Investment in cloud security is growing, Cyber Security Hub research has shown.
Cyber Security Hub surveyed 708 cyber security professionals about cloud security from April-May 2023, and when asked how they thought their company’s investments in cloud security would change over the next 12 months, 50 percent of respondents said it would either ‘slightly’ or ‘significantly’ increase.
Less than one in five (19 percent) said they thought investment would ‘slightly’ or ‘significantly’ decrease.
Source: Cyber Security Hub’s Future of Cloud Security survey, April–May 2023
This increase in investment is likely to do with the position most companies are in regarding their cloud security journey. For more than three fifths of respondents (64 percent), said their organization is just beginning the cloud adoption process. As this journey progresses, investment will increase.
When considering how to best roll out cloud security business-wide, cloud security architect and cyber security consultant Mayank Sharma advises that organizations look at it from a solution-building perspective.
“Look at what you want to achieve with cloud, which could be adding more automation, intelligent decision-making or introducing predictive analytics. Finding this business need is perhaps the most important step of the process. During this step, engage the business stakeholders, IT managers and enterprise architects. When you know what you want to create, research the services cloud can offer to support you in achieving this goal. This ‘vision’ is the key document which drives all the future work,” he explains.
How and why cloud security investment will increase
With cloud security an increasing priority, investment is only set to increase. This can be seen through Cyber Security Hub’s research, where 28 percent of respondents said that 21-30 percent of their cyber security budget is allocated to cloud security and 26 percent of respondents said 11-20 percent of their budget is allocated to cloud security.
When searching for cloud security technology to invest in, more than half of the respondents (56 percent) noted that they looked for the use of specialist terms like cloud security posture management (CSPM), cloud workload protection platform (CWPP), cloud infrastructure entitlement management (CIEM) and cloud-native application protection platform (CNAPP). One respondent, however, did note that they dislike when companies use these acronyms as “buzzwords” when advertising their cloud security offerings as it means that it can become confusing or unclear as to what the company’s actual offering is.
Source: Cyber Security Hub’s Future of Cloud Security survey, April–May 2023
In conclusion, when looking for cloud security services to invest in, cyber security professionals want to ensure the services addressed are specialized to their security environment. As the majority are at the start of their cloud adoption journey, they want to make sure these services properly address the issues unique to their security landscape. This means they are more wary of products that seem to over-promise and use buzzwords rather than demonstrate how they are able to keep an environment safe.