Existing security tools struggle with public clouds
The security of public clouds continues to be a major challenge, with 75 percent of respondents to a new survey saying they are 'very' or 'extremely' concerned about it.
The study from Check Point and Cybersecurity Insiders shows 68 percent say their organizations used two or more different public cloud providers, which means that security teams often have to use multiple security tools and management consoles to try to enforce security and compliance across the different environments.
Traditional security solutions either don't work at all, or only provide limited functions in cloud environments according to 82 percent, up from 66 percent in 2019. The leading threats cited by respondents are misconfiguration of the cloud platform (68 percent), up from third in 2019’s survey. This was followed by unauthorized cloud access (58 percent), insecure interfaces (52 percent), and hijacking of accounts (50 percent).
52 percent of respondents consider the risk of security breaches in public clouds to be higher than in traditional, on-premise IT environments. Just 17 percent see lower risks, and 30 percent believe the risks are about the same between the two environments.
On a positive note, 59 percent of organizations expect their cloud security budget to increase over the next 12 months. On average, organizations allocate 27 percent of their security budget to cloud security.
"The Report shows that organizations' cloud migrations and deployments are racing ahead of their security teams’ abilities to defend them against attacks and breaches. Their existing security solutions only provide limited protections against cloud threats, and teams often lack the expertise needed to improve security and compliance processes," says TJ Gonen, head of cloud product line at Check Point Software. "To close these security gaps, enterprises need to get holistic visibility across all of their public cloud environments, and deploy unified, automated cloud-native protections, compliance enforcement and event analysis. This way, they can keep pace with the needs of the business while ensuring continuous security and compliance."
You can get the full report from the Check Point site.