Virtualization Technology News and Information
Article
RSS
Coalfire/ESG Research Highlights DevSecOps Progress and Opportunities

In collaboration with Enterprise Strategy Group (ESG), cybersecurity provider Coalfire has released a research report confirming that cloud-native is resulting in more complex IT architectures and introducing new risks.

The report, "Cloud-Native Security Trends and Insights - Finding the Smartest Path to Your Secure Cloud," surveyed nearly 400 senior IT and security managers about their organization's expansion plans into cloud-native environments with continuous integration and deployment (CI/CD) controls. The research produced insights from across all major industry categories in the U.S. and Canada on how mid-market and large enterprises are integrating development security operations while moving workloads and infrastructure to immutable public cloud, SaaS, PaaS, and IaaS environments.

"The research we've completed with ESG confirms that cloud-native is quickly becoming the ‘new normal,' and that businesses will achieve majority adoption in just two to four years," said Coalfire CEO Tom McAndrew. "From the developer's laptop to production containers scaling dynamically in the cloud, security now spans every phase of application and product lifecycles. Though there is growing complexity in managing legacy systems in multi-cloud, heterogeneous environments, DevSecOps is the final ‘shift left' of security integration across all IT architectures."

Key report insights include:

  • Cloud-native is quickly replacing traditional IT, with a50%increase in cloud-resident workloads expected over the next two years.
  • The shift is resulting in more complex IT architectures comprised of containers, and serverless functions alongside now legacy, VM-based applications and bare metal servers.
  • 41%of respondents identified automation of the introduction of controls and processes within SDLC and CI/CD as a top priority.
  • New approaches to security are required, but only32%of organizations have fully incorporated security into the development operations process, the vast majority of respondents plan DevSecOps expansion in the next 12 to 24 months and consider it their highest priority.
  • There is a shift to a defense-in-depth approach with57%of organizations now leveraging a combination of CSP and 3rdparty tools -- up from 38% in 2019.
  • The need for breadth of coverage and depth of functionality is leading to the consolidation of point security tools, with73%of organizations preferring to embrace a consolidated, centrally managed set of controls over the next 24 months.

"Cloud-native is happening fast, and organizations will need to move quickly and creatively to keep up with best governance and risk management practices," said ESG's Doug Cahill, VP Analyst Services. "Making ‘security first' application and product development decisions is mission-critical to ensure protection across all attack surfaces in hyperscale, hybrid environments. ESG's research shows that IT and security leaders are managing decisively to secure their business futures in a rapidly maturing cloud that's right on the horizon."

Access the full report: coalfire.com/cloud-native-security-trends-and-insights

Published Wednesday, April 28, 2021 9:40 AM by David Marshall
Filed under:
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
top25
Calendar
<April 2021>
SuMoTuWeThFrSa
28293031123
45678910
11121314151617
18192021222324
2526272829301
2345678