
By Byron V. Acohido
The Cloud Access Security Broker (CASB) space is maturing to keep pace with digital transformation.
Related: CASBs needed now, more than ever
Caz-bees first took shape as a cottage industry circa 2013 to 2014 in response to a cry for help from companies reeling from new Shadow IT exposures: the risk created by early-adopter employees, quite often the CEO, insisting on using the latest smartphone and Software-as-a-Services tools, without any shred of security vetting.
A wave of acquisitions absorbed a half-dozen early CASB startups. One company still actively innovating as an independent CASB is San Jose, CA-based security vendor CipherCloud. I had the chance to visit with CipherCloud CTO Sundaram Lakshmanan at RSA 2019.
We discussed how the basic notion of flowing all data coming into a company’s network — from whatever device or web app — through a cloud gateway for security scanning has become elemental. For a full drill down, give the accompanying podcast a listen. Here are the key takeaways:
Shifting role
As with almost any security solution, the bottom line for CASBs is all about protecting the data — without detracting from users’ experience, and thus eroding productivity. This is especially important within the cloud. CASBs began by closing glaring security gaps created by the rapid adoption of mobile devices and cloud tools. Quite naturally, that role is now shifting and expanding.
Now that CASBs have been around for half a decade, companies are figuring out how to utilize them to reinforce specific silos within their IT and security teams. More enterprises are rethinking their internal processes, seeking a more centralized, convenient approach to securing web apps, Lakshmanan told me.
“At the end of the day, it is about business productivity and helping users get their job done,” he said. Enterprises are starting to understand that as they pursue velocity and scale,