While the term “cloud” used to be the main topic of discussion in the technology industry, “cloud-native” is taking its place—and with it, “cloud-native security.” There are many elements to keep in mind as more organizations begin to build their IT and security in the cloud, but here are five key observations to consider as your organization seeks to understand the different elements.

1. Cloud-native security has nothing to do with cloud access security brokers

When people started focusing on working in the cloud, many organizations realized they needed to switch gears and start to consume software-as-a-service. Because of the shift, concerns about public cloud security erupted, ushering in the era of the cloud access security brokers (CASB), which typically handled tasks like securing Salesforce data.

That may have been the case early in the cloud days, but it has very little to do with another theme that has evolved in recent years. Lately, more software development groups have started to produce cloud software, because their companies need to build great new software to engage customers and enable new business models. This all underscores the “every company is becoming a software company” and “software is eating the world” themes.

But if you built an application for your company’s customers, and you don’t want to be , you have to put several layers of security around it. This is cloud-native security—and it’s fundamentally different from the role of a CASB. While both have to do with the cloud, they address two very different problems.