Trend Micro Inc. today expanded its cloud security portfolio through acquiring Cloud Security Posture Management (CSPM) firm Cloud Conformity Pty. Ltd., which was founded in Australia but is headquartered in the United States of America.

According to a Gartner report, at least 99 per cent of cloud security failures will be the customer’s fault through 2023, and 50 per cent of enterprises will unknowingly have IaaS services exposed to the internet by 2021. CSPM focuses on identifying and mitigating cloud misconfigurations before they become a security threat.

Cloud Conformity’s services automatically identify and repair cloud infrastructure configurations issues, while ensuring compliance with regulatory standards like PCI, GDPR, HIPAA, and NIST.

“We have been laser-focused on building integrated security for the cloud since its birth over a decade ago, unlike other vendors who are now attempting to stitch together disparate cloud technologies,” said Eva Chen, chief executive officer for Trend Micro. “As more enterprises move to the cloud, our customers feel they’re operating amid a wild-west approach to cloud implementations that leave them with unmanaged risk. As an AWS technology partner of the year for 2019, Cloud Conformity understands these implementations and the risks. Their offering perfectly complements our own portfolio and provides immediate value to customers. Both the people and technology are a great fit for Trend Micro.”

CSPMs are in high demand according to research from the Enterprise Strategy Group, Inc.; which stated 40 per cent of its respondents as selecting CSPM as a top area that their organizations will make a significant investment into to protect cloud native applications. This point was reiterated by Doug Cahill, a senior analyst and practice director for cybersecurity with ESG, who said that such services can eliminate a lot of the risk of operating high-value data in the cloud.

“What’s driving market demand for Cloud Security Posture Management solutions? Well, it is a mix of security and compliance use cases with a common thread of identifying and correcting misconfigured cloud services that create risk. Risk of data loss. Risk of unauthorized access to externally facing workloads, object stores, and even the cloud console. And the risk of not meeting and maintaining compliance with industry regulations,” said Cahill. “With the constant state of change of cloud services, it is critical that CSPMs are employed to maintain a hardened configuration for all cloud services.”