With
organisations
of
all
sizes
moving
more
of
their
operations
to
the
cloud,
a
majority
are
struggling
to
automate
cloud
security
and
mitigate
risks.
It’s
one
reason
why
many
companies
are
trying
to
improve
security
earlier
in
the
development
process,
and
looking
for
fewer
vendors
that
can
offer
more
security
capabilities.
Palo
Alto
Networks
has
published
its
2023
State
of
Cloud-Native
Security
Report.
The
report
surveyed
200
Australians
to
better
understand
their
cloud
adoption
strategies
and
how
they
work.
Cloud
Use
Has
Grown,
Along
With
Security
Concerns
–
The
expansion
of
hybrid
work
during
the
pandemic
drove
organisations
to
expand
their
use
of
clouds
by
more
than
25%
globally,
with
89%
of
Australian
businesses
expanding
their
use
of
cloud
by
more
than
30%
in
the
past
12
months.
As
a
result,
DevOps
teams
are
being
pressed
to
deliver
production
code
at
warp
speed
—
making
application
security
more
complex
and
putting
pressure
on
security
organisations
to
keep
pace.
Most
Organisations
are
Slow
to
Detect
and
Respond
to
Threats
–
93%
of
organisations
in
Australia
we
surveyed
said
they
could
not
detect,
contain
and
resolve
cyber
threats
within
an
hour.
A
majority
reported
a
weak
security
posture
and
believe
they
need
to
improve
their
underlying
activities
—
from
gaining
visibility
into
multiple
clouds
to
applying
more
consistent
governance
across
accounts
to
streamlining
incident
response
and
investigation.
Teams
Don’t
Understand
Their
Security
Responsibilities
–
When
asked
about
the
challenges
of
moving
to
the
cloud,
respondents’
top
concerns
remained
unchanged
from
our
2020
report:
struggles
with
comprehensive
security,
compliance,
and
technical
complexity.
A
large
majority
(75%)
of
organisations
in
Australia
said
they
had
distributed
responsibility
for
cloud
security
to
individual
teams.
Still,
over
half
(52%)
said
a
majority
of
their
workforce
does
not
understand
their
security
responsibilities.
A
Greater
Need
for
Code-to-Cloud
Security
–
As
more
applications
are
being
built
in
the
cloud
using
off-the-shelf
software,
there’s
a
risk
that
any
vulnerability
in
the
development
process
could
compromise
an
entire
application
later
on.
That’s
why
more
companies
are
encouraging
a
deeper
level
of
engagement
between
application
developers
and
security
tools
and
teams
—
with
87%
of
Australian
respondents
saying
they
have
embedded
security
professionals
inside
their
DevOps
teams.
“With
three
out
of
four
organisations
deploying
new
or
updated
code
to
production
weekly,
and
almost
40%
committing
new
code
daily,
no
one
can
afford
to
overlook
the
security
of
cloud
workloads,”
said
Ankur
Shah,
senior
vice
president,
Prisma
Cloud,
Palo
Alto
Networks.
“As
cloud
adoption
and
expansion
continue,
organisations
need
to
adopt
a
platform
approach
that
secures
applications
from
code
to
cloud
across
multi-cloud
environments.”
Moving
Towards
Consolidation
–
Three-quarters
of
the
leaders
we
surveyed
say
they
struggle
to
identify
which
security
tools
are
necessary
to
achieve
their
objectives.
This
has
led
many
of
them
to
implement
numerous
single-point
solutions
—
with
the
average
organisation
using
three
to
four
tools
dedicated
to
cloud
security.
The
sheer
number
of
security
tools
makes
it
difficult
for
leaders
to
have
in-depth
visibility
into
their
entire
cloud
portfolio.
80%
of
survey
respondents
reported
that
using
multiple
security
tools
creates
blind
spots
that
affect
their
ability
to
prioritise
risk
and
prevent
threats.
And
84%
said
they
would
benefit
from
a
centralised
security
solution
that
sits
across
all
of
their
cloud
accounts
and
services.
A
Clear
Path
Forward
–
Despite
the
upheaval
caused
by
the
pandemic,
organisations
have
mostly
been
able
to
succeed
in
their
cloud
expansions
—
and
organisations
that
made
cloud
infrastructure
a
strategic
focus
across
the
business
were
generally
more
successful.
This
makes
cloud
security
a
clear
enabler
of
business
outcomes.
Of
course,
better
security
does
not
guarantee
success.
But
having
security
under
control
—
consolidating
tools
and
vendors
and
using
proven
DevSecOps
and
security
automation
strategies
—
lets
development
teams
do
their
jobs
better,
and
gives
organisations
the
tools
they
need
to
succeed.
This
survey
was
administered
online
by
Palo
Alto
Networks,
and
data
was
gathered
from
November
21,
2022,
to
December
14,
2022.
Respondents
were
surveyed
from
across
the
globe,
spanning
the
U.S.,
Australia,
Germany,
the
UK,
Singapore
and
Japan.
Over
half
are
from
enterprise-sized
organisations
(over
$1B
in
annual
revenue),
and
respondents
were
gathered
from
both
ends
of
the
organisational
spectrum
between
executive
leadership
and
more
practitioner-level
roles
in
order
to
understand
sentiments
broadly
across
companies.
You
can
read
the
full
report
here.
About Author
