I just returned from AWS re:Invent in Las Vegas and thought I would share my thoughts on the conference and, as you will see, and much to my excitement, security was a main topic in many ways.
As Andy Jassy pointed outlined in his keynote, AWS continues to have incredible momentum with greater than $18Billion revenue run rate growing at 42% year over year. Yes, that is billions with a B!! The trifecta of their strategy – customer satisfaction, feature velocity, and decreasing price over time – is certainly a formidable one which few can compete with.
Cloud Migrants Making Noise: The Year of Enterprise
While traditional enterprises have always had a presence, this year, it felt like they tipped the scales in their favor. There appeared to be fewer startups and fewer developers, while more enterprise companies who are in transition to the cloud. This was interesting to me and something to watch moving forward.
Security, Security, Security
One could not help but notice that security was front and center in every keynote (note: his keynote was not posted to YouTube at the time of this publishing stay tuned). Werner Vogels once again killed it and had some great advice around some key tenets of security moving forward when it comes to the cloud:
- Security comes before building the system
- Be prepared for when things go wrong because they will
- Everyone is a security engineer
AWS also added a new feature called “Guard Duty”, which is designed to allow you to identify threats in your AWS Cloud by analyzing select network flow traffic and DNS with some intelligence provided by 3rd parties.
The End of the Security Market As We Know It?
So, with all the momentum and with AWS talking so much about security, is this the end of the security market as we know it?
I believe there is partial truth in that statement but it’s the beginning of a new way to deliver security as we know it, certainly NOT the end of it. Security for the cloud needs to be delivered natively in the cloud, be easier to deploy and manage, be continuous, and provide deep visibility and learning over time. While it certainly needs to interoperate and integrate with platform features, that is simply only one piece.
During the show I spent quite a bit of time with attendees discussing security and where they are having struggles and need help, and while AWS is providing some great new features, they are only a piece of a large complex security puzzle. The people I talked to unanimously agree. Some of the reasons:
- AWS certainly dominates the market today but there will more heterogeneity over time. Customers want and need security that will straddle all services.
- A maniacal focus on security and threats across is critical. Yes, platform-specific features are important, but threats are Internet-wide. They often start in one place and move. Making security and threats your #1 sole priority makes a big difference. We have seen this, year after year, where other non-security platforms have not provided adequate security protection.
- I have spent a lot of time in Machine Learning and Expert Systems for security and I am a big fan of it. It is definitely a win and will increase in importance over time. That said, the pace of threats and sophistication of the criminal underground and operators dictates that subject matter experts remain a critical piece of the puzzle and intelligence and context are king.
So, my belief is that it’s not about AWS taking over security it’s about the cloud being an agent for change.
Lacework at AWS re:Invent
During the event we had dozens of customer and partner meetings and hundreds of great conversations at our booth. These conversations straddled information security professionals, C-Level executives at Fortune 500 companies, DevOps, and SecDevOps professionals.
We are big fans of minimizing marketing speak and maximizing demonstrable value by showing the product so we spent most of our time focussing on demonstrating our UI and platform for visitors to the booth.
Although there was a wide variety of conversations that I had, some themes were apparent:
- Visibility: How does one get the appropriate level of visibility in a cloud delivered infrastructure.
- Response: In the case of a breach how can you determine cause and effects over time.
- Automation: How can security be more automated in this new world.
- Signal to Noise: How can we reduce the noise down to what matters when it matters.
In conclusion AWS re:Invent was an incredible show. We cannot be more excited to work with AWS and interoperate with some of the new features and remain incredibly bullish about our opportunity to be a platform for securing organizations cloud infrastructure.