According to a Cloud Security Alliance report, 32% of respondents disclosed that they're struggling with prioritizing security improvements due to the overwhelming — and often incorrect — information they receive. Moreover, 34% find themselves buried under security recommendations, while an equivalent percentage lacks contextual or actionable insights to make informed decisions.
Currently, 51% of organizations are in the process of integrating security into their DevOps practices, with 35% reporting complete integration. The primary challenges include lack of security expertise (46%), insufficient automation (43%), an excessive number of false positives (42%) and lack of actionable feedback (42%).
The lack of manpower was identified as a significant challenge by 25% of respondents; an absence of formal response plans was reported by 29% of organizations and 39% reported the lack of automation as a key challenge. Just under half (43%) of organizations identified misconfigurations of permissions as their top concern.
Read the full report here.