The double-edged swords of cloud security and AI

DevSecOps expert Kyler Middleton examines the ways modern technologies such as cloud computing and AI both enable and complicate the future of SecOps.

The cloud and AI giveth to SecOps pros, and they taketh away.

In this episode of IT Ops Query Season 2: The State of SecOps, guest Kyler Middleton, senior principal software engineer at healthcare tech company Veradigm, and TechTarget Editorial's Beth Pariseau examine the pros and cons of two of the hottest topics in IT: cloud security and AI.

For example, the same cloud platforms that connect the world -- and broaden its attack surface -- also offer accessible tools for IT pros to experiment with multiple layers of security automation and centralized log analytics, Middleton said.

Kyler Middleton, senior principal software engineer, VeradigmKyler Middleton

"[In the] cloud, [with] most security tools, you can get access for free or for very little cost," she said. "And a lot of people, me included, put stuff on the internet for free that you can go learn."

Cloud-native systems and flexible infrastructure make it feasible to "log all the things" related to app security, centralize them and apply advanced analytics, including AI models, to closely monitor systems, Middleton added.

At the same time, the AI models that make burgeoning security data manageable could make it more difficult for security novices to learn the basics, she said.

"AI is starting to … get smarter, and that's a great thing -- it's another tool for us to use," Middleton said. "But I'm worried about it disrupting the ecosystem where, if AI can be our tier 1 [engineer], then how do [humans] get [to] tier 2? Because tier 2 comes from tier 1, right? You practice and learn and grow and … move up until you're an architect. But if we don't have a tier 1 anymore, how do we get there? And I don't know the answer to that."

I'm worried about it disrupting the ecosystem where, if AI can be our tier 1 [engineer], then how do [humans] get [to] tier 2?
Kyler Middleton Senior principal software engineer, Veradigm

Meanwhile, the connectedness of cloud has made it possible for catastrophic outages such as this year's CrowdStrike incident to happen, she acknowledged. She warned against the "security nihilism" that can arise when news of security breaches keeps breaking day after day.

"If there's no way to secure it and there's no companies that are secure, then why even care about it?" she said. "Why should I keep reading the news, when all the news is bad?"

Middleton's answer is that, despite ongoing high-profile incidents, the state of SecOps and DevSecOps overall has improved in the last decade and will continue to improve.

"That's certainly not the Hollywood take," she said. "I know we have this idea that's been prevalent for a long time, that defenders have to win absolutely every time, and attackers have to win once. And that's just not true."

The tools available to cloud security users continue to expand and can contribute to a layered defense Middleton calls a "security sandwich.

"Attackers have to beat every single layer before you catch them at any layer," she said. "And so that … defense job is getting easier, getting more empowered, [and] that toolbox is getting bigger."

Beth Pariseau, senior news writer for TechTarget Editorial, is an award-winning veteran of IT journalism covering DevOps. Have a tip? Email her or reach out @PariseauTT.

Dig Deeper on IT systems management and monitoring

Software Quality
App Architecture
Cloud Computing
SearchAWS
TheServerSide.com
Data Center
Close