Awareness about cloud security access brokers, or CASBs, in the Asia Pacific region is steadily increasing as larger vendors who have acquired privately held CASB companies are making the services available to the region, says Singapore-based Sid Deshpande, principal analyst at Gartner.
"Large and medium organizations deploying SaaS application and IaaS and seeing the need for security tools in a multi-cloud environment are demanding CASB capabilities for better visibility and data security," Deshpande says in an interview with Information Security Media Group.
As a prerequisite for CASB, however, organizations need to scrutinize their entire cloud security strategy instead of just looking at CASB as purely a technology-centric capability, he says.
"There is a need for IT and security teams to come together to leverage and integrate with SIEM tools and other security stack and infrastructure and build a cloud strategy governance to leverage CASB," Deshpande says.
While most sectors, including banking, retail and media, in the region have started adopting CASB, heavily regulated companies have been deploying and leveraging functionalities such as data security, visibility and compliance, he explains.
CASB will help organizations build an effective wide governance strategy for cloud security and enable CISOs to provide more clarity on their cloud security adoption as well as make informed decisions about which applications to adopt and what level of access to give to different constituents of IT and security and how to make context-based decisions.
In this interview (see audio link below photo), Deshpande offers insights on:
- Evolving security architectures and strategies for CASB;
- Configuring and calibrating a CASB tool to map risks;
- Budgetary requirements for deploying CASBs.
At Gartner, Deshpande advises technology providers and buyers on security-related topics. He also conducts research and is a frequent speaker at Gartner events and client events and workshops. His primary areas of focus are security market opportunity and growth projections, managed security services, CASBs, security sales and go-to-market strategies.