Misconfiguration is the number one cause of cloud-security incidents in 2021.
Call for unified security solution across all cloud provider platforms.
- Organizations are continuing to adopt the cloud, with over 25% of respondents reporting 50% of their workloads in the cloud.
- Surveyed companies are still struggling with the lack of expertise that bridges security and DevOps. Only 16% of respondents have comprehensive DevSecOps in place, with 37% starting to incorporate some aspect of DevSecOps within the organization
- Managing multiple cloud vendors has created a greater complexity than first imagined with misconfiguration seen as the number one security related incident.
March 2, 2022 — Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber security solutions globally, has released its 2022 Cloud Security Report. As organizations continue to adopt the cloud, with 35% running more than 50% of their workloads on the likes of Azure, AWS and GCP, they struggle to manage the complexity of securing their cloud infrastructures across multiple cloud platforms, while also suffering a cyber-skills and knowledge shortage.
The global report, based on a survey of 775 cyber security professionals, also revealed that cloud security incidents were up 10% from the previous year with 27% of organizations now citing misconfiguration, way ahead of issues like exposed data or account compromise.
Organizations are struggling to bring security into the DevOps cycle, compounded by a skills shortage witnessed by 45% of companies. Only 16% of respondents said they had comprehensive DevSecOps in place and 37% were just starting to implement DevSecOps into their cloud application development process.
While perceived cost savings and ease of use were the original drivers for using cloud vendor security, there is an increasing realization that the complexity of managing three or four different security platforms argues in favour of an independent cloud security solution to streamline security across all cloud platforms. In fact, 54% of those surveyed thought that an independent security vendor would be better suited to their needs than the cloud platform provider. A key consideration in making the decision between cloud native and a third-party security vendor was a potential reduction in complexity provided by an integrated solution, cited by 56% of respondents.
Further adding to the complexity of multi-cloud security, respondents ranked ensuring data protection and privacy for each environment at 57%, having the right skills to deploy and manage a complete solution across all cloud environments at 56%, and understanding service integration options at 50%.
There is also an increasing need to deploy application protection in the cloud with this capability going up by 11% in the last year to become the 3rd highest area of focus, quoted by 53% of the survey sample. According to the report, 57% of respondents say that they expect to run more than half their workloads in the cloud within the next 12 to 18 months and, of those, some 76% were using two or more cloud providers.
As the move to the cloud gathers pace, the ability to streamline cloud security becomes vital, as 75% of organizations are in favour of a single unified security platform with single dashboard, where they can configure all the policies needed to protect data in the cloud. Currently 80% have to juggle three, or more separate security solution dashboards to configure their enterprise cloud footprint.
TJ Gonen, VP of Cloud Security at Check Point, commented: “It is clear from this independent survey that security teams are finding the increased reliance on the cloud a bit of a challenge. Faced with the skills shortage, organizations need to do everything they can to simplify their cloud security management. An integrated third-party solution that covers all cloud platforms with a single management dashboard would relieve much of the pressure and reduce the risk of increasingly common misconfigurations, while also reducing workloads and providing the security environment to develop, deploy and manage applications in the cloud. This was the key driver for Check Point to develop its CloudGuard cloud security suite.”