Aqua Security
Research Shows Nearly 70% of CISOs Believe Open Source Solutions Offer a Faster Path to Security
New CISO research reveals perceptions
on cloud native security and substantial progress in understanding benefits of
open source in security
Aqua Security,
the leading pure-play cloud native security provider, today issued new research
that shows that nearly 70% of chief information security officers (CISOs)
believe open source security solutions provide a faster way to secure their
environments. Likewise, 78% of CISOs believe open source solutions provide them
with access to the best and most current innovations in cloud security, and
more than 60% actively prefer to work with vendors who build open source
projects.
The
report is based on a survey, commissioned by Aqua, of 100 U.S.-based CISOs at
Fortune 1000 or larger companies representing a cross-section of industries.
Its purpose was to evaluate security decision makers’ understanding and
perspectives regarding cloud native security and the use of open source
software (OSS).
“Perceptions
of open source software are evolving. What was once seen as potential risk is
now seen as an enabler for both security and business,” said Paul Calatayud,
CISO at Aqua Security. “This is particularly relevant for cloud native
environments, which benefit from the rapid innovation and agility that are
common within the OSS community. These characteristics support CISO interest in
working with vendors who are actively supporting OSS projects.”
Perspectives
on Cloud Native Security
The
survey also evaluated CISO perspectives on risks and security approaches for
software security and cloud native environments. According to the report, 87%
of the respondents agree that securing the full application lifecycle —
including infrastructure, application code and workloads — is critical, and 84%
agree that automated security checks across the software supply chain can
actually accelerate software delivery.
More than
two-thirds of CISOs agree that the easiest first step to securing production workloads
is to begin with an inventory and assessment of the entire environment (68%).
Using a single source of truth for cloud security is favored by 69% of the
CISOs, who value it for cutting down on friction between different teams in
application development.
Among
other findings, the study shows that 88% of CISOs prioritize both active
protection and visibility for workloads as necessary to reduce business risk.
In fact, 9 out of 10 believe that active protection is a critical element of
cloud native security.
“Visibility
without active protection is not sufficient to keep cloud native environments
secure, which is why Gartner includes it
as a key capability of Cloud native Application Protection Platforms,”
Calatayud said. “Security teams need the ability to efficiently detect and
follow up on risks across their complex, distributed application portfolios,
which is why we see most CISOs consider active protection as a nonnegotiable
for cloud native security.”
Source: Aqua Security media announcement
