The State of Cloud Native Security report 2020 is here !

Announcements

ATTENTION Customers, All Partners and Employees: The Customer Support Portal (CSP) will be undergoing maintenance and unavailable on Saturday, November 7, 2020, from 11 am to 11 pm PST. Please read our blog for more information.

Community Team Member

The first annual State of Cloud Native Security report is here ! Find out what's happening in cloud native security today and what’s working best for organizations.  Based on a survey of 3,000 cloud architecture, InfoSec and DevOps professionals across five countries, the report will help you make decisions about the cloud by surfacing information based on a proprietary set of well-analyzed data.

 

Cloud Native Security Today

 

Section 1:

The State of the Cloud and Cloud Native Adoption

Organizations have moved to cloud over the past couple of decades to meet their need for faster, more flexible computing at a reasonable cost. For these same reasons, cloud adoption is accelerating – and so are the challenges that organizations face when moving workloads to the cloud and expanding their cloud estates.

As you peruse the first section of the report, you’ll see characteristics of respondents’ companies, such as revenue and degree of cloud adoption, against the choices these companies make for their cloud operations.

 

Cloud adoption is high and growing

Cloud adoption is already high, and it’s going to keep on growing.  Discover how different industries, company sizes and geography handles this adoption.

 

Multicloud is the norm:

Overwhelmingly, our survey respondents manage multiple cloud environments.  Discover platform use by company size and industry.

 

Cloud PlatformsCloud Platforms

 

 

Public cloud vs. private cloud: It’s a wash

Our survey shows that organizations balance their use of public and private cloud services, with no real bias toward either option.  Most respondents report that cloud workloads are hosted in a mix of public and private environments.  Discover public and private cloud usage by annual revenue, cloud adoption, industry and geography!

 

Mixed environmentsMixed environments

 

 

Companies use a blend of compute technologies

As companies seek to host more of their workloads in the cloud and begin developing applications specifically to run in the cloud – that is, cloud native applications – they also adopt cloud native technologies. These technologies include abstracted models that are independent of computing hardware, often referred to as computes.  We asked our survey takers about the compute technologies their organizations use.

 

The choices:

  • VMs, including hosts and IaaS
  • Containers
  • CaaS and managed container services such as Kubernetes
  • PaaS or serverless, and technologies such as FarGate, Cloud Run or Pivotal Cloud Foundry

Discover how companies use a blend of compute technologiesDiscover how companies use a blend of compute technologies

 

How much companies invest in cloud:

Discover how much companies invest in cloud. Perhaps the most interesting finding around cloud spending is that more investment does not necessarily correspond to using more cloud platforms.

 

expenditure.png

 

 

Challenges to cloud adoption:

Our survey respondents say the top challenges are the following:

  • Technical complexity
  • Maintaining comprehensive security
  • Compliance

Challenges in Moving to the CloudChallenges in Moving to the Cloud

 

Section 2:

The State of Securing the Cloud and Cloud Native Workloads:  Discover what's keeping cloud security folks awake at night.

 

Cloud security is an ever-moving goalpost: Four out of five of our survey respondents told us their company’s infrastructure is constantly evolving and three quarters of our survey respondents said that cloud security tools and solutions are outpaced by threats to their cloud systems

 

The threats and challenges to cloud security: Discover the top threats, top challenges and top priorities to cloud security.

 

toplists.png

 

Investing in cloud security: Discover how much companies invest in cloud security.

With multiple threats and challenges to the security of their cloud-hosted applications and data, we asked how much companies are investing in cloud security. How are companies employing their cloud budgets to deal with the wide range of threats and address their security priorities ? They’re buying tools, signing up for services and hiring people. 

 

Security team structure: Discover how companies vary in how they approach cloud security team structure.

 

Security tools and vendors: More does not always equal better

At a certain point, there are just too many tools and vendors. Training employees on security tools is one of the top challenges to providing comprehensive cloud security.  In fact, as companies achieve a higher level of security preparedness (discussed in the report), the top challenge to cloud security becomes training employees on tools, so rationalizing the use of fewer tools makes sense.  As teams gain more experience, they can identify overlaps between tools and vendor offerings and judge which ones best answer their particular needs. 

 

SECTION 3:

Measuring Security Preparedness:

We asked respondents to rate their organization’s overall security posture for cloud workloads. Eighty-four percent said their organization’s cloud security posture was “strong” or “very strong.” Given how many concerns respondents shared, this seemed odd and contradictory. Discover how we dug into our survey results to see if we could uncover a more nuanced picture of people’s feelings and perceptions around cloud security

 

We identified three levels of security preparedness among the surveyed organizations: low, medium and high.  Just 18% of companies are highly prepared to keep their cloud estates secure.

 

Discover common practices to organizations with high preparedness levels:

  • Companies at the highest level of cloud security preparedness are embedding security into their DevOps process and integrating security into the software development lifecycle.  
  • As companies increase their level of security preparedness, training employees on security emerges as the biggest challenge.
  • As companies improve security preparedness and expand security practices, they recognize that using many security tools can actually hinder cloud security.
  • As companies increase their security actions and preparedness, they reduce the number of security tools they’re using and say that a single, comprehensive cloud native security solution would improve their security.

 

Additional Information:

Executive Summary: The State of Cloud Native Security Report 2020

The State of Cloud Native Security 2020

https://www.paloaltonetworks.com/state-of-cloud-native-security

 

Thanks for taking time to read this blog.

If you enjoyed this, please hit the Like (thumbs up) button, don't forget to subscribe to the LIVEcommunity Blog.

 

As always, we welcome all comments and feedback in the comments section below.

 

Stay Secure,
Kiwi out!

 

 
3,097 Views
Labels