providers have in place to protect their data.
Q: What considerations do CIOs need to be making when it comes to securing the cloud?
A: First of all, CIOs need to understand that the security of the cloud deployment is a show of responsibility between them and their provider. Cloud providers usually secure infrastructure based on some security measures for the application, but then end user CIOs need to complement that with their own security set up or their own solutions to make sure that they have a consistent policy across different areas of the network, including the cloud.
The other recommendation that we think CIOs need to consider, whenever they start applying a new service they need to start pulling the cloud apart. They need to understand that even if they’re not moving to the cloud today they need to consider the cloud infrastructure they will eventually invest in. They need to be very smart on the investment decisions that they make that allows a proper transition of model.
The final thing which I think is the most important is security. In many places security breaches, one way or another, are often humanised. If you look at many surveys, often a breach is due to human error. The market will never keep up with the pace from the sense of being qualified. I think the hackers are getting smarter and state-sponsored in many cases. They have endless computer power at their disposal. You cannot keep up just by having one of their personnel. You need to become automated.
Click below to share this article