Forecasts are painting a rather bleak picture of cloud security over the next half a decade, with a skill shortage in the field and more sophisticated cyberattacks.
As more organizations continue to migrate part or wholesale to the cloud, security threats are becoming more commonplace, with bad actors building and using software specifically for cloud applications and services. On top of that, the lack of skilled staff has led to compliance and audit violations, alongside internal leaks through poor governance.
According to cloud cybersecurity firm Synk in its State of Cloud Security report, 80 percent of organizations experienced a serious cloud incident last year, with a further 25 percent worried they have suffered a cloud data breach but are unaware of it. The most prominent incidents cited in the report include system downtime (34%), cloud data breach (33%), and environment intrusion (27%).
Forecasts are painting a rather bleak picture of cloud security over the next half a decade, with a skill shortage in the field and more sophisticated cyberattacks. In the report, 58 percent of developers and security professionals expect an increased risk over the next year, with only 24 percent of respondents anticipating a decrease in risk.
In addition to an increased threat, respondents are also concerned about the amount of resources used, with 45 percent saying it takes up significant cloud engineering resources. This also has an impact with deploying applications on time and hiring or retaining engineers.
Even with the challenges to maintain adequate security, there are clear motivations for improvement. Engineers cited environment security as their top priority, while security professionals were more concerned about security and cloud engineering productivity.
The objectives of cloud security differ depending on the size of the organization, with enterprises prioritizing environment security and startups focused on gaining better security visibility and streamlining the process.
“Cloud engineers are taking more ownership of cloud security, and our research shows why,” said Guy Podjarny, founder of Synk. “Shifting cloud security left helps them keep their infrastructure as code secure pre-deployment, improving security and saving them and the security team from wasting time running down and remediating misconfigurations. Everyone gets to move faster and more securely.”
With improved cloud security, 49 percent of organizations noticed a speedier deployment time with less risks associated with it. A further 48 percent said that the security team was able to do more with the time that they had, and 44 percent said improved security had lead to better collaboration between teams. Other results from improved cloud security included re-investment in cloud engineering resources and more capability to attract and retain engineering talent.