Cloud adoption continues to permeate throughout organizations as they embrace agile software development. While they are seeing great dividends in cost-effectiveness and flexibility, building security throughout the software development lifecycle is proving to be difficult, citing increased misconfigurations from user error. At the moment, there is a severe learning curve around DevSecOps and organizations are struggling to find the right expertise to plug this knowledge gap.
Key Survey Findings Include:
• Up 10% from last year, a quarter of organizations (27%) have experienced a public cloud security incident. This year misconfigurations (23%) have clinched the top position as the number one security-related incident, surpassing exposed data by user (15%) and account compromise (15%) from last year.
• Organizations continue to rely on multi-cloud solutions with 76% of respondents using two or more cloud providers, compared to just 62% from the previous year. While cost (61%) and ease of use (58%) initially drove their security decision between cloud-native versus independent cloud security solutions, managing multiple cloud vendors has created a greater complexity than first imagined.
• It’s clear organizations are embracing more agile software development. Today, 35% of respondents have more than 50% of their workloads in the cloud, with 29% stating that they anticipate moving this number up to 75% of workloads in the cloud in the next 12-18 months.
• 61% of respondents have already integrated their DevOps toolchain into cloud deployments, yet organizations are still struggling with the lack of expertise that bridges security and DevOps. Only 16% of respondents have comprehensive DevSecOps in place, with 37% starting to incorporate some aspect of DevSecOps within the organization.
We would like to thank CheckPoint for supporting this important industry research project. We hope you’ll find this report informative and helpful as you continue your efforts in securing your organizations against evolving threats.