Get My Score

Hybrid Cloud Security Surveys

DevOps, Containers, and Hybrid Cloudsc | ESG Research

DevOps, Containers,
and Hybrid Clouds

Key Security Insights You Need to Know

Containers Are Complicating Hybrid Cloud Security

As enterprise organizations continue to expand how they use their data to maximize its potential value, they are increasingly looking to leverage data management and enablement (DM&E) or copy data management (CDM) solutions. The growing use of public cloud infrastructure, especially by those organizations leveraging services from multiple cloud providers, is driving the use of DM&E/CDM capabilities. ESG’s research indicates that the majority of businesses are using data management technology to orchestrate copies or re-use of data, and that cloud-based services and management are the leading drivers when it comes to these solutions.

Respondents use of containerization in a production capacity

56%

already in production
icons-database-administrator

40%

planning to test in the next 12 months

Growing Interest in DevSecOps

The continuous integration and delivery methodology of DevOps represents a means to automate securing hybrid clouds. Integrating security with DevOps—DevSecOps—enables automation use cases across dev, test, and production environments.

Respondent organizations plans for incorporating security processes and controls via its DevOps processes

icons-warning-shield

40 %

are evaluating security use cases that leverage their DevOps processes

group

Top DevSecOps Use Cases

The leading areas in which respondent organizations plan to employ DevSecOps

icon
icon

46 %

Identifying workload
Configuration vulnerabilities before
deployment to production

icon
icon

44 %

Applying controls which
can detect anomalous activity

icon
icon

44 %

Applying preventative
controls

icon
icon

42 %

Identifying software
vulnerabilities before
deployment to production

icon
icon

41 %

Identifying workload
configurations that are out of
compliance before deployment
to production

icon
icon

39 %

Applying controls which
capture system activity for
incident response
and forensics

The Rise of the Cloud Security Architect

But who will champion DevSecOps as part of a hybrid cloud cybersecurity strategy? Many organizations have created a cloud security architect role to drive cloud security strategies including leading the DevSecOps charge.

icons-collaborator-male

68%

of respondent organizations have an individual or group of individuals designated as “cloud security architects”

DevSecOps Will Help Enable a Unified Approach

While many organizations use separate controls to secure separate environments, the intention to unify cybersecurity controls for all server workload types across the infrastructure of a hybrid cloud requires a methodology. Implementing workload-based cybersecurity controls via DevSecOps promises to automate the application of consistent cybersecurity across disparate resources and locations.

Organizations current and future use of host-based, server workload security controls.
  • Separate controls for public cloud-based resources and on-premise VMs and servers

  • Unified controls for all server workload types across public cloud(s) and on-premise resources

70 %

30 %

icon
CURRENTLY

30 %

70 %

icon
MONTHS FROM NOW

Real-time Risk and Security Posture Management

When migrating to the cloud, security and visibility are the main concerns for C-level executives. We use an agentless approach to discover, assess, and help remediate both your cloud accounts - AWS, Azure, and GCP - and workloads - on-premise, cloud, and container - and stay on top of any risk related issues that are discovered.

LEARN MORE

CyberPosture Intelligence for the Hybrid Cloud

logo

Produced exclusively for Cavirin by The Enterprise Strategy Group, Inc. 2018
Source: ESG Master Survey Results, Trends in Hybrid Cloud Security, March 2018.

© 2018 Cavirin Systems, Inc. All rights reserved.