Skip to content
Security Operations

New Devo report shows organizations how to embrace the cloud for better security outcomes

By Gunter Ollmann, CSO, Devo

June 14, 2021

Devo recently published a new research report, Beyond Cloud Adoption: How to Embrace the Cloud for Security and Business Benefits, based on a survey conducted by Enterprise Strategy Group (ESG).

ESG surveyed 500 IT and security professionals working in the security operations center (SOC) chain of command at organizations with more than 1,000 employees in North America and Western Europe. The survey took place in the first quarter of 2021.

This is the first in a series of posts about the report. It presents the key findings of the survey and their impact on organizations at various stages of cloud adoption.

The following chart shows where respondents are positioned in terms of their organization’s adoption of cloud solutions. Cloud Evangelists, at 22% of the market, are those organizations with both high adoption of cloud computing for business apps/workloads and high adoption of cloud-based security controls.

Cloud computing adoption is here — and here to stay

Organizations of all sizes are moving business-critical workloads to the cloud as part of their digital transformation — developing cloud-native applications, adopting modern DevOps practices, and embracing SaaS solutions. For many organizations, the pandemic accelerated plans as businesses and workers had to adapt quickly to new ways of working.

Here are a few key statistics from the survey:

  • Cloud-first organizations outnumber on-premises organizations by three-to-one.
  • 81% of respondents say COVID-19 quickened their organizations’ cloud timelines and plans.
  • Respondents from these organizations reported a 200% increase in plans to move more than 75% of their apps/workloads to the cloud.
  • 86% of companies are placing cloud options in their decision process for new applications.
  • More than 40% of respondents say their organization is choosing the cloud as its first option.

While some organizations work with a single cloud service provider, many are increasingly choosing a “multi-cloud” approach. Working with two or more public cloud providers enables organizations to use the best service features for their business, regardless of which cloud provider offers it. Organizations are increasingly conscious of vendor lock-in and are actively building solutions that are cloud-platform agnostic. This can work well for IaaS, container, and common PaaS workload architectures, but it also adds security management complexities.

That’s one of the key reasons we built the Devo Platform and applications as multi-cloud solutions. This approach gives our customers the cloud flexibility they seek while ensuring they can maintain the highest level of security.

Cloud computing drives increased complexity

While cloud computing brings many benefits, the survey results also show that moving to the cloud causes many organizations to experience a rapid increase in IT and security complexity.

Organizations taking a multi-cloud approach are likely to face the most complexity, including:

  • Juggling APIs for multiple cloud platforms to ensure all systems work together seamlessly.
  • Coordinating built-in cloud security capabilities with whatever additional security solution(s) they use.
  • Managing numerous automation and configuration details.

Most enterprises would significantly reduce complexity and improve security if they selected a single cloud provider’s solution/stack — but that is rarely a preferred path.

Every company that wasn’t “born in the cloud” is forced to operate in hybrid (both on-premises and cloud technologies) mode. Having half your business systems on premises and half in the cloud doubles the complexity. On-premises SecOps takes the same amount of effort it always has, but hybrid companies also must deal with cloud issues. These organizations require aggregating technologies that automatically bring together both sets of data visibility, policy, and risk management.

Hybrid organizations are likely to face employee skills headaches. These enterprises may be able to train existing staff in the “ways of the cloud,” but the SecOps staff must continue to execute their existing on-premises responsibilities. Not surprisingly, it takes more effort and vigilance to secure older on-premises systems. That uneven split in time spent performing on-premises vs. cloud security can cause employees’ newly acquired cloud skills to atrophy quickly. In addition, security teams can gain basic SecOps skills through training, but developing advanced expertise requires hands-on experience, which takes time.

The global security skills shortage is less about “skills” and more about “experience.” Enterprises face the difficult problem of training their existing teams in cloud SecOps to retain them while having to backfill vacant SecOps posts tasked with securing legacy on-premises workloads. Managers also fear that training their teams in cloud security but not moving them to full-time cloud SecOps work will cause them to leave — which is happening all too frequently as experienced security professionals are in exceptional demand.

Increased data volumes — and new threats — are driving security technologies to the cloud

Two connected challenges — having to secure escalating amounts of data and a corresponding increase in cyberthreats — are driving businesses to move their security technologies to the cloud so they can obtain better visibility into an increasingly complex environment. The continual rise in data volume is coming primarily from cloud (not legacy on-premises) systems. It makes much more sense to focus your security efforts where critical data is most accessible and cheapest to process — which is the cloud. Even in multi-cloud environments, which require organizations to shuffle voluminous cloud data to their preferred cloud aggregation point, that costly process is still a relative bargain compared to on-premises data storage and security costs.

Because public cloud resources are so well-instrumented (i.e., for cloud providers to bill correctly they must meter and monitor every consumed resource), every compute/storage/network packet is logged and auditable. This gives SecOps teams unparalleled visibility into their cloud-based resources. While this does create high volumes of data to manage and secure, it also highlights to SecOps teams, with crystal clarity, just how poor their visibility is into non-cloud resources. In response, security teams are either prioritizing moving as many of those resources to the cloud (so they can get that data visibility) or are purchasing new “cloudified” security products and increasing logging levels to elevate their legacy on-premises visibility.

Leading organizations adopt both cloud computing and security

Leading organizations are increasing security training and budgets, adopting cloud-based security data lakes, and trying to increase security monitoring for cloud-based applications and workloads. Businesses that do this are not only better equipped to deal with emerging cyberthreats that target the cloud, but they also experience better business outcomes.

The practical reality is that most enterprises will remain hybrid for at least the next decade or more. And multi-cloud environments will simply become the norm. Fortunately, organizations that deploy a truly cloud-native, SaaS-based SIEM will be able to handle the compute/security workload of this fast-moving space, regardless of what assets they have or what environment they’re located in.

Diving deeper

The next blog in this series will take an in-depth look at the adoption of cloud computing. If you can’t wait to learn more, download the report Beyond Cloud Adoption: How to Embrace the Cloud for Security and Business Benefits to obtain a greater understanding of where your organization is on its cloud journey.

More Data. More Clarity. More Confidence.