…Impressions on Cloud-native Security
In a recent research survey, ESG asked a panel of 232 security and IT professionals a series of questions about cloud-native security (i.e., security controls, management, and monitoring options built into cloud infrastructure and offered by cloud service providers (CSPs)). Here are a few of the data points we uncovered:
Fifty-seven percent of survey respondents believe that the native security controls provided by CSPs are sufficient in some but not all cases. In other words, cloud-native security controls must be supplemented with third-party enhancements occasionally or even regularly. This speaks to a need for cloud security managers of managers – especially in enterprise organizations with multi-cloud environments.
It appears that survey respondents see a master/slave relationship for cloud services and related cloud security controls. More than half (56%) of cybersecurity and IT professionals believe that security controls provided by a CSP should also support other IaaS/PaaS environments. So, if 75% of my cloud workloads reside on AWS and 25% reside on Azure and GCP, I probably want to control all cloud-resident security controls through an AWS interface rather than control each security domain separately.
To read the complete article, CLICK HERE