Snyk on Tuesday reported that some 80% of organizations have experienced at least one severe cloud security incident in the past year. The incidents include data breaches, data leaks, and intrusions into their environments.
The study also found that 41% of respondents say cloud-native services increase complexity, further complicating their security efforts. On a brighter note, 49% of those surveyed said the cloud has made deployments faster.
“This new research should serve as a wake-up call that our collective cloud security risk is universal and will only continue to grow if we double down on outdated approaches and legacy tools,” said Josh Stella, vice president, chief architect, Snyk. “The outlook is not entirely dire, as the data also clearly reveals that shifting cloud security left and embracing DevSecOps collaboration can allow global organizations to continue their current pace of innovation more securely.”
Cloud complexity and simplifying security has become absolutely one of the biggest issues facing CISOs today, said Tyler Shields, CMO at JupiterOne. Shields said there’s a massive shift to cloud native systems and technologies for both the products and services companies provide, as well as for the entire infrastructure organizations run their businesses on.
“Many of the more recent, modern, multi-billion dollar valuation companies do not have any traditional on-premises infrastructure and have built their businesses from day one entirely in the cloud,” Shields said. “As larger enterprises move more and more towards a cloud-native environment, this will become the norm, resulting in huge cloud complexity and an acute need for cybersecurity capabilities that support this new paradigm.”
Aaron Cockerill, chief strategy officer at Lookout, said security leaders deal with the same budgetary pressures that all the other sectors of an organization face. Cockerill said CIOs and CISOs need to invest responsibly in tools that can secure sensitive data, but also boost an organization’s productivity and bottom line.
“All of the companies that I deal with have made the transformation to the cloud at this point,” Cockerill said. “Because of this, it’s widely accepted and understood that there needs to be cloud security in place to protect their sensitive and business data. Frankly, companies that are not making these types of decisions look a lot like dinosaurs.”