As more organizations embrace hybrid cloud – with more than 50 percent claiming a hybrid cloud setup – and serverless, now used by close to third of organizations, they lack the tools and specialization to keep up, according to Alcide.
75 percent of respondents expect to see an increase in the number of security tools they rely on in the next year, while over half share they still manually configure security policies. The resulting complexity has the potential to slow critical business functions in the absence of an integrated security approach to distributed cloud environments.
Alcide’s report, conducted in August 2018 in conjunction with Informa Engage, reinforces the idea that new practices and technologies are disrupting traditional security practices, with findings including:
Cloud complexity increasing, with hybrid cloud as the new infrastructure normal
While virtual machines (VMs) remain the most common cloud computing environment (83%), containers (37%), serverless (28%), and service mesh (21%) are gaining traction.
Hybrid and multi-cloud approaches now make up more than three-quarters of all configurations (77%).
As cloud infrastructure complexity grows, security becomes a shared responsibility with DevOps
Fewer than half of organizations (45%) now have a dedicated security team responsible for the cloud, with 35% of all organizations now using either a DevOps team or dedicated DevSecOps team for security.
Serverless running in production; most bullish about its security
Despite some security concerns, the majority (57%) of serverless users are currently running it in both production and development.
The majority currently using serverless have a high degree of confidence in its security, while one third (32%) express a lack of confidence in the security of their environments.
Hybrid cloud complexity pushes Dev, Sec and Ops teams to look for more tools to secure their distributed environments
Over two-thirds (75%) expect to increase the number of tools in use over the next twelve months – with no one expecting to retire any tools in use
One-third of organizations reporting using more than five tools for cloud security
Proliferation of cloud security tools leave the enterprise vulnerable, point to need for intelligent policy automation
More than half (60%) of organizations rely on manual configurations of security policies for their apps, while almost all organizations (90%) rely on multiple individuals to configure and set policy rules.