In my previous post, I reviewed the four main insights from our recently published report with Enterprise Strategy Group (ESG), Beyond Cloud Adoption: How to Embrace the Cloud for Security and Business Benefits.
In this post, I’ll answer one question: Have we reached the tipping point for cloud proliferation? According to the report, the answer is yes. ESG surveyed 500 IT and security professionals working in the security operations center (SOC) chain of command at organizations with more than 1,000 employees in North America and Western Europe in Q1 of this year. They found that many organizations are starting to overcome traditional barriers to cloud adoption — such as concerns over how secure the cloud is — and are making the shift.
Not surprisingly, this trend accelerated during the pandemic, but it also led to increased complexity and amplified visibility gaps for security operations teams. So, while cloud adoption is on the rise, many organizations are still figuring out how to develop a comprehensive cloud strategy so they can reap all the benefits the cloud offers.
Pandemic-accelerated cloud adoption
According to the survey, 90% of organizations claimed they increased their use of public cloud computing due to the pandemic. Slightly more than 80% of organizations also accelerated their plans and timelines for public cloud computing. IT and security operations teams had to meet the demands of the “new normal” and remote work — the shift to the cloud was a big part of that. It was all hands on deck.
Given the highly unusual circumstances, companies simply had no choice but to accelerate cloud adoption plans to meet the access needs of end users. Businesses also had to adopt policies such as zero trust because their legacy virtual private networks couldn’t handle the immediate increase in remote users. Prior to the accelerated migration to remote work, investments to enable remote access were seen as too big and disruptive. But since the pandemic forced the transition to the cloud, many businesses are rethinking their cloud application transformation priorities.
Now, more than one-third of organizations claim that at least half of their applications and workloads reside in the public cloud today — this will only continue to increase. In fact, more than half of the ESG survey participants said that at least half of their applications and workloads will reside in the public cloud within two years.
Cloud-first and cloud-preferred policies emerge
The report also found that 41% of organizations have adopted a cloud-first policy, which means they’re deploying new applications using public cloud services by default. Anecdotally, I’ve been seeing many companies also adopting a cloud-preferred policy. From what I’ve observed, cloud-first policies are often IT-driven initiatives, presenting numerous financial, security, and digital transformation benefits. Cloud-preferred, however, is often driven by business owners and is more focused on reaching customers and reducing complexities in bringing new products to market. Cloud-preferred also takes existing on-premises and hybrid investments into consideration.
Whether businesses are adopting cloud-first or cloud-preferred approaches, it’s evident that many are moving away from only having workloads and applications on premises. The survey also found that only 14% of organizations maintain a policy of only deploying new applications on premises.
Based on these survey findings and trends, organizations are overcoming previous concerns about the cloud. Now, however, businesses must deal effectively with the increased complexity and growing data volumes that come with it. CISOs must also adjust their security strategies to prevent, detect and respond to cyberattacks on cloud-based applications and data.
We’ll dive into what this looks like in our next post. In the meantime, you can download our report, Beyond Cloud Adoption: How to Embrace the Cloud for Security and Business Benefits, to gain a better understanding of cloud adoption trends.