What Can Generative AI do for Hybrid Cloud Security?

Global organizations will spend about $600 billion on public cloud services in 2023—if anyone needs further proof of cloud’s prime position in enterprise IT. The sweep of cloud adoption means a whole lot of modern enterprise IT infrastructure is defined in code to maximize scalability and other key benefits. Since infrastructure is the traditional domain of security operations centers (SOCs), ensuring a secure cloud is fast becoming a SOC responsibility. Trend Micro predicts most SOCs will absorb cloud security by 2026.

This comes with some challenges. Few corporate cloud deployments are consolidated and straightforward: most are a mix of hybrid and multi-cloud. And securing cloud resources is very different from securing physical infrastructure. While SOC teams will surely onboard cloud security specialists, there are limits to how far headcounts can scale. All of which suggests it’s inevitable that new tools will be needed, and one of the most powerful may prove to be generative AI.

Of course, today many generative AI use cases for hybrid cloud security are still hypothetical since the technology is in its nascent stages, albeit evolving rapidly. But as generative AI matures, using it for cloud security is bound to become standard practice.

Setting a secure cloud foundation

Just as coding companions like Amazon CodeWhisperer and GitHub Copilot are helping developers write software, generative AI can be used to produce template-based infrastructure-as-code as the foundation for consistent, best-practice, secure cloud environments.

Someday AI companions may be reliable enough to do this on their own, but for now ‘hybrid AI’ workarounds are needed to close the trust gap. After a cloud AI companion creates cloud infrastructure, a non-AI tool can scan it for threats, conformance with corporate policies and industry best practices, and for alignment with cloud provider frameworks such as the AWS Well-Architected Framework.

Running this kind of quality control check before any AI-generated infrastructure is deployed in the build pipeline ensures code is valid and free of errors or misconfigurations that could cause security issues. Scanning for misconfigurations is especially important, as they count for up to 70% of all cloud security challenges.