Coalfire Releases 2020 Cloud Security Report
July 2020 by Coalfire
Coalfire released its latest research report, The Smartest Path to Your Secure Cloud, with collective insights, market research, and firsthand experience to help guide secure cloud deployments and operations. The report identifies key considerations, common pitfalls, and practical advice for professionals who have responsibility for enterprise cloud strategy, planning, adoption, and operations.
"Many organizations rush into digital transformation without aligning on strategic outcomes or taking the proper steps to plan," said Gregg Martin, VP, Solutions Engineering. "Using cloud as a strategic enabler of digital transformation and applying a roadmap for creating a secure cloud in the enterprise means avoiding blind spots and unnecessary missteps."
The report provides a planning guide based on research and insights from participating members of Coalfire’s Cloud Advisory Board, data results from actual cloud deployments, and lessons learned from cybersecurity professionals about their own digital transformation journeys. The research was designed to support security, privacy, and technical teams with integrating their cloud migration strategy across the enterprise by factoring in business and IT goals and the KPIs that will be leveraged to measure those achievements. Teams can use the report for strategy and implementation before, during, and post-deployment to move their cloud initiatives from concept to reality while optimizing security over time.
Cost was seen as a critical factor in cloud migration planning with many organizations having it as an expected business outcome, yet only 36% of survey respondents indicated that they realized cost savings. Proper planning was identified as the linchpin to successful cloud migration that leads to real business outcomes. Other key research findings include:
Beyond cost savings, more commonly reported business outcomes were increased responsiveness to customer needs (45%) and accelerated time to market (42%)
Planning to use legacy teams is risky, yet only 28% plan to augment existing teams with the outside expertise necessary
Despite the large blind spots created by not conducting a cloud readiness assessment, fewer than 50% of respondents plan to do so
Also troubling is the fact that fewer than 40% intend to appoint a management steering committee to ensure alignment from beginning to end, a proven best practice
The "shift-left" approach addresses quality review and testing earlier, thus reducing the chances that production defects lead to exploitation risks
The most prepared cybersecurity leaders initially integrate only a small number of applications to a security platform starting with low impact/low risk applications
Partnering your security practitioners with your cloud engineers helps ensure that any code and automation development or changes are supportive of security policy automations
67% of respondents plan to use code and automation
"The unprecedented shift to the cloud has forced companies to make complex decisions about digital transformation in this new era," said Mark Carney, EVP Cybersecurity Services. "We developed this research with the hope of advancing the cybersecurity community by building strong cloud security leaders and ensuring best practices are instilled in the cloud."