Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

New Hurwitz & Associates Report Focuses on Security in the Cloud

January 2018 by Lacework™ & Hurwitz & Associates

Lacework™ announced findings from “Balancing Velocity and Security in the Cloud”, the latest report from Hurwitz & Associates. Based on quantitative research, as well as qualitative interviews with industry practitioners, Hurwitz & Associates sees clear evidence that businesses are increasingly evolving their security strategy to advance their cloud strategy. The findings demonstrate that balancing velocity and security in the cloud starts with adopting new approaches to security.

“Customers are increasingly depending on cloud computing to support the need for business agility and speed of transformation. However, to be successful business leaders need assurance that cloud security is handled in a predictable manner through automation to ensure compliance and predictability,” according to Dan Kirsch, the study author and vice president, principle analyst at Hurwitz & Associates.

In the cloud, continuous integration practices shorten cycle times and improve efficiency. When confronted by the cloud’s increasingly complex and dynamic network environment, it is difficult for security to keep pace. According to the report, approximately 35% of the organizations surveyed are taking a cloud-first approach meaning that all new projects are done on the cloud. In addition, nearly 50% of participants are taking a selective approach to the cloud, where significant and large projects are being developed or migrated to the cloud while others will continue to remain on premises. The survey also found that automation is critical. Almost all respondents (95%) agreed that “cloud automation is increasingly important to meeting our business goals.” However, 40% of respondents felt that their security solutions aren’t as flexible and scalable as the rest of “our” cloud.

“The high velocity and scale of public clouds are shattering everything the security industry has assumed for the past 10 years,” said Sanjay Karla, co-founder and Chief Product Office at Lacework. “The acceleration of cloud adoption is now paving the way for security teams to deploy automated security solutions that naturally augment security teams’ ability to continuously validate their cloud configuration for security and maintain secure daily operations in the cloud.”

Survey respondents agreed that security is a top priority for their cloud solution. Additional findings by Hurwitz & Associates include:

• Asked to rank-order seven possible cloud solution characteristics, “safe and secure” topped over half of the lists (53%). The next most mentioned priority - “deliver new services and updates faster” - topped only 13% of the lists.
• 85% of respondents recognized that “cloud security is different than traditional data center security.”
• Only 35% of respondents felt that “security limits our ability to maximize the benefits of DevOps and operations automation,” and 78% agreed that “we fix security vulnerabilities fast enough to avoid significant business risk.”
• Nearly 75% agreed that “controlling vulnerabilities related to unpatched or downrev software is a challenge.”
• Only 35% felt “SIEM tools give us all the security visibility we need.”

Hurwitz & Associates surveyed 85 IT leaders from the Americas and Europe. Participating companies ranged from mid-size organizations to large enterprises. Most participants (56%) worked at organizations with more than 10,000 employees and a variety of industries are represented with most participants coming from: financial services, telecommunications & technology, manufacturing and retail.

Lacework delivers security and compliance capabilities specifically designed for the cloud, bringing speed, scale and automation to security processes that have traditionally be labor-intensive. The company recently announced new features that enable Amazon Web Services (AWS) customers to easily and continuously maintain an AWS cloud configuration that is compliant with proven security best practices. Lacework also introduced security controls targeted at AWS S3 buckets, enabling AWS customers to rapidly identify S3 buckets at risk or compromised due to misconfiguration. Through a targeted auditing of S3 configuration, Lacework ensures that all buckets are configured with best practices for logging, encryption and versioning, then provides continuous monitoring with AWS CloudTrail events and workload activity analysis.


See previous articles

    

See next articles












Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts