“Customers are increasingly depending on cloud computing to support the need for business agility and speed of transformation. However, to be successful business leaders need assurance that cloud security is handled in a predictable manner through automation to ensure compliance and predictability,” according to Dan Kirsch, the study author and vice president, principle analyst at Hurwitz & Associates.
In the cloud, continuous integration practices shorten cycle times and improve efficiency. When confronted by the cloud’s increasingly complex and dynamic network environment, it is difficult for security to keep pace. According to the report, approximately 35% of the organizations surveyed are taking a cloud-first approach meaning that all new projects are done on the cloud. In addition, nearly 50% of participants are taking a selective approach to the cloud, where significant and large projects are being developed or migrated to the cloud while others will continue to remain on premises. The survey also found that automation is critical. Almost all respondents (95%) agreed that “cloud automation is increasingly important to meeting our business goals.” However, 40% of respondents felt that their security solutions aren’t as flexible and scalable as the rest of “our” cloud.
“The high velocity and scale of public clouds are shattering everything the security industry has assumed for the past 10 years,” said Sanjay Karla, co-founder and Chief Product Office at Lacework. “The acceleration of cloud adoption is now paving the way for security teams to deploy automated security solutions that naturally augment security teams’ ability to continuously validate their cloud configuration for security and maintain secure daily operations in the cloud.”
Survey respondents agreed that security is a top priority for their cloud solution. Additional findings by Hurwitz & Associates include:
- Asked to rank-order seven possible cloud solution characteristics, “safe and secure” topped over half of the lists (53%). The next most mentioned priority - “deliver new services and updates faster” - topped only 13% of the lists.
- 85% of respondents recognized that “cloud security is different than traditional data center security.”
- Only 35% of respondents felt that “security limits our ability to maximize the benefits of DevOps and operations automation,” and 78% agreed that “we fix security vulnerabilities fast enough to avoid significant business risk.”
- Nearly 75% agreed that “controlling vulnerabilities related to unpatched or downrev software is a challenge.”
- Only 35% felt “SIEM tools give us all the security visibility we need.”