In a new study of 250 hybrid cloud security leaders, “Cyber Security Posture: The Challenges and Strategies of Hybrid Cloud”, the two top concerns identified were verification that public cloud accounts are secure (69%) and confirmation that workloads in the cloud are secure as well (69%). This lends credence to the reality that both account and workload security are critical.
However, security is still a key issue and barrier to adopting a hybrid cloud architecture, with specific concerns including increased complexity (55%), a lack of visibility into cloud endpoints (32%), difficulty instituting security controls (37%), and a clear need for more assessment tools (29%).
Some additional noteworthy survey findings include:
· 62% use separate tools to secure their on-premise and cloud environments, and less than half of respondents currently use a security solution spanning on-premise and cloud. A concerning finding was that 40% of respondents only use the tools provided by the cloud provider, which are considered by most to be incomplete.
· 50% have deployed on Azure as part of a hybrid cloud strategy, demonstrating the strong momentum it’s experiencing as an equal to AWS in services offered, as well as traction within Microsoft’s account base.
· When asked about the security technology they currently use, the survey found strong uptake of Cloud Workload Protection Platforms (48%), Cloud Access Security Brokers (37%), and Security Information and Event Management (39%).
· 39% of respondents cited that DevOps and development teams care greatly about their cybersecurity posture, showing that the silo between security/IT and development teams is diminishing.
“Though our research shows that over 81% of enterprises are adopting a hybrid cloud approach, only 30% are using unified security tools that span on-premise and the cloud,” stated Doug Cahill, ESG’s lead cybersecurity and cloud analyst, quoting related research by ESG on hybrid cloud security. “The fact that this will grow to 70% over the next two years speaks well of Cavirin’s hybrid cloud approach, helping address a key barrier to hybrid cloud adoption – security and visibility.”
Traditional solutions provide siloed, delayed visibility, and require manual security remediation and testing which is not well suited for the flexibility and velocity that the hybrid cloud model offers. Cavirin’s CyberPosture Intelligence for the Hybrid Cloud eliminates these limitations and removes the barrier to the cloud with:
· Continuous Risk & Cybersecurity Posture Management
A central ‘CISO Dashboard’ depicts exactly what organizations have at each moment and where they are located. This includes cloud account security posture, as well as virtual machines and container instances.
· Integrating Security into DevOps
Bridges the gap between DevOps and SecOps by automatically injecting security into the DevOps cycle – development, staging, and deployment - through CI/CD integration.
· Continuous Compliance Management
Removes security compliance as a barrier to cloud adoption through automation and customization via the broadest set of customizable frameworks, benchmarks and guidelines.
“We are deploying the Cavirin platform to help ensure compliance with government regulations, given our organization’s focus,” said Ernesto Ruy Sanchez. DevOps Manager, Human Longevity, Inc. “In addition, Cavirin’s open architecture and container support permit us to easily integrate its capabilities with our DevOps environment.”
“Cavirin’s ability for real-time visibility across the infrastructure permits organizations to accurately assess risk, security posture, then automatically remediate, said Jack Kudale, COO, Cavirin. “This is the first platform available for organizations to easily migrate and achieve continuous security and compliance of their hybrid cloud deployments, knowing they are safe and secure.”
New Technical Capabilities include:
· “Golden Posture” and ‘Top 25’ recommendations for guided remediation.
· Container runtime monitoring delivering on Cavirin’s ‘full-stack’ container security that already includes image scanning, CIS container and Kubernetes hardening, and guest OS hardening.
· Custom policy creation and compensating controls based on a Cavirin Domain Specific Language
· Availability of the new, Cavirin-authored CIS Azure Foundation Benchmark.