IT organizations are dealing with security issues and an increased use of cloud computing. This leads to a perfect storm of problems. In this ESG Blog Video, I discuss an upcoming ESG research project on these cloud security challenges for enterprise organizations. We will be looking to answer a lot of your questions and remove much of the confusion in the market.
Read the related ESG Research Report, Threat Intelligence and Its Role Within Enterprise Cybersecurity Practices.
Cyber security is hard, and it's getting harder. In fact, in a recent ESG research report we learned that 79% of security professionals believe that network security is more difficult than it was two years ago. This changes for a number of reasons. It's the dangerous threat landscape. It's IT complexity, but 21% of those people who said that network security was more difficult today pointed to their use of cloud computing as one of the reasons why it's becoming more difficult. Cloud computing isn't something we can ignore. In fact, 41% of organizations are using infrastructures as a service today, and 35% are using platform as a service today. And this will only increase.
So you've got security issues, and you've got the increased use of cloud computing. And that's a perfect storm of problems because cloud computing is virtual. There are lots of different cloud platforms, and cloud computing is often driven by the application development team using agile development and DevOps, so they need to do things very quickly, and they're moving workloads around a lot. That's antithetical to security where change is the enemy.
And so I've talked to a lot of companies, and they're asking what they do about this. They've invested lots of money into security controls and security processes. And those are really dedicated to the physical infrastructure, the data center, so how do they extend that goodness to the cloud without a totally redundant infrastructure? So what can they use, and what can't they use? What do they need to see? What visibility do they need? What controls do they need in the cloud? Are those controls different? And when cloud workloads move around, what does that do to regulatory compliance?
The users I'm talking to are really struggling with these issues, and thus ESG wants to do some research around this area. We're already talking to a lot of end user customers, big data center customers. But they're struggling with this issue. So we wanna continue those qualitative interviews, and we wanna supplement that with some quantitative data. And that's what we're really looking to do here because there are a lot of questions to answer. There's a lot of confusion in the market, and we wanna find out what's going on and really help find some solutions here.