Cloud spend in 2020 will increase cybersecurity risks in 2021

Back to Blog
December 17, 2020
Dusan Vitek

Despite Covid-19’s impact on the economy, public cloud usage and its associated revenue—for all the online services purchased by businesses or individual customers—continues to grow. The steady transition to cloud services brings with it another reality – the amount of data we need to safeguard and the number of user identities we need to protect is also growing at an unprecedented rate. Cloud cyber security issues are here to stay.

In the updated forecast for the public cloud revenue published in July 2020, Gartner forecast growth of 6.3% in 2020 to total $257.9 billion, up from $242.7 billion in 2019. It’s important to note that Gartner defines the public cloud quite broadly:

  • Cloud Business Process Services (BPaaS) – includes Accenture, Capgemini, Infosys, NTT Data
  • Cloud Application Infrastructure Services (PaaS) – includes AWS Elastic Beanstalk, Google App Engine, Heroku, Windows Azure
  • Cloud Application Services (SaaS) – includes Office 365, Google Workspace, Salesforce, Box, Dropbox, SecureAuth, etc.
  • Cloud Management and Security Services – includes VMware, Morpheus Data, Flexera, etc.
  • Cloud System Infrastructure Services (IaaS) – includes AWS EC2, Google Compute Engine, Digital Ocean, etc.
  • Desktop as a Service (DaaS) – includes Amazon WorkSpaces, Citrix Managed Desktops, Windows Virtual Desktop, etc.

What this growth of public cloud spend tells us is that companies will continue to integrate more SaaS apps and cloud services into their business processes. This is true for well-established companies such as Boeing or General Electric as well as born-in-the-cloud companies like Uber or Zendesk.

None of these integrations are possible without an identity and access management system (IAM) to bind all the identities across these systems together. Historically, this role was performed by Microsoft Active Directory and similar on-premises directories. However, the switch to SaaS has eroded the concept of domain controllers, forcing a conversation about the access control and system management performed by domainless cloud directory services.

Identities outside the domain and network perimeter

The dispersion of user identities and protected resources outside the network perimeter increases the risk of identity compromise and provides a new set of attack vectors for hackers. Every year, the M-Trends report from FireEye Mandiant provides a comprehensive view of the world of hacking. Let’s review three risks which continue to be a pain in 2020 and 2021:

  • People are the weakest link – Most malicious actors use cleverly disguised phishing or spear phishing attacks to gain credentials or coax users to install malware. Despite all the security awareness trainings, phishing continues to be a viable attack vector.
  • Developers don’t use security best practices – Well-designed public cloud services with a robust identity security framework such as AWS may provide an attack vector if developers are employing poor security practices, such as GitHub accounts without MFA, storing credentials in plaintext in GitHub, usage of IAM access keys instead of IAM roles to perform API requests, usage of overly permissive IAM roles rather than using the least privilege model.
  • Companies run unpatched systems – Malicious actors will continue to exploit vulnerabilities in unpatched systems to gain escalated privileges and compromise the endpoint.

On a positive note, companies got much better at detecting attacks: 56 days is the median dwell time between intrusion and detection (vs 78 days in 2017/18). Better, but still relatively slow. For any cloud cyber security expert this is inadequate.

Bridge for identities between SaaS, IaaS

The persistent threat from bad actors forces CISOs to act as if their organizations were under constant attack. Such task requires skillful coordination between the networking, IT security, and app security groups. Since identities cross these various systems for machine-to-machine authentication as well as user authentication, it creates an impetus for a centrally managed cloud IAM system. Such cloud IAM system should cover both workforce and customer identities, with a shared set of security principles.

While the market provides several options for Cloud IAM, SecureAuth comes in with a strong identity security perspective:

  • Modern cloud-based single sign-on (SSO) to over 8000+ SaaS applications. These include popular workforce apps such as Office 365, Google Workspace, Salesforce, Box, Dropbox, Zoom, Microsoft Teams, GoToMeeting, or Webex. SSO options include SAML, OIDC, WS-Federation, OAuth, extending SSO options across public cloud apps, in-house developed custom private cloud apps and on-prem apps.
  • Multi-factor authentication (MFA / 2FA) that’s convenient for users. Workplace cloud MFA means you can ask users for more, for example to install and set up an OTP authenticator client like SecureAuth Authenticate with Symbol-to-Accept. In the case of customer IAM (CIAM), retailers, healthcare providers, or airlines may prefer to offer 2FA in the form of one-time passcodes via SMS/text, email, and phone. Setting up these factors is simpler because you already collected customer’s email address and phone number during account registration or purchase. SecureAuth Cloud IAM further augments the security of CIAM accounts with integrated phone risk evaluation.
  • Risk-based adaptive authentication is an identity-based security perimeter that uses adaptive, risk-based authentication to better identify and block cyber-attacks – without burdening users. Device recognition, geolocation and geofencing and known threat lists provide intelligence and weigh in when it comes to authenticating users. While users remain oblivious to these behind-the-scenes calculations and risk checks, their access experience feels seamless. Additional multi-factor authentication steps are only triggered when risk is present.
  • Integrated workforce and customer identities for SaaS applications is becoming a must. Most SaaS apps are not directory-integrated, forcing IT admins to manually provision and de-provision users. However, the growing adoption of the SCIM standard amongst SaaS vendors has made things easier. CISOs are now looking to integrate existing workforce directories and customer identity stores into a single centralized console. This setup provides visibility into application use, password strength, and compliance. The goals are a lighter administrative burden, cost savings, and stronger identity security.

Balanced cloud cyber security

Cloud cyber security is often a balancing act. Simplified administration and stronger security should never cause a disruption in user experience. SecureAuth provides an enterprise-ready Identity and Access Management solution delivering the strongest security with over 25+ strong adaptive MFA options with one goal: delightful user experience for your employees and customers.

Continue reading

The SecureAuth 2020 State of Identity Report
Protecting Email from Cyber-attacks: Office 365 is key (Mandiant/FireEye M-Trends 2017 Report findings)

Never Miss a Beat
Subscribe to Our Blog

SecureAuth Identity Platform Adaptative Authentication

Identity and Access Management

Empower your digital initiatives with secure access for everyone and everything connecting to your business

Product Features

Adaptive Authentication

Extend verification of a user identity with contextual risk checks

Multi-Factor Authentication

Leverage a broad portfolio of authentication factors for desktop and mobile

Intelligent Risk Engine

Protect your identities with advanced risk profiling analytics

Single Sign-On

Provide app discovery and one-click login through portal or desktop SSO

User Lifecycle Management

Enable admins with strong CRUD capabilities and users with self-service tools

Secure All Identities


Customer Identities

Deliver a frictionless customer experience safeguarding user data and privacy


Workforce Identities

Govern and control access rights for employees, partners, and contractors

Moving Beyond Passwords

Learn how passwords alone no longer provide the appropriate level of protection, nor confidence, required to secure valuable resources


Passwordless Authentication

Reduce the risk of breaches by eliminating passwords

2FA is Not Enough

Block popular phishing and brute force attacks used by bad actors

Protecting Office 365

Extend adaptive authentication and flexible MFA to all apps including Office 365

Securing Portals and Web Apps

Balance strong security and an exceptional user experience

RSA Migration

Transition to a modern identity and access management solution



Financial Services


Energy and Utilities

Public Sector


White Papers


Recorded Webinars

Analyst Reports

Innovation Labs


Support Portal

Events & Webinars



Calculate Your Savings

Lower support costs by enabling your users the control to reset passwords, account unlocks, device enrollment and update profiles

Meet SecureAuth

About SecureAuth