Download PDF version Contact company

Cloud Security Alliance (CSA), globally renowned organisation dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, and AlgoSec, global provider of business-driven network and cloud security management solutions, has announced the results of a new study titled, ‘Cloud Security Complexity: Challenges in Managing Security in Native Cloud, Hybrid and Multi-Cloud Environments.’

Complexities of cloud securityThe survey of security professionals aims to analyse the state of security in current hybrid and multi-cloud security environments

The survey of 700 IT and security professionals aims to analyse and better understand the state of adoption and security in current hybrid cloud and multi-cloud security environments, including public cloud, private cloud, or use of more than one public cloud platform.

Key findings of the study include:

  • Cloud creates configuration and visibility problems: When asked to rank on a scale of 1 to 4 the aspects of managing security in public clouds they found challenging, respondents cited proactively detecting misconfigurations and security risks as the biggest challenge (3.35), closely followed by a lack of visibility into the entire cloud estate (3.21). Audit preparation and compliance (3.16), holistic management of cloud and on-prem environments (3.1) and managing multiple clouds (3.09) rounded out the top five.
  • Human error and configuration mistakes the biggest causes of outages: 11.4% of respondents reported a cloud security incident in the past year, and 42.5% had a network or application outage. The two leading causes were operational / human errors in management of devices (20%), device configuration changes (15%) and device faults (12%).
  • Cloud compliance and legal concerns: Compliance and legal challenges were cited as major concerns when moving into the cloud (57% regulatory compliance; 44% legal concerns).
  • Security is the major concern in cloud projects: 81% of cloud users said they encountered significant security concerns. Concerns over risks of data losses and leakage were also high with users when deploying in the cloud (cited by 62%), followed by regulatory compliance concerns (57%), and integration with the rest of the organisations’ IT environment (49%).

Integrating multiple cloud services

As companies of all sizes are taking advantage of the value of the cloud with its improved agility and flexibility, they are also facing unique new security concerns, especially when integrating multiple cloud services and platforms into an already complex IT environment,” said John Yeoh, Global Vice President of Research, Cloud Security Alliance. “The study findings demonstrate how important it is for enterprises to have holistic cloud visibility and management across their increasingly complex hybrid network environments in order to maintain security, reduce the risk of outages and misconfigurations, and fulfil audit and compliance demands.

Multi-cloud and hybrid networks

This survey makes clear that there is no one-size-fits-all cloud deployment model"

This survey makes clear that there is no one-size-fits-all cloud deployment model: organisations are choosing to adopt and use cloud resources in the way that suits their business needs. But this cloud flexibility also creates many security challenges for today's enterprise. Irrespective of how they choose to use cloud resources, end-to-end visibility across the networks is critical to meet security and compliance obligations,” said Jeffrey Starr, CMO of AlgoSec. “Robust network security management and automation become increasingly mission critical. We see organisations moving to automate security management across native cloud, multi-cloud, and hybrid network estates, driving agility while ensuring continuous security for next-generation enterprise environments.

Commissioned by AlgoSec and conducted by the CSA, the survey also looked to uncover insights on topics such as workloads being used in or moved to the cloud and how they are being deployed/migrated; types of cloud platform(s) being used by companies; common security challenges faced by companies when deploying workloads in the cloud; methods of managing risk and vulnerabilities in the cloud environment; and causes of network or application outages and the amount of time it took to remediate.

Download PDF version Download PDF version

In case you missed it

Anviz Global expands palm vein tech for security
Anviz Global expands palm vein tech for security

The pattern of veins in the hand contains unique information that can be used for identity. Blood flowing through veins in the human body can absorb light waves of specific wavelen...

Bosch sells security unit to Triton for growth
Bosch sells security unit to Triton for growth

Bosch is selling its Building Technologies division’s product business for security and communications technology to the European investment firm Triton. The transaction enc...

In age of misinformation, SWEAR embeds proof of authenticity into video data
In age of misinformation, SWEAR embeds proof of authenticity into video data

The information age is changing. Today, we are at the center of addressing one of the most critical issues in the digital age: the misinformation age. While most awareness of thi...

Quick poll
What is the most significant challenge facing smart building security today?