COMMENTARY: Over the past year, there has been a great deal of hype and excitement around Generative AI (GenAI). And most organizations ran proof-of-concept projects for GenAI, eager to reap the technology’s benefits, which range from improved operational efficiency to cost reductions.
According to recent research, 88% of organizations are actively investigating GenAI, transcending other AI applications. However, the vast majority of organizations have yet to surpass this initial proof-of-concept stage and graduate GenAI applications into production. As we move into 2025, more organizations will begin to formalize their GenAI strategies, creating and deploying a host of new GenAI applications across their infrastructure.
[SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Read more Perspectives here.]
When organizations build out GenAI applications, they will leverage many different GenAI models. To optimize, and derive the most value and accuracy from their GenAI applications, enterprises will use proprietary data to create these models, primarily through a Retrieval-Augmented Generation (RAG) architecture. A RAG architecture lets organizations customize models based on company data, so that GenAI applications are personalized to an enterprise and their specific use cases. Most GenAI applications will contain proprietary company data as a result of this approach, creating many security concerns for organizations.
Consequently, some organizations will opt to deploy GenAI applications in their data center, an existing hub for sensitive enterprise data. However, most organizations want the flexibility to deploy GenAI applications across both cloud environments and on-premises in their data center. With flexibility at the forefront, Kubernetes has quickly become the de facto platform on which GenAI applications are being deployed.
Kubernetes offers organizations the means to seamlessly deploy GenAI applications across cloud and on-premises environments, while also boasting other benefits including observability, workload scheduling, automation and networking–attributes that are advantageous to developers working to create and deploy such applications. Organizations can run Kubernetes for GenAI across various workloads including virtual machines (VMs), containers, or bare metal servers — or a mixture of all three.
Kubernetes security becomes paramount
While most organizations already actively deploy and run various types of applications on Kubernetes, security continues to remain an afterthought for many. As Kubernetes becomes the orchestrator of GenAI applications, securing them has become paramount. GenAI applications, unlike any other existing applications, present increased security risk, especially when it comes to data privacy, integrity, and security. Built using sensitive data sources from inside an enterprise, once an organization deploys such applications, their attack surface increases greatly.
Given this changing dynamic, I expect a heightened focus on Kubernetes security in 2025 and beyond. Here are five steps teams should take to deliver comprehensive security for GenAI applications deployed on Kubernetes:
Implement network security access controls
First and foremost, organizations will need to implement strong network security access controls. As organizations will have multiple applications accessing multiple GenAI models and data sources, controlling this becomes combinatorial problem.
Because network security is a critical aspect of any Kubernetes deployment, it’s important to ensure that data transmitted within clusters gets protected against unauthorized access, interception, or modification. Microsegmentation has become crucial to enhancing network security within Kubernetes environments. This technique divides networks into smaller, isolated segments, allowing for granular control over traffic flow and significantly bolsters security posture.
Proactively manage vulnerabilities
Organizations must also prioritize vulnerability management. Because container images are the core building blocks of Kubernetes workloads, many organizations use insufficiently secure container images. Organizations must implement continuous monitoring, image scanning and policy enforcement processes to detect vulnerabilities, malware, and unsafe configurations across all Kubernetes clusters. By implementing vulnerability management practices, organizations can proactively identify and address vulnerabilities within container images before they are deployed into production.
Protect against known and unknown threats
Runtime security has become another crucial element to securing Kubernetes, protecting against known and zero-day attacks, whether they are network or container-based. It’s crucial for GenAI applications as any breach could pose an existential threat to an organization given how much proprietary and sensitive company data resides within such applications. Organizations should invest in mechanisms that can instantly detect, block, and mitigate risks across their environment and automatically quarantine infected Kubernetes workloads the moment threats are detected.
Prevent and address misconfigurations
Misconfigurations are one of the most common and detrimental security risks for organizations using Kubernetes. In the context of GenAI, misconfigurations can leave an organization's private information dangerously exposed, hence the need for careful management and monitoring. This process involves continuously monitoring images, workloads, and Kubernetes infrastructure configuration against common configuration security standards and referencing CIS benchmarks when configuring Kubernetes.
Maintain observability
Organizations must maintain a real-time view of traffic flows within and outside Kubernetes clusters to understand workload communications and connections, service dependencies, and policy enforcement. This will let organizations proactively identify and resolve security gaps and policy violations.
In the upcoming year, many organizations will officially deploy GenAI applications across their infrastructure. With Kubernetes set to serve as the core platform for deploying and running these applications, there's an inherent need for organizations to step-up their security in this domain. Implementing these five elements will help organizations proactively address Kubernetes security risks before attackers can exploit them – and it will also help teams foster an enhanced Kubernetes security posture.
Ratan Tipirneni, president and CEO, Tigera
SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
