The Role of CASBs Expands: Cisco's Cloudlock Moves to Safeguard OAuth

A couple of months ago (October 2017), cloud security company Cloudlock expanded its digital security arsenal to incorporate OAuth-based technology to counter malware and exploits. The solution attempts to proactively blacklist OAuth malware by leveraging cloud-based Data Loss Prevention (DLP), machine learning, User Entity and Behavioral Analytics (UEBA) and, perhaps most importantly, pervasive app discovery. It would seem that Cloudlock’s solutions have certainly evolved since Cisco acquired the company in August 2016. This is not only a noteworthy update in an increasingly IP-connected world but also significantly expands upon the role of Cloud Access Security Brokers (CASBs).

CASBs are digital security vendors specializing in cloud security and data loss prevention. Companies like Cloudlock have identified the problems and incongruities that exist between cloud service providers and their customers and have found their unique place in the market as “security buffers”, standing between involved parties providing support and those overseeing software implementation, transition, and overall cloud processes. They are primarily focused client-side and help organizations by streamlining security and service provisioning.

In a recent report (AN-2460), ABI Research predicted that due to the turbulent and constantly evolving nature of cloud services and security, the growth of Software-as-a-Service (SaaS)-based cloud architecture will also coincide with an increase both in the presence of CASBs as well as their offerings. Cisco/Cloudlock’s recent expansion provides further proof that cloud-based security vendors are starting to up their game and will become much more prevalent in the future - especially for mid and mid-to-high tiered companies and for organizations lacking an IT or security team.

We are currently traversing the golden age of cloud computing where the lines between cloud services and the IoT are starting to merge. Soon, this will be exemplified with the birth of the Identity of Things (IDoT).  For now, there is a clear place in the market for CASBs:

• Constant digital threats drive growth in digital security
• The amount of data governance and regulatory concerns force organizations to hire specialists to handle that for them
• Forging partnerships with third-party entities to assist with cloud computing integrations has become the norm but someone must provide the security, DLP framework and communication oversight  

However, as major cloud tech giants (namely Amazon with AWS and Microsoft with Azure) battle for supremacy over the IaaS (Infrastructure- as-a-Service) and PaaS (Platform as-a-Service) market, ABI Research expects they might also react to the role of CASBs as they have reacted to creating vertical-specific IoT solutions (e.g., Azure IIoT – Industrial Internet of Things; Amazon’s Smart Home suite).

Cloud service providers could attempt to steal a portion of the market back from CASBs. This may well manifest by making use of additional offerings involving device and DLP solutions, access and privilege control and an overall attempt to provide an end-to-end security solution. CASB players are advised to take all necessary steps to solidify their position as data gatekeepers in the future cloud computing market. While Microsoft might be a bit more cautious in its business strategy, if there’s one thing that Amazon is not known for, it is allowing opportunities to slip by.