When it comes to the benefits of cloud security, companies such as Carbon Black are able to provide organisations with greater threat and attack response intelligence than could be achieved with their data alone.

This is because products such as Carbon Black’s Predictive Security Cloud pool the intelligence gleaned from all their customers’ data and share it with all the organisations they cover.

“This is the idea that you can record all of the right information, apply great analytics on top of that with a feedback loop for all the customers that are in that system, so that an attack against one of them really protects all of them at the same time,” explains McElroy.

This requires a certain number of customers to work, however Carbon Black operates at a scale where this provides genuine and valuable insight to its customers.

“We've got thousands of customers and hundreds of thousands of streams coming to our cloud everyday,” he says.

Perhaps more significantly, cloud security frees up operational costs associated with traditional security, as McElroy discovered when he assisted several enterprises with their transition to the cloud.

“I was able to see what the CIO got out of it, what the business got out of it. We were delivering features faster, our uptime was higher, our costs were cheaper,” he says.

“Well, security is expensive. Those are all things that I need, right?”

This also frees up security professionals to focus on threat detection and prevention rather than maintaining weighty infrastructure.

“What happened in security is we all built infrastructure. And now my team of engineers and threat hunters are maintaining my infrastructure, they're not going to find evil and take the bad guys out,” he says.

Cloud security is a relatively young product sector, meaning vendors have to work hard to make the case to would-be customers. And this is a particularly significant challenge in the generally conservative security sector.

“I think most security professionals are going to be slow to adopt any new tech. There'll be like the 1% that's like: 'Yeah the next thing, I'm going to go get it and try it'. And then there's the rest of the market, which is like: 'Hey when Apple and Google do it, then we'll do it’,” says McElroy.

However, with support from a number of thought-leaders in the space, cloud security adoption is starting to grow.

“I think what you're starting to see is the leaders out there went to the cloud, they're out talking about the benefits and then everybody else is going to start to follow,” he says.

But where vendors such as Carbon Black are having to do the most work in convincing companies is with SMEs.

“We spend an inordinate amount of time educating the largest amount of security professionals out there: SME,” he says.

“It's very hard for them because they don't have big teams to go build threat hunters and security operation centres. And so it's really empowering them with the right platforms to get the right data to make their jobs easier, not just give a bunch of data that they can't take action on.”

While there are mature cloud security technologies available today, the technology has by no means stopped progressing, meaning that as time goes on, it will become increasingly sophisticated.

“I think most vendors out there are fairly new to the cloud security game, so you are going to see all kinds of things in the future,” he says. “You'll see further leveraging of machine learning (ML) and AI.

“When you have a cloud like that then it's pretty easy to build new features on the backend and then deliver those out to customers on a regular basis.

“So I think you'll see everything from better analytics, better threat intel to organisations out there that are applying ML and AI.”