SAAS SECURITY
campaign, Salesforce admins were duped into installing a data exporter sending private information directly to the group.” Adrian Hunt, chief security officer at Redsquid, says that for many years, securing SaaS platforms was largely treated as a configuration exercise: enable multi-factor authentication, turn on logging, and rely on the provider to manage the underlying risk. “But that assumption no longer reflects reality,” he adds. “SaaS security has become one of the most commercially significant challenges – and opportunities – facing resellers and MSPs. “Identity compromise remains the dominant risk, increasingly enabled by token theft, MFA bypass and OAuth abuse rather than stolen passwords alone. Crucially, this now extends beyond human users. In many organisations, non-human identities such as API keys, service accounts and automation bots already outnumber employees, yet often operate with excessive privilege and limited oversight.” Trends As the nature of threats changes, so do the solutions. “One of the biggest trends is a shift from tick box audits to continuous monitoring,” says Karl Bagci, director of IT and information security at Exclaimer. “Organisations are moving away from once a year assessments and towards real time visibility into configurations, access rights and data flows. They want to know, at any given moment, who has access to what, how data is being shared, and whether anything has drifted from the secure baseline. “There’s also a growing recognition that security is a shared responsibility. Vendors are responsible for securing the underlying platform and infrastructure, but customers own their configurations, role design, access controls and data sharing settings. Most incidents don’t come from a flaw in the SaaS product itself; they
come from getting those customer side responsibilities wrong. “Additionally, compliance has become table stakes. Frameworks like SOC 2 and ISO 27001 are no longer differentiators; they’re expected before serious purchasing conversations even start. Buyers increasingly assume that baseline and then look deeper into how vendors actually manage risk, not just whether they have a badge." Anton Shelepchuk, VP of worldwide sales at NAKIVO, agrees a big trend is continuous control. “Customers are realising that SaaS security is posture management (configuration drift, privilege creep, permissions sprawl), so SSPM and continuous monitoring are moving from ‘nice to have’ to absolute necessities,” he says. “At the same time, the market is consolidating. Buyers are tired of point tools, so they’re leaning toward SSE/ SASE-style platforms that unify access policy, inline controls and SaaS visibility under one umbrella. “Identity is getting stricter as well: least privilege, just-in-time admin, stronger authentication and tighter governance around guests and external sharing because that’s where the real risk lives.” AI impact AI is accelerating both sides of the SaaS security equation. “On the threat side, attackers are using AI to scale phishing, automate social engineering and create far more convincing impersonation attacks,” says Alex. “This has contributed to social engineering and BEC attacks increasing to 25.6% of observed incidents. “On the defensive side, AI is essential for keeping pace. Malware is now extremely short-lived, with the average sample surviving just 1.4 days, which means security teams need behaviour-based detection and automated response to act fast enough. AI helps prioritise risk, reduce noise and focus attention on genuinely
Contributors
Alex Ruslyakov
acronis.com
Mike Puglia
kaseya.com
Adrian Hunt
redsquid.co.uk
33 CONTINUED
www.newsinthechannel.co.uk
Powered by FlippingBook