OpenText security unit Webroot has introduced a threat intelligence service designed to enhance the effectiveness of Cloud Access Security Broker (CASB) systems.
Webroot BrightCloud Cloud Service Intelligence, which is part of Webroot’s BrightCloud Threat Intelligence platform, seeks to help CASB developers identify, classify, and control access to cloud applications more completely and accurately.
The system includes three core components. The Cloud Application Classification service assigns cloud software to product categories. The Cloud Application Function service categorizes the individual functions accessed by cloud software.
The Cloud Application Reputation service, finally, gives cloud applications a 0 to 100 reputation score based on multiple factors, including application and data security standards, industry compliance and certifications, and historical security breaches. The score also draws on Webroot’s patent pending BrightCloud Domain Safety Score technology, which measures the risk to users and networks of visiting outside domains.
Embedding those components into a CASB solution or security device, Webroot says, allows developers to gain better visibility into which cloud applications are being used, better understand how they’re being used, and make more accurate real-time decisions about which applications users can open based on their reputation.
Potential use cases, the company says, include controlling access to specific applications based on sanctioned and unsanctioned use policies; identifying unapproved or poorly secured applications, and then setting policies on their use; and enforcing data transfer policies across and within applications.
The new service arrives at a time of exploding cloud computing adoption by businesses with employees working from home due to the coronavirus pandemic. Global spending on cloud software, hardware, and services will grow at 15.7% CAGR through 2024 to more than $1.0 trillion, according to IDC.
All of those authorized cloud deployments, along with unauthorized use of “shadow IT” systems by remote workers often utilizing personal devices and poorly secured home networks, are driving increased dangers from cloud-based software, Webroot notes.
Indeed, according to data from cloud security vendor Netskope, 63% of malware was delivered over cloud applications in 2020. The same study reported a 161% jump in use of risky apps and websites last year and a 600% increase in traffic to websites hosting adult content. Seven percent of users in the Netskope research uploaded sensitive corporate data to personal instances of cloud apps.
Meanwhile, only 21% of users have received increased security awareness training from their employer during the pandemic and just 59% of users believe they know how to keep data safe, according to a 2020 study by OpenText.
CASB solutions are designed to help businesses safeguard themselves from such dangers by aggregating information about cloud application use, assessing cloud application risks, and enforcing cloud application access policies. Gartner expects spending on such products to climb 40.7% this year, 36.7% in 2022 and 33.2% in 2023, outpacing all other information security segments.