Cisco Acquires CloudLock Validating Demand for CASB Security Solutions

Cloud Access Security Brokers, aka CASBs, provide security and visibility for companies moving to the cloud. They logically or physically sit between the customer and whichever cloud services it uses. Martin Zinaich, information security officer for the city of Tampa, summarizes their function and purpose: "Cloud access security brokers are on-premises, or cloud-based security policy enforcement points, placed between cloud service consumers and cloud service providers to combine and interject enterprise security policies as the cloud-based resources are accessed. CASBs consolidate multiple types of security policy enforcement. They increasingly support the control of enterprise social networking use, and popular infrastructure as a service (IaaS) and platform as a service (PaaS) providers." This, Zinaich added, "is a smart play for Cisco." Cisco's move confirms that the security industry considers CASBs to be the way forward in cloud security. Last year Microsoft bought Adallom and turned it into its Cloud Application Security service launched in April 2016.  The emergence of CASBs has been recent and rapid. Bill Burns, CISO at Informatica, has been involved in two recent studies on CASBs in 2014 and 2015. "One of the surprises in the first study," he said in a recent interview "was that CASBs were a relatively unknown technology, but the problem they addressed one of the most worrisome areas that needed to be addressed. This year’s results showed much more awareness for the CASB solutions." Can CASB products truly strengthen cloud security? Send your comments to the Cloud and Cyber Security Center.