Two-thirds (39%) of global organizations reported a surge in breaches over the past year, with IT complexity increasing and detection and response capabilities worsening, according to Palo Alto Networks.
The security vendor polled over 2500 respondents in the US, Australia, Germany, France, Japan, Singapore and the UK to compiles its latest study, The State of Cloud Native Security Report 2023.
It found that as enterprises move more of their data and workloads to the cloud, they’re finding it increasingly difficult to discover and remediate incidents quickly.
Over two-fifths (42%) reported an increase in mean time to remediate, while 90% said they are unable to detect, contain and resolve cyber-threats within an hour. Nearly a third (30%) reported a major increase in intrusion attempts and unplanned downtime.
Part of the challenge appears to be the complexity of their cloud security environments – partly caused by tool bloat.
Three-quarters (76%) said that the number of cloud security tools they use creates blind spots that affect their ability to prioritize risk and prevent threats, while a similar share (77%) said they struggle to identify what tools are necessary to achieve their objectives.
A previous Palo Alto study revealed that organizations rely on over 30 tools for security, including 6–10 cloud security products.
The report identified the top challenges to cloud security as:
- Managing holistic security across teams, so that development, operations, security and all other stakeholders work with a sense of shared responsibility to make “shift-left” a reality
- Embedding security across the cloud-native development lifecycle, so that only the right solutions are used at the right stage of application development
- Training staff to use security tools properly, across code, workloads, identities and data, and environments including PaaS, containers and serverless
- Lack of visibility into cloud vulnerabilities, which could be addressed by solutions to provide continuous and near real-time detection of misconfigurations, vulnerabilities and threats across the full application lifecycle
- Finding the right security tools to suit the needs of the organization. Teams need offerings that offer flexibility and choice to future-proof cloud security