Round a 3rd of firms say that between 50-75% of their apps are cloud native, but 20% don’t have any cloud native safety technique in place.
That is based on a examine by Aqua Safety, which additionally discovered that 68.3% of respondents to its survey additionally admit that they don’t seem to be acquainted with the time period CNAPP (Cloud Native Utility Platform Safety), the cloud native safety idea launched by analyst agency, Gartner.
Paul Calatayud, CISO at Aqua Safety, mentioned: “As increasingly more functions are constructed and run within the cloud, it’s no shock that we’re seeing risk actors shift their focus to focus on cloud native environments. This calls for a brand new strategy to safety. Many organisations within the UK are starting to know that cloud native safety is not only a ‘good to have’, however there’s a clear want for extra training within the UK and past.”
When requested about their general cybersecurity priorities, practically a 3rd of UK corporations (29.8%) mentioned that cloud native utility safety is a essential cloud safety precedence – extra necessary than SaaS Apps (20.2%) and Identification & Entry Administration (28.8%). Nonetheless, regardless of this practically half of respondents (44%) depend on ‘free’ safety choices from their cloud suppliers which don’t ship the visibility and management wanted to minimise cloud native utility threat.
When questioned about worries they’d referring to cloud native safety, 49% mentioned their restricted understanding of the dangers, and lack of expertise have been among the many highest areas of concern. Different areas of concern included restricted or no funds (53%), integration with current instruments and inadequate staffing (each at 42.3%).
Respondents’ general lack of knowledge about cloud native safety is underpinned by the truth that lower than a 3rd of respondents (32.7%) think about cloud misconfigurations to be their largest safety concern. Malware assaults (54%), social engineering and phishing assaults (56.7%) and insider threats (32.9%) have been thought-about riskier.
With regards to who’s chargeable for cloud native safety inside an organisation, the bulk (55.8%) said that this sits with the IT safety groups. Solely round a fifth of respondents (20.5%) attributed cloud native duty to DevOps and Safety mixed groups.
Calatayud mentioned: “Questions round dangers and duty illustrate the confusion round cloud native. It’s projected that cloud native will assist greater than 90 % of latest digital initiatives by 2025, so we’re at a essential level the place cloud native safety have to be prioritised by each the safety and DevOps groups. Conventional instruments are merely not efficient, and organisations should search out options that may cease cloud native assaults at each stage.”
Need to study extra about cloud and cyber safety from business leaders? Try Cyber Safety & Cloud Expo. The following occasions within the collection can be held in Santa Clara on 11-12 Might 2022, Amsterdam on 20-21 September 2022, and London on 1-2 December 2022.
Discover different upcoming enterprise know-how occasions and webinars powered by TechForge right here.