The Cloud Security Alliance launches cloud security survey
The Cloud Security Alliance (CSA), a worldwide organisation dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, has released the findings of its latest survey, ‘Cloud Security and Technology Maturity’. Commissioned by CyberRes, a Micro Focus line of business, software providers, the survey offers insight into organisations’ current and future plans regarding cloud strategy, security strategy, cloud services, and cloud-related technologies.
The survey gathered 256 responses from IT and security professionals from various organisation sizes, industries, locations, and roles.
Hillary Baron, lead author and research analyst, Cloud Security Alliance says: “Cloud is a continuously evolving space with new services, strategies, and technologies springing up seemingly overnight. It’s imperative, therefore, that organisations regularly change and adapt their approach to cloud and cloud security.
“While many of the survey's findings were in line with what we would expect, it was surprising that some technologies that have garnered the most hype are not, in fact, what organisations are planning to implement.”
Despite the introduction of the General Data Protection Regulation (GDPR) in 2018, privacy-by-design is in the development stage with two-thirds of the organisations (65%) either currently building or planning to build the strategies, while only eight percent of respondents indicated having a fully implemented privacy-by-design strategy. Similarly, the survey found that while blockchain and distributed ledger technology have been hyped for years, implementation rates have stagnated, likely as a result of high failure rates stemming from a lack of technical knowledge coupled with a high demand on resources. Quantum-safe security and 5G are also not seeing widespread implementation to date, with further analysis needed to analyse causes and predict a more robust implementation timeline.
Satya Divadari, Head of Enterprise Security Architecture, CyberRes, a Micro Focus line of business says: “The results of this survey were just as notable for what it did find, as what it didn’t reveal. The growing popularity of artificial intelligence, machine learning, and Zero Trust, for instance, was definitely in keeping with what we have been hearing anecdotally across the industry, but there were also some surprises in what companies aren’t using. While multi-cloud adoption is strongly favoured, many organisations are facing challenges in taking deployments to a next level. There is a higher need to provide security technologies that help alleviate these concerns.”
The survey’s key findings
- Organizations are utilising multi-cloud despite the challenges.
- Although the concept of privacy-by-design was introduced over a decade ago, 26 percent of organisations have no plans to implement a privacy-by-design strategy, indicating low maturity in this space.
- The top three cloud-related technologies that organisations plan to implement in the next two years are zero trust (60%), artificial intelligence (AI)/machine learning (43%), and serverless computing (42%).
- Use of software-defined perimeter (47%), attack service management (45%), and Cloud Security Posture Management (45%) is expected to increase in the next two years.
- The top technologies that organisations are not planning to use are blockchain (59%), quantum-safe security (54%), and 5G (49%).
The survey, which was conducted with CyberRes and CSA’s Bangalore Chapter, gathered 256 responses from IT and security professionals from various organization sizes, industries, locations, and roles. Sponsors are CSA Corporate Members who support the research project’s findings but have no added influence on the content development or editing rights of CSA research.