The cyber world is experiencing a tsunami, marred by scale and magnitude, velocity, and drastically altered landscape. Active geopolitical developments and conflicts, covert escalations, and technology acceleration turn cyber or digital space into a proxy, sometimes, a real battlefield.

During recent geopolitical conflicts, banks across India experienced a 100x increase in DDoS volume. Along with an 8x rise across attack types aimed at websites and APIs of other industries. Attackers used millions of IPs, with each sending one or two requests per minute to defeat traditional per-IP rate limits.

This makes one wonder why citizens wouldn’t face any disruptions. How come enterprises remain resilient? The answer, most likely, lies in the cloud and AI.

Security in the age of a multi-fold increase in volume and velocity of business transactions demands elasticity. Every internet-facing IP experiences thousands of unsolicited packets per day, 3,000 packets as per an APNIC study carried out in collaboration with MIT. Especially in citizen or consumer services such as bill payments or subsidy disbursements, unsolicited request bursts would flood controls, WAF or bots. Apart from elasticity, protection also needs speed. Policies, virtual patches, and countermeasures need to be rolled out in minutes, and that too at all edges.

During a fast-moving incident, the ability to apply protection is of paramount importance. However, engineering teams need time to plan for permanent fixes. Deploying quick virtual patches at scale gives cover to these teams. You need scale on demand to be ready for the burst, you need speed in protection, and you need every user, wherever they are, to be protected. Achieving this without the cloud would be difficult; in fact, it is becoming increasingly impossible.

Today, if a vulnerability or weakness is exposed, even for a moment, it is likely to be exploited. The asymmetry between attackers and defenders is widening with the rising pace of digitisation and resulting in interdependencies and complexity. The present cloud sprawl, including multi-cloud, hybrid, cloud-native, microservices, SaaS-to-SaaS chains, and shadow tenants, is contributing to the expanded digital footprint. API explosion, third-party integrations, designing for heterogeneous devices, interface with digital public interfaces, and an AI stack further increase the blast radius of the identified weakness or vulnerability.

Therefore, programmable security guardrails are needed at scale. The requirement is for a globally distributed defence and response to match the fluidity of the workforce and business locations.

In comparison, on-premises security struggles with this scale and updates slowly. On-premise deployments can only see their own traffic; hence, they learn more slowly. It often leaves uneven security across sites, and the expertise also must be managed 24x7, with teams often stretching during a surge. Thus, the path for achieving security goals becomes complex.

In today’s globally interconnected world, events in one part of the world would likely affect you. If a new modus operandi or attack path became successful in one region, it is likely to be replicated against similar infrastructure and app systems elsewhere. Therefore, getting hold of a global-scale network intelligence where systems learn from attacks across many customers and sectors is important today.

In the interdependent, heterogeneous, fast-paced, and multi-dimensional world of radical uncertainty, resilience architecture and process orchestration demands multi-region failovers. Systematisation of recovery during stressful situations wouldn’t be possible without optimal flexibility and elasticity. Without built-in automated health checks, recovery efforts during failures can inadvertently lead to escalations.

Moreover, you can augment preparedness and response by leveraging advanced AI capabilities on the cloud. Cloud native security, in particular, offers larger coverage by enriching identification and enforcement decisions with learnings from other environments. However, in your present setup, you are constrained on both fronts. Hence, security defence remains archaic and rigid.

The actual difference would be felt in an AI-centred world. Commodification of exploitations, turnkey-ready to use C2 frameworks, AI-assisted recon, AI-powered persona building, auto fuzzing generating crash chains, instant captcha solvers, deep fakes, and vibe payload engineering could take the attack landscape to a different tier altogether. On top of it, easier cash-outs due to crypto and nested account routing make cyber a lucrative domain of criminal enterprise. How would you defend and respond if you are constrained and defending with limited options?

Your defence demands elasticity to thwart attack spikes. Therefore, get hold of larger telemetry, cover all possible grounds, orchestrate actions at various levels, factor all the involved dimensions and nuances, extend coverage to all desired elements, and match pace with the speed at which business transactions are processed.

There are indeed some legitimate concerns over moving security to the cloud. However, science and practices of cloud security and governance are advancing fast, promising full and technologically proven ownership and control. Sovereignty is becoming programmable, configurable, and provable.

Moreover, cloud native security satiates modern expectations of ROIs. You pay only for clean traffic, not for capability or device or prevention of attack. This pricing model incentivises your posture by blocking malicious traffic as early as possible. The cost is predictable even during a surge, thus eliminating billing shocks. Cloud native security turns chaos into control. You don’t chase; you thrive with cloud.

(Tandon is founder and CEO, Indusface; Godse is CEO, Data Security Council of India. Views are personal.)