A majority of IT leaders surveyed by Valtix said they realize their employees lack the necessary skills to manage multi-cloud security.
As more organizations migrate data, software and other key assets to the cloud, many adopt a multicloud approach through which they must work with several online vendors and environments for different tasks. That strategy can lead to complexity, especially in the area of cybersecurity. Faced with so many cooks in the kitchen, so to speak, internal IT and security staffers have to keep their eyes on a variety of disparate providers and systems.
SEE: Multicloud: A cheat sheet (TechRepublic)
A report released Wednesday by multi-cloud security provider Valtix looks at the security challenges involved in a multi-cloud strategy. For its “2022 Multi-Cloud Security Report,” Valtix commissioned an independent research firm to survey 200 IT leaders in the US about the issues they face with multi-cloud security, the tools they use, the tools they want to use, and the skills they need to secure multiple cloud platforms.
A full 95% of the respondents said they’re making multi-cloud a priority in 2022, with almost all of them putting security at or near the top of the list. Yet only 54% said they feel confident that they have the tools and skills necessary to achieve this goal. More than three-quarters believe that multi-cloud operations are underfunded at their company.
More specifically, 67% of the IT leaders feel their own employees are underskilled when it comes to multi-cloud security. Less than half feel confident that every application in their public cloud is known. And only slightly more than half are confident that network or host-based security is in place across all their public cloud accounts.
“IT leaders are entering 2022 in a precarious state when it comes to multi-cloud security,” said Valtix CEO Douglas Murray. “They are underfunded, underskilled, and inefficient at executing on security within multi-cloud strategy. The reality is that managing several cloud providers multiplies threats, work, and headcount. With multi-cloud becoming more relevant in 2022, organizations are looking to find the best solutions to implement multi-cloud security policy and visibility.”
To help your organization better handle security in a multi-cloud environment, Murray proffers the following advice:
- Create a sustainable model for multi-cloud security. By devising their cloud security over the span of several years, many organizations wind up with a piecemeal assortment of different tools and technologies. A multi-cloud environment can make that even worse. As some point, you may need to restart with a clean slate to rebuild your cloud security from the ground up.
- Know your cloud environments. Security begins with visibility. Less than half of the IT leaders surveyed felt highly confident that the right people are aware of every public cloud account in use. That lack of knowledge inevitably leads to a security gap. As such, make sure you have the right tools to close this gap.
- Find ways to consolidate your cloud security. Juggling different security policies and processes for each cloud-based environment is a major pain point for 91% of the respondents. This type of fragmentation not only creates headaches with everyday operations but throws obstacles in the path of deploying new workloads and responding to security incidents. One way to start consolidating your cloud security is to find out which tools are in place for which tasks and who owns each tool.
- Adopt a security strategy that is cloud (or multi-cloud) first. A majority of the IT leaders polled said they see cloud security as different than on-premises security, yet they also see it as an extension of their existing data center. This type of conflicting attitude can lead an organization to try to adapt a data center tool to work in the cloud. Instead, you want to adopt a cloud-first and multi-cloud-first approach to your security tools and strategy.
- Make multi-cloud security an imperative in 2022. Managing multi-cloud security is a problem that most organizations should have anticipated. And the longer you avoid the challenges, the worse they’ll get. The best way to deal with this is to choose to make multi-cloud security an imperative next year. As 83% of the IT leaders surveyed said they’re adding more funds to their multi-cloud security budgets in 2022, perhaps this message is getting across.