Cloud Security

IT pros struggle to hire, train staff to implement multi-cloud architecture

Cloud services
Lack of training and complexity are cited as major bottlenecks while deploying cloud-based technologies, according to Aviatrix research. (Photo by Sean Gallup/Getty Images)

Aviatrix on Monday reported that 64% of those surveyed are struggling to hire or train staff with the necessary skills to properly design and implement an effective multi-cloud network architecture.

The researchers said lack of training (50%), in-house training (43%) and cloud complexity (42%) were cited as the major bottlenecks facing enterprises while deploying cloud-based technologies.

In terms of specific skills, respondents said cloud platform expertise (62%), cloud security (42%), and multi-cloud networking (46%) are cited as the cloud skills that are most pressing for organizations.

Not all enterprises are looking at multi-cloud, however those that are need to invest in multiple threads of certifications from each vendor to ensure their staff are competent with their platforms, said Andrew Barratt, vice president at Coalfire. While there’s a growing skills gap, Barratt said he’s not sure it’s because a lack of content.

“As someone who’s regularly involved in mentoring both my own team and students at a number of different training providers, cloud skills are often the first that they go to due to the availability of training and the ease of which a virtual lab can be ‘spun up’ to learn from,” Barratt said. “I do see some significant gaps in the cloud networking space — but not in the traditional sense. As people learn cloud first — and also networking from a cloud perspective — I’ve seen some significant ‘first principle’ concepts getting missed if more traditional switching and routing classes were not taken first due to some nuanced optimizations that are done in the cloud, as well as the abstraction the public clouds all provide.”

Sanjay Raja, vice president of product marketing and solutions at Gurucul, said with each cloud architecture being very unique and requiring extensive cloud training and certifications, this complexity extends to security teams needing to understand how to configure security capabilities and monitor for security threats as effectively as on-premise solutions. Raja said even more challenging is that while most security solutions gather and correlate data across multi-cloud and hybrid deployments, security vendors are also incapable of developing analytical capabilities necessary to help security operations teams detect and respond to attack campaigns that are often spread and subsequently hidden across these environments.

“Security teams need to augment their existing tools with solutions that are not only built for the cloud, but can also have a mature set of data ingestion, analytics, and machine learning models to address this new set of tactics that threat actors are effectively using to stay hidden within organizations that leads to a successful breach,” Raja said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.