Cloud Native ComputingDevSecOpsFeaturedPredictionsSecurity

In 2022, There Will Be More Sophisticated Attacks On Cloud Infrastructure | Brendan Hannigan


Guest: Brendan Hannigan (LinkedIn)
Company: Sonrai Security (Twitter)
Show: 2022 Prediction Series

Brendan Hannigan, CEO and Co-Founder of Sonrai Security, believes that cloud will continue to grow unabated in 2022 as well, which will also bring unique challenges for organizations. The most important prediction he made was around security where he believes that more and more companies will realize that identity (both non-people and machine) is foundational for governance and security of public cloud. He also believes that there will be a rise in attacks where bad actors will become more sophisticated as they target cloud infrastructure of organizations. Check out the video above to know more.


Swapnil Bhartiya: Hi, this is your host, Swapnil Bhartiya, and welcome to our 2022 predictions series. And today we have with us Brendan Hannigan, CEO and Co-Founder of Sonrai Security. Brendan, it’s great to have you on the show.

Brendan Hannigan: Really nice to talk to you again, Swapnil.

Swapnil Bhartiya: Happy New Year. And we are going to ask you to pick up your crystal ball and share your predictions for this year. Before we go there, let’s just do a quick recap about the company. What do your folks do?

Brendan Hannigan: We help companies secure their public cloud environments. And so public clouds are their usage of AWS, Azure, Google Cloud, Oracle Cloud. For example, we gather data from those clouds. We graph everything which we see, in order to find risks, automatically eliminate those risks, continuously monitor to make sure they never come back. And we do it in a way which involves security teams, the cloud teams, and the development teams as well, Swapnil.

Swapnil Bhartiya: Now it’s time for you to pick up your crystal ball and share with us your predictions for this year.

Brendan Hannigan: Well, one of the predictions, it’s sort of easy, isn’t it? Is that cloud itself will continue to grow unabated. We’ve seen it transform and involve more spending than traditional data centers. But one thing that becomes very real as we go into this year is clearly, there was a time when it was very dominated by AWS. And over the last couple of years, and as we go into this year, wow, has Microsoft really jumped in with Azure.

And then, even this past 12 to 18 months, we’ve seen a lot of GCP and which is, of course, Google cloud as well, Swapnil. I think there’s going to be a lot of competition, a lot of multi-cloud and just continued growth in it. I like to say though, Swapnil, there’s nothing new really about this cloud and cloud growth. How did governance secure it though? Boy is that still nascent. Companies are still trying to figure out the model for that.

A second one, by the way, as we go into the year, a second thought is that attackers, typically hackers, typically go after easy targets. For example, going after hospitals and figuring out how to encrypt their IT real estate in order to do ransom and things like that.

I will tell you, going forward, the hackers go where the action is. And as more and more infrastructure goes into the cloud, you’re going to see the attackers get really, really sophisticated about what’s happening under the covers of the cloud. We’ve seen some of that, but not to the extent that it will start happening in 2022. This is really important because the infrastructure under the covers of cloud, it’s new, it’s different. How we secure it is different.

As the attackers begin to understand the uniquenesses of identity models, the uniquenesses of microservices applications and the unique opportunities to get lateral movement across clouds, I think that will be a game changer for how it is we approach governing and securing that cloud.

Which gets us into a third prediction. Obviously, we’ve been a pusher of this for a long time. Companies will realize identity and understanding identity, including non-people identities and machine identities, is foundational for governance and security of public cloud, Swapnil. There’s just no other way to do it. Because of microservices applications rely upon the framework of identity to communicate and build those applications, securing that is critical.

There’s two related things. As attackers figure out their way through this identity model, we have to respond with incredible governance and removement of risk on this thing. And then one last couple of thoughts is the traditional vendors. Think about security in general, Swapnil. There’s, whatever, 1,000 vendors, if you go to one of these industry conferences. About 975 of them are really focused on traditional data center and enterprise network and normal company environments.

They’re very superficial with cloud. Well, and they’re going to start feeling very much like dinosaurs as we go into 2022, 2023. Very much like dinosaurs. Without the cloud native ability to actually adjust for this future because of the last challenge I would have, which would be an ongoing prediction and challenge. Which is skills, skills, skills.

How do we help our CISOs get more knowledgeable about that cloud? How do we help our cloud teams get more knowledgeable about the needs of enterprise security? And how, in general, do we get more skilled people in terms of the underpinnings of cloud? That’s going to be really important for us. It’s going to be painful this year as people realize and continuously get impacted by limited cloud skills and particular cloud security skills.

Swapnil Bhartiya: Thank you for sharing these three predictions with us. If I ask you, what is going to be the focus of the company this year?

Brendan Hannigan: The focus actually, for our company is helping our customers transform their security operations to be suitable for cloud. We develop this amazing platform, Swapnil. But we need our customers and want our customers to use that to transform their security operations. That’s from a technology perspective, tons of things which we’re adding into our platform.

And then as a company itself, we’ve had an amazing year. We grew revenue over 300%. We scaled our business dramatically in 2021. And this year we are already expanding into Europe and expanding into Asia. We’ve got an amazing new investor to help us do that. So that’ll be our focus for 2022.

Swapnil Bhartiya: Brilliant. Thank you so much for taking time out today. And of course, talk about the company and share those insights or predictions for this year. I would love to have you back on the show at the end of this year to get a next set of predictions for 2023. And also, to see how many of your productions turn out to be true, but thanks for your time today. I really appreciate that.

Brendan Hannigan: Thank You, Swapnil. It’s always a great pleasure.