t cht lk hours , the fact that it can take days to remediate an alert is a cause for serious concern .
t cht lk hours , the fact that it can take days to remediate an alert is a cause for serious concern .
As organisations evolve from their early steps into cloud via the lift and shifting of on-premises applications to adopting properly cloud-native applications , there is an opportunity for revisiting cloud cybersecurity . However , this will only happen with organisations taking systematic steps to strengthen their cloud cybersecurity posture , on top of dealing with persistent cyber hygiene issues that have bedevilled cloud cybersecurity for years .
teams are rightly turning to tools for security assurance but are finding that over-tooling is making life harder and even creating security problems .
Again , our State of Cloud-Native Security survey shows that almost three-quarters of organisations feel the number of cloud security tools they use creates blind spots that affect their ability to prioritise risk and prevent threats . What makes this even more concerning is that more than 60 % of the organisations surveyed have operated in a cloud environment for more than three years .
A prime difference in cloud-native computing is how it adds incredible dynamism to cloud workloads . The most recent data we have on this is striking . In our State of Cloud-Native Security report , two-thirds of all organisations surveyed say that deployment frequency has increased or significantly increased over the past year . Also , 38 % of enterprises deploy code to production or release to end-users every day , with 17 % deploying multiple times a day .
To ensure these updates and deployments are secure , security needs to be embedded in a fast-moving development environment . Most developers are aware of their greater security responsibilities , but clearly , their prime job is to deliver new code that answers commercial needs and must be deployed rapidly . These dual demands are exposing a new tension in cloud cybersecurity where security and developer
So how can organisations who are growing their cloud environments keep pace with cybersecurity ?
Any solution needs to recognise the challenge faced by everyone involved . Security teams must help app teams secure their workloads while also securing a cloud environment that is getting ever more complex and made up of multiple layers including infrastructure , networks , VMs , containers , serverless functions , data , APIs , web apps , code , open-source libraries and much more .
With all that in mind , there are five steps that I would recommend :
• The payoff from embedding security early in the application life cycle is huge because it cuts the
78 INTELLIGENTCIO EUROPE www . intelligentcio . com