Dubai, United Arab Emirates – Cisco (NASDAQ: CSCO) in partnership with TechTarget’s Enterprise Strategy Group (ESG) conducted a survey, “The State of Cloud Security Platforms, DevOps, and Security,” focused on how organizations manage security in cloud-native environments. The findings reveal important insights into the practices organizations must adopt to strengthen cloud security.
The survey focused on understanding the current landscape of cloud application development and security practices among IT, cybersecurity, and application development professionals. The survey gathered feedback from over 1,000 respondents across industries, providing a comprehensive perspective on the challenges they face and the strategies they employ to protect cloud infrastructure and applications. The data highlights the critical need for organizations to adopt effective security measures in an increasingly complex cloud environment.
Main results
Multi-cloud is the new normal: Most organizations now rely on multiple cloud service providers (CSPs) to support their operations, with many using more than three cloud providers to meet diverse business needs. This trend is expected to continue as more organizations shift to public, private, and hybrid clouds to meet their specific application needs, align with business preferences, and meet industry requirements. Misconfigurations pose significant risks: Misconfigurations remain a major challenge, with organizations experiencing an increase in security incidents due to this issue. While 79% of organizations use DevOps practices, only 26% secure more than half of their cloud-native applications. This lack of early security integration has led to vulnerabilities, application downtime, and unauthorized access. The importance of early security integration: The gap in implementing security measures during the development process has led to an increase in security incidents, underscoring the need for a stronger focus on security from the outset. Boosting DevSecOps Adoption: Nearly half of organizations plan to enhance their DevSecOps practices in the next two years, with the goal of addressing security vulnerabilities identified in their cloud applications. By integrating security tools, they can improve incident response and vulnerability management. Demand for effective remediation tools: Organizations reported experiencing business-impacting consequences associated with attacks that occurred between the time of initial discovery and the time of remediation. As a result, they are seeking advanced tools to accelerate threat detection and response, and reduce the impact of attacks on their operations. Investing in Cloud Security Solutions: The survey indicates a strong consensus on the need to invest in cloud security and DevSecOps platforms within the next year, including solutions such as cloud workload protection and rights management.
With many businesses relying on multiple cloud providers, security vulnerabilities related to misconfigurations and inadequate security integration during development can lead to significant risks, including data breaches and operational outages. As organizations plan to invest in cloud security platforms and enhance DevSecOps practices, these insights serve as a vital guide to improving security strategies and enhancing resilience in cloud infrastructure.
