New Radware Report: Organizations Admit They are Unprepared to Achieve Application Protection Across Multi-Cloud Environments

• 69% of companies admit they knew about breaches or exposures due to variations in multi-cloud security configurations
• 70% of companies are not confident in their ability to apply consistent security across on-premise and multi-cloud environments
• Less than half of organizations trust their security staff to maintain a strong security posture

Radware®, a leading provider of cyber security and application delivery solutions, today released its new report, Application Security in a Multi-Cloud World. The survey, which was conducted with Osterman Research, reveals that organizations continue to struggle to achieve consistent, high quality application security across hybrid and multi-cloud environments.

“While many organizations are running multiple tools to secure applications across an increasing number of cloud environments, according to our report, 70% of them are not confident in their ability to achieve consistent, quality protection. It’s a major problem that’s exposing companies to inherent security risks — and they recognize it,” said Haim Zelikovsky, vice president of cloud security services at Radware. “Combined with the eroding trust in public cloud security and cyber security staff, skilled talent shortages, and lack of visibility across cloud environments, you have a perfect storm for data breaches. It’s a wake-up call for organizations to change how security is managed so applications are protected at the highest level, regardless of where they are running.”

KEY FINDINGS

Multi-Cloud Usage is Rapidly Scaling Up

Survey respondents indicated that their adoption of multiple cloud services was most frequently driven by forces outside of the IT department, including business groups and shadow IT services. Currently, 58% of organizations deploy applications on two or more public cloud environments. Within the next 12 months, this figure is expected to rise to 63%.

Almost All Organizations are Hybrid

While cloud-native and cloud-only approaches are often heralded as the way of the future, they remain a niche approach. On-premise data centers and private cloud environments continue to host a significant proportion of applications.

• While usage of on-premise hardware data centers is gradually declining, over 80% of organizations still use them for some of their applications.

• Nearly all (98%) organizations combine at least two types of infrastructure, including on-premise data centers, and private cloud and public cloud platforms.

• Currently 45% of organizations deploy applications in a hardware data center, on a private cloud, and on at least two public clouds.

The Number of Security Tools Being Used is Increasing

As organizations juggle a changing mix of cloud platforms, the requirement for cloud security tools that offer consistent controls, policy, and visibility is becoming increasingly important.

• According to the survey, 49% of organizations use two or more cloud security tools.

• Three out of four (75%) respondents use a public cloud WAF and one out of two (50%) use a CDN-based WAF.

The Quality of Security and Visibility is in Jeopardy

The quality of multi-cloud protection is proving insufficient across a range of dimensions, creating inconsistencies and gaps that can be weaponized in cyber attacks.

• 70% of respondents are not confident in their ability to apply consistent and robust security across on-premise and multi-cloud platforms.

• 69% of respondents admit that they knew about data breaches or exposures due to variations in how application security was configured across different public cloud platforms.

• Respondents reported quality of protection of cloud applications (51%) as well as unified visibility (49%) and application protection coverage (38%) across multiple environments as problems or extreme problems.

Trust in Cloud Security is Declining

Lack of trust in the efficacy of multi-cloud security tools and security staff is making it even more difficult for organizations to protect themselves from threats that are increasing in frequency and intensity.

• Nearly two thirds (64%) of respondents indicated that they do not trust the security protections offered by public cloud platforms, compared to half of respondents a year ago.

• Less than half (45%) of organizations indicate they completely trust their security staff to configure and maintain a strong application security posture across the public cloud platforms they currently use for hosting applications.

Methodology

The survey includes responses from senior network security, DevOps and DevSecOps administrators, vice presidents of research and development, and application architects, among other security roles. The survey was conducted in 10 countries across North America, EMEA, APAC and LATAM.

Source: Radware media announcement