As organisations develop and deploy more cloud applications, security becomes more complicated.
Many organisations are adopting a hybrid or multi-cloud approach, which has expanded the attack surface and increased complexity. Security teams often struggle to manage and secure their various private and public cloud workloads and environments. And even though multi-cloud adoption has many benefits, dealing with multiple tools adds management complexity, making it difficult or impossible to apply consistent security policies across all cloud environments.
Worse, the level of security complexity often grows over time as organisations continue to add cloud services, leading to even more management challenges and costs.
The 2024 Cloud Security Report was conducted by Cybersecurity Insiders and sponsored by Fortinet to gain insights into the challenges organisations face in protecting their cloud environments and the strategies they prioritise. The report is based on a comprehensive survey of 927 cybersecurity professionals worldwide and offers insights into the current trends driving cloud security.
Preference for Hybrid and Multi-Cloud Continues
In 2024, a majority of organisations (78%) are opting for hybrid and multi-cloud strategies. Of those organisations, 43% use a hybrid of cloud and on-premises infrastructure, and 35% have a multi-cloud strategy.
These numbers represent only a slight increase from two years ago when 39% of organisations were using hybrid cloud and 33% multi-cloud.
“After years of rapid adoption, cloud growth has slowed as the market matured. At this point, the hype appears to have found its equilibrium, and the benefits of cloud computing are well understood” noted Gary Peel, Cloud BDM for Fortinet in Africa. “Organisations with IT needs that can benefit from cloud flexibility and agility or that require services unique to cloud environments are able to move forward with their projects”, he added.
“Most organisations also recognise that security needs to be included in their cloud strategies. The cybersecurity challenges associated with the cloud and the need for enhanced security measures in cloud environments have become more critical in the face of new AI-based threats. In fact, 78% of organisations report being very or extremely concerned about cloud security. Security is clearly a priority, with 61% of respondents anticipating that their cloud security budget will increase over the next 12 months.”
Organisations report that they plan to increase their cloud security budget by 37% in an effort to safeguard sensitive data and comply with regulatory standards in today’s increasingly cloud-oriented landscape.
Technical and Resource Challenges Continue
Despite continuing cloud adoption, challenges remain in implementing consistent multi-cloud security. Security and compliance issues are the top concern (59%), acting as a roadblock to faster adoption of multi-cloud strategies. Organisations also cite technical challenges (52%) and resource constraints (49%) as barriers to cloud adoption.
Achieving visibility and policy control within complex multi-cloud infrastructures can be difficult, and the cybersecurity skills gap only compounds the issue. The lack of people with cloud security expertise is a serious issue, with 93% of respondents saying they are moderately to extremely concerned about the industry-wide skills shortage.
Simplification and Automation Using a Platform Approach
Because hybrid and multi-cloud environments are complex, securing them is difficult. However, a vast majority of organisations (95%) say that a unified cloud security platform with a single dashboard would help protect data consistently and comprehensively across the entire cloud footprint.
Instead of dealing with the inefficiencies of managing multiple disparate security systems, security teams that take advantage of a single integrated cloud security platform benefit from more straightforward integration, automation, and reduced management overhead, which can help improve visibility, provide consistent policy enforcement, and mitigate the cybersecurity skills gap.
Gain Visibility and Control
“Organisations should look for a vendor that offers unified cloud security solutions that deliver consistent policies, centralised management, and end-to-end visibility across and between cloud environments,” says Peel. “With security automation enabled across all clouds, you can securely build, deploy, and run applications anywhere with consistent protections in place. The best cloud security solutions provide visibility and control across public and private clouds and data centers, strengthening security and reducing deployment complexity,” he concludes.
To read more insights about the current state of cloud security, you can download the report here.