Cloud Incident Response Blog | Cado Security

Top 3 Insights From Gartner Security & Risk Management Summit and New Research You Need to See

Written by jbowen@cadosecurity.com | Jun 8, 2023 3:33:53 PM

The skies were hazy in DC this week - but the cloud investigation market is clearing up!

Now defined as Cloud Investigation and Response Automation (CIRA), we are thrilled that Gartner has validated our growing market with a new Emerging Tech report.

It’s been quite a week! As always, the Gartner Security and Risk Management Summit brought together a great audience of analysts, senior cyber leaders, and vendors - their largest show yet with over 4300 attendees. Here are my top highlights:

1. New Research!

Gartner published “Emerging Tech: Security - Cloud Investigation and Response Automation Offers Transformation Opportunities”. Cado Security is mentioned throughout the report as a leader focused on delivering cloud investigation and incident response automation.

We’ve certainly seen increased demand for cloud forensics, data acquisition, and cross-cloud incident response capabilities. As the first solution to this market, we’ve been building CIRA for the last 3 years during which time, the market has matured. Modern incidents are expanding to the cloud which is driving the growth of cloud-native incident response solutions.

We’re thrilled that Gartner is recognizing the development and growth of our market. 

2. Cloud Trends

  • Growth of xSPMs. It seems everything needs security posture management. We’ve seen over the last few years, Cloud Security Posture Management (CSPM) has become a commodity. What's interesting is what comes next. As Neil MacDonald mentioned, we’ll see a “DR” (detection & response) for every “SPM” - that’s because we all know that prevention isn’t enough.
  • Multi-cloud and cross-cloud capabilities are the new standard. I thought it was great when Jay Heiser asked the audience “Who in here is in the cloud?” and before letting anyone raise their hand he said “Oh nevermind - everyone is. We’re all hybrid cloud.” It seems the conversation has shifted from “when are you moving to cloud” to “which clouds do you use?”
  • There seems to be a continued discussion on the shared responsibility model. It’s an important discussion to have, and critical for everyone to know their roles in security. But, at the end of the day, data always falls to the responsibility of the organization. When/if an incident occurs, you want to make sure that you have security solutions that enable access to data (before it’s wiped away) and response capabilities.

3. Hope of AI

I saw a demo of MSFTs Co-pilot. The Microsoft security platform is deep - and how they’re using AI to enable natural language investigations is nothing short of awesome. I also really appreciate their honesty about the imperfections of AI. There were a lot of chuckles in the audience when “WIndows 9” popped up mid-demo. To give credit to the team building this - they included that on purpose to highlight how easy it is to provide feedback that gets baked into the models going forward.

I’m so encouraged and excited about the use of AI in security. Honorable mention - I also heard the ChatGPT session was also good, but I didn’t make it to that one so can’t speak to it first-hand.

The Gartner Security and Risk Management Summit in DC this week delivered thought-provoking content, quality facetime with the smartest analysts covering cyber, and customer conversations and networking. I hadn’t been to this conference in a few years and I’m so glad I made the time this week to attend. 

Please contact us or request a demo if you want to learn more about Cloud Investigation and Response Automation (CIRA) and/or how Cado can expedite your cloud investigations.