Valtix conducted by an independent research firm, which reveals the top challenges, opportunities and strategies IT leaders are dealing with when it comes to multi-cloud security. The survey of more than 200 IT leaders in the U.S. finds that while 95% of businesses are making multi-cloud a strategic priority in 2022, with security being top of mind (96%), only 54% feel highly confident that they have the tools or skills they need to execute. In fact, 76% of respondents believe it is “underinvested” at their respective companies when it comes to multi-cloud operations in general.
More than half (51%) of IT leaders surveyed resist moving to multiple cloud platforms due to added security complexities, even though 92% of them know at some point business growth will demand it. 82% agree that the complexities of implementing and managing multi-cloud security have slowed down business agility. As a result, most companies face a substantial gap between multi-cloud security and the business’s cloud needs, which many believe will drive the next wave of high-profile security incidents if not prioritized.
Additional key highlights from the research include:
- 62% of organizations are multi-cloud, and 84% that aren’t on multi-cloud expect to be within two years.
- 83% of companies are committing additional budget to multi-cloud security in 2022. On average, these companies plan to increase those budgets by 47%.
- 67% of companies recognize that their employees are underskilled when it comes to multi-cloud security.
- Only 48% feel highly confident that every application workload in their public cloud accounts is known.
- Only 55% feel highly confident they have a network or host-based security deployed across all of their public cloud accounts and the app workloads that run there.
Tim Bach, Vice President of Engineering at AppOmni, says, “It’s not surprising that a majority of IT leaders are concerned about multi-cloud expansion given they are frequently expected to address cloud security concerns without having the tooling to do that job in a secure, efficient way. Whether their focus is on security monitoring for cloud infrastructure providers, such as Google Cloud, AWS, and Microsoft Azure, or the increasingly more complex security needs for the dozens of SaaS platforms their businesses rely on, CIOs and CISOs are expected to manage security controls and monitoring for an increasing number of clouds that house more and more sensitive data and critical business processes. In order to help IT and security leaders feel confident in their ability to support an organization’s multi-cloud expansion, those teams need to be empowered with purpose-built, automated security solutions that stay current with the updates and nuances of each SaaS application. Security technologies that can alert and educate in-house security practitioners about potential issues and suggest ways to solve them will continue to be the most scalable solution to this problem.”
When it comes to managing and securing apps across multiple clouds:
- 96% of IT leaders say their job would be easier if they had one console view to manage their security across multiple clouds.
- Not having visibility into cross-cloud security controls and policy creates more work for 82% of IT teams.
- 89% of IT leaders recognize that cloud security is different from an on-premises approach, suggesting that IT leaders look for cloud-native security solutions purpose built to secure cloud workloads.
Kevin Dunne, President at Pathlock, says, “More than ever, companies are feeling pressure to adopt a multi-cloud solution to provide great resiliency and flexibility to the business. Multicloud comes with benefits when it comes to key cloud pain points like unexpected outages or increasing costs to renew cloud services. While multi-cloud may provide business benefits, it does increase security risk. The multiple clouds in place must communicate with each other, which introduces the risk of data being lost during transmission. Additionally, many of the security solutions built into the providers themselves only work on their own cloud, so they lose sight of any user behavior or risk as it traverses cloud environments. Additionally, there is increased effort for security professionals to understand each different cloud provider and the tools available to them on each platform. Customers who are adopting multi-cloud environments must invest in best-of-breed tools that offer interoperability and normalization across these various cloud environments. Solutions to manage these platforms must not only integrate into these cloud platforms but also provide the ability to understand and react to threats across the cloud landscape via a standardized interface. When the right security tooling is in place, it is possible to adopt a multi-cloud environment and reap the business benefits of the solution without taking on unnecessary risk.”
A complimentary copy of the full report can be downloaded at valtix.com/lp/2022-multi-cloud-security-report.